Debian 13 — php-league-commonmark — multiple vulnerabilities (3 CVEs) — patch and remediation guide
🟡 Medium ⏱ 10–30 min Last verified: 25 May 2026 Affected versions: Debian 13 (trixie) 📖 ~4 min read • Source: Debian Security Tracker Related CVEs: CVE-2025-46734 CVE-2026-30838 CVE-2026-33347 Upstream summary: league/commonmark is a PHP Markdown parser. A cross-site scripting (XSS) vulnerability in the Attributes extension of the league/commonmark library (versions 1.5.0 through 2.6.x) […]