CVE-2026-12888
LowCVSS 2.0Exploitation Probability (EPSS)
Low risk20th percentile — higher than 20% of all known CVEs
Summary
An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links.
Risk Assessment
This vulnerability may lead to user interface manipulation, potentially resulting in fraud or phishing in the context of communication in Google Chat.
Recommendation
It is recommended to update Canarytokens to a version after sha-8ab4dccd to mitigate this vulnerability and to monitor webhook notifications for potential abuse.
Original NVD description (English source)
An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. This issue affects Canarytokens: from Docker tag sha-4aef1db90 before sha-8ab4dccd, from Git commit 4aef1db90 before 8ab4dccd.

