Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
5.3
Badlogic Pi-Mono 0.58.4 allows hackers to inject malicious code
CVE-2026-5533
Summary
A security flaw in Badlogic Pi-Mono 0.58.4 allows hackers to inject malicious code into a website, potentially stealing data or taking control of user sessions. This means hackers can access your website's visitors' personal info or take actions without their permission. To stay safe, update to the latest version of Badlogic Pi-Mono as soon as possible.
Original title
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact H...
Original description
A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Handler. This manipulation causes cross site scripting. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
nvd CVSS2.0
5.0
nvd CVSS3.1
4.3
nvd CVSS4.0
5.3
Vulnerability type
CWE-79
Cross-site Scripting (XSS)
CWE-94
Code Injection
Published: 5 Apr 2026 · Updated: 5 Apr 2026 · First seen: 5 Apr 2026