Armis Vulnerability Intelligence Database

By combining AI with human insight, Armis Vulnerability Intelligence Database offers extended coverage for vulnerabilities that matter to you, your industry, and provides you with clear remediation instructions.

CVE Name	Severity Score	Published Date	CISA KEV

Take These Insights to the Next Level

Armis now offers direct API access to Armis Vulnerability Intelligence Database through the AWS Marketplace, transforming it from a powerful research tool into an integrated component of your proactive security posture.

Seamless Integration: Directly feed Armis's contextual data into your existing stack.
Automated Workflows: Automate vulnerability lookups in real-time.
Custom Solutions: Use the raw data to build custom dashboards, reports, alerts.

Insights Hero

Perspectives, Insights, and News

News article image

This Year Vulnerability Management Moves from the Basement to the C-suite

The evolution of cybersecurity practices are reshaping how organizations tackle vulnerabilities.

News article image

Closing the Loop

Making security everyone's business with prioritization and collaboration.

READ CASE STUDY→

News article image

The State of Cyberwarfare

The state of Cyberwarfare

Focus on What Matters

See everything.Identify true risk.Proactively mitigate threats.Book a Demo

Let's talk!

CVE-2026-41591 | Medium Severity | Armis

`, ``) to inject arbitrary HTML or JavaScript.\n","articleBody":"A cross-site scripting (XSS) vulnerability in the Marko JavaScript framework allows attackers to break out of ``, ``) to inject arbitrary HTML or JavaScript.\n\n\nCVE-2026-41591 is a cross-site scripting vulnerability (CWE-79) affecting the Marko web framework. When dynamic text is interpolated into `` or ``. Successful exploitation can result in the execution of attacker-controlled scripts in a victim's browser, potentially leading to session hijacking, credential theft, or further malicious actions. The vulnerability carries a CVSS v3.1 score of 6.4 (Medium) with a changed scope, indicating cross-boundary impact beyond the vulnerable component itself.\n","datePublished":"2026-05-08T16:16:11.000Z","dateModified":"2026-05-13T09:05:37.555Z","keywords":"Medium, 2026, CVE, vulnerability, cybersecurity, CVSS","url":"https://cve.armis.com/CVE-2026-41591","author":{"@type":"Organization","name":"Armis","url":"https://www.armis.com"},"publisher":{"@type":"Organization","name":"Armis","url":"https://www.armis.com"},"license":"https://creativecommons.org/licenses/by-nc-sa/4.0/","isBasedOn":{"@type":"WebPage","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41591","name":"NVD CVE-2026-41591"},"additionalProperty":[{"@type":"PropertyValue","name":"CVSS Score","value":"6.4"},{"@type":"PropertyValue","name":"Severity","value":"Medium"},{"@type":"PropertyValue","name":"EPSS Score","value":"0.03%"},{"@type":"PropertyValue","name":"EPSS Percentile","value":"8th"},{"@type":"PropertyValue","name":"Attack Vector","value":"NETWORK"},{"@type":"PropertyValue","name":"Attack Complexity","value":"LOW"},{"@type":"PropertyValue","name":"Privileges Required","value":"LOW"},{"@type":"PropertyValue","name":"User Interaction","value":"NONE"},{"@type":"PropertyValue","name":"Scope","value":"CHANGED"},{"@type":"PropertyValue","name":"Confidentiality Impact","value":"LOW"},{"@type":"PropertyValue","name":"Integrity Impact","value":"LOW"},{"@type":"PropertyValue","name":"Availability Impact","value":"NONE"}]},{"@context":"https://schema.org","@type":"FAQPage","mainEntity":[{"@type":"Question","name":"What is CVE-2026-41591?","acceptedAnswer":{"@type":"Answer","text":"A cross-site scripting (XSS) vulnerability in the Marko JavaScript framework allows attackers to break out of ``, ``) to inject arbitrary HTML or JavaScript.\n"}},{"@type":"Question","name":"How severe is CVE-2026-41591?","acceptedAnswer":{"@type":"Answer","text":"CVE-2026-41591 has a CVSS score of 6.4 (Medium severity). EPSS score: 0.03% (8th percentile), indicating the estimated probability of exploitation in the wild."}},{"@type":"Question","name":"How do I fix CVE-2026-41591?","acceptedAnswer":{"@type":"Answer","text":"Users of the `marko` package should upgrade to version **5.38.36 or later**. Users of the `@marko/runtime-tags` package should upgrade to version **6.0.164 or later**. Both updates include patches that correct the case-insensitive closing tag detection logic to prevent tag breakout regardless of the casing used in closing tags. As an interim measure where upgrading is not immediately possible, developers should ensure that any user-supplied input rendered inside `

CVE-2026-41591:

A cross-site scripting (XSS) vulnerability in the Marko JavaScript framework allows attackers to break out of <script> or <style> tags using mixed-case closing tags (e.g., </SCRIPT>, </Style>) to inject arbitrary HTML or JavaScript.

Score
A numerical rating that indicates how dangerous this vulnerability is.

Published Date:May 8, 2026
CISA KEV Date:*No Data*
Industries Affected:20

Threat Predictions

EPSS Score:0.0
EPSS Percentile:8%

Exploitability

Score:3.1
Attack Vector:NETWORK
Attack Complexity:LOW
Privileges Required: