CVE-2026-13140
LowCVSS 1.1Exploitation Probability (EPSS)
Low risk8th percentile — higher than 8% of all known CVEs
Summary
CVE-2026-13140 involves stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier.
Risk Assessment
Organizations may be vulnerable to XSS attacks that could lead to data theft or session hijacking. The exposure of API keys may also result in unauthorized access to AWS resources.
Recommendation
It is recommended to update to Canarytokens version after sha-f5aa5c4e and secure API keys from unauthorized access.
Original NVD description (English source)
Stored Cross-Site Scripting in the exposed AWS API key store of Thinkst Applied Research Canarytokens. Anonymous exploitation requires knowledge of a random identifier. This issue affects Canarytokens: from Docker tag sha-4116b92cb before sha-f5aa5c4e, from Git commit 4116b92cb before f5aa5c4e.

