CVE-2025-26770

Summary

CVE-2025-26770 is a Cross-site Scripting (XSS) vulnerability affecting the Waymark software from version n/a through 1.5.0. This issue arises due to improper input neutralization during web page generation. An attacker can exploit this flaw to inject and execute malicious scripts in users' web browsers, potentially stealing sensitive information or taking control of their accounts. The consequences could lead to data breaches, identity theft, or unauthorized access to systems. Users are strongly advised to update their Waymark software to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.