Vulnerability in Thinkst Applied Research Canarytokens
CVE-2026-12888
An HTML injection vulnerability exists in the Google Chat webhook notification sent by Thinkst Applied Research Canarytokens, enabling Interface Manipulation in Google Chat. An attacker can insert limited HTML content including links. T…
Affected products
- Thinkst Applied Research Canarytokens — versions sha-4aef1db90, 4aef1db90