CVE 8.7 HIGH SiYuan: Lute HTML sanitizer allows `` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client_CVE-2026-54759</h1> <div class="entry-meta"> <span class="meta-date"> <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="3" y="4" width="18" height="18" rx="2"/><path d="M16 2v4M8 2v4M3 10h18"/></svg> June 24, 2026 </span> <span class="meta-author"> <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M20 21v-2a4 4 0 0 0-4-4H8a4 4 0 0 0-4 4v2"/><circle cx="12" cy="7" r="4"/></svg> invoker </span> <span class="meta-category"> <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 19a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V5a2 2 0 0 1 2-2h5l2 3h9a2 2 0 0 1 2 2z"/></svg> category_cve </span> </div> </header> <div class="entry-content"> <div class="security-detail"> <!-- CVSS Hero --> <div class="cvss-hero cvss-hero--high"> <div class="cvss-hero-score"> <span class="cvss-number">8.7</span> <span class="cvss-max">/ 10</span> </div> <div class="cvss-hero-info"> <span class="cvss-severity-label">HIGH</span> <div class="cvss-vector-row"> <code>CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N</code> <button class="copy-btn copy-btn--small" onclick="SecurityNews.copyToClipboard('CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N')" title="Copy vector"> <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg> </button> </div> </div> </div> <!-- Description --> <section class="detail-block"> <h3 class="detail-block-title">Description</h3> <div class="detail-block-body description-text"> SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove <iframe> elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious <iframe> in a Bazaar package README that executes arbitrary commands on the victim's machine when the package details are viewed. No package installation is required. This vulnerability is fixed in 3.7.0. </div> </section> <!-- AI Analysis --> <section class="detail-block detail-block--ai"> <h3 class="detail-block-title"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M12 2a4 4 0 0 0-4 4v2H6a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2h-2V6a4 4 0 0 0-4-4z"/></svg> AI Analysis </h3> <div class="detail-block-body"> <p>Arbitrary command execution via malicious iframe in Bazaar package README</p> </div> </section> <!-- Direct Link --> <!-- Info Grid --> <div class="detail-grid"> <!-- Basic Information --> <section class="detail-card"> <h4 class="detail-card-title"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><circle cx="12" cy="12" r="10"/><path d="M12 16v-4M12 8h.01"/></svg> Basic Information </h4> <div class="info-row"> <span class="info-label">ID</span> <span class="info-value mono">CVE-2026-54759</span> </div> <div class="info-row"> <span class="info-label">Source</span> <span class="info-value">GitHub_M</span> </div> <div class="info-row"> <span class="info-label">Published</span> <span class="info-value">Jun 24, 2026 at 21:21</span> </div> </section> <!-- Affected Product --> <section class="detail-card"> <h4 class="detail-card-title"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="2" y="3" width="20" height="14" rx="2"/><path d="M8 21h8M12 17v4"/></svg> Affected Product </h4> <div class="info-row"> <span class="info-label">Vendor</span> <span class="info-value">siyuan-note</span> </div> <div class="info-row"> <span class="info-label">Product</span> <span class="info-value">siyuan</span> </div> <div class="info-row"> <span class="info-label">Version</span> <span class="info-value mono">< 3.7.0</span> </div> <div class="info-row info-row--stacked"> <span class="info-label">Affected Versions</span> <span class="info-value info-value--list">siyuan-note siyuan < 3.7.0</span> </div> </section> <!-- CWE --> <section class="detail-card"> <h4 class="detail-card-title"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg> CWE Classification </h4> <div class="cwe-chips"> <a href="https://cwe.mitre.org/data/definitions/79.html" target="_blank" rel="noopener" class="cwe-chip">CWE-79</a> </div> </section> <!-- AI Scores --> <section class="detail-card detail-card--ai"> <h4 class="detail-card-title"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M12 2a4 4 0 0 0-4 4v2H6a2 2 0 0 0-2 2v10a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V10a2 2 0 0 0-2-2h-2V6a4 4 0 0 0-4-4z"/></svg> AI Assessment </h4> <div class="info-row"> <span class="info-label">AI Score</span> <span class="info-value"><strong>8.7</strong> / 10</span> </div> <div class="info-row"> <span class="info-label">AI Severity</span> <span class="info-value">High</span> </div> <div class="info-row"> <span class="info-label">Vendor</span> <span class="info-value">siyuan-note</span> </div> <div class="info-row"> <span class="info-label">Product</span> <span class="info-value">SiYuan</span> </div> <div class="info-row"> <span class="info-label">Version</span> <span class="info-value mono">< 3.7.0</span> </div> </section> </div> <!-- References --> <section class="detail-block"> <h3 class="detail-block-title">References</h3> <ul class="reference-list"> <li> <a href="https://github.com/siyuan-note/siyuan/security/advisories/GHSA-r6v5-4c66-f6pw" target="_blank" rel="noopener noreferrer" class="ref-link"> <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M18 13v6a2 2 0 0 1-2 2H5a2 2 0 0 1-2-2V8a2 2 0 0 1 2-2h6"/><polyline points="15 3 21 3 21 9"/><line x1="10" y1="14" x2="21" y2="3"/></svg> <span class="ref-host">github.com</span> <span class="ref-path">/siyuan-note/siyuan/security/advisories/GHSA-r6v5-4c66-f6pw</span> </a> </li> </ul> </section> <!-- Raw JSON Drawer --> <div class="json-drawer"> <button class="json-drawer-toggle" type="button" aria-expanded="false"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M14 2H6a2 2 0 0 0-2 2v16a2 2 0 0 0 2 2h12a2 2 0 0 0 2-2V8z"/><polyline points="14 2 14 8 20 8"/></svg> <span class="drawer-title">Raw JSON Data</span> <svg class="drawer-arrow" width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="m6 9 6 6 6-6"/></svg> </button> <div class="json-drawer-content" style="display: none;"> <div class="json-toolbar"> <button class="copy-btn" onclick="SecurityNews.copyToClipboard("{\"lastseen\":\"\",\"description\":\"SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove <iframe> elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious <iframe> in a Bazaar package README that executes arbitrary commands on the victim's machine when the package details are viewed. No package installation is required. This vulnerability is fixed in 3.7.0.\",\"published\":\"2026-06-24T21:21:57.842Z\",\"modified\":\"2026-06-24T21:21:57.842Z\",\"type\":\"cve\",\"title\":\"SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client\",\"source\":\"GitHub_M\",\"references\":\"https:\\\/\\\/github.com\\\/siyuan-note\\\/siyuan\\\/security\\\/advisories\\\/GHSA-r6v5-4c66-f6pw\",\"id\":\"CVE-2026-54759\",\"bulletinFamily\":\"\",\"cwe\":[\"CWE-79\"],\"cvelist\":null,\"sourceData\":\"siyuan-note siyuan < 3.7.0\",\"sourceHref\":\"\",\"cvss\":{\"score\":8.7,\"severity\":\"HIGH\",\"vector\":\"CVSS:4.0\\\/AV:N\\\/AC:L\\\/AT:N\\\/PR:N\\\/UI:P\\\/VC:H\\\/VI:H\\\/VA:H\\\/SC:N\\\/SI:N\\\/SA:N\",\"version\":\"4.0\"},\"cvss2\":[],\"cvss3\":{\"version\":\"\",\"vectorString\":\"\",\"baseScore\":0,\"baseSeverity\":\"\",\"attackVector\":\"\",\"attackComplexity\":\"\",\"privilegesRequired\":\"\",\"userInteraction\":\"\",\"scope\":\"\",\"confidentialityImpact\":\"\",\"integrityImpact\":\"\",\"availabilityImpact\":\"\",\"cvssV3\":{\"version\":\"\",\"vectorString\":\"\",\"baseScore\":0,\"baseSeverity\":\"\",\"attackVector\":\"\",\"attackComplexity\":\"\",\"privilegesRequired\":\"\",\"userInteraction\":\"\",\"scope\":\"\",\"confidentialityImpact\":\"\",\"integrityImpact\":\"\",\"availabilityImpact\":\"\"}},\"href\":\"\",\"category_name\":\"CVE\",\"post_link\":\"\",\"product\":\"siyuan\",\"version\":\"< 3.7.0\",\"vendor\":\"siyuan-note\",\"ai_description\":\"Arbitrary command execution via malicious iframe in Bazaar package README\",\"ai_severity\":\"High\",\"ai_vendor\":\"siyuan-note\",\"ai_product\":\"SiYuan\",\"ai_version\":\"< 3.7.0\",\"ai_score\":8.7}")"> <svg width="14" height="14" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><rect x="9" y="9" width="13" height="13" rx="2"/><path d="M5 15H4a2 2 0 0 1-2-2V4a2 2 0 0 1 2-2h9a2 2 0 0 1 2 2v1"/></svg> Copy JSON </button> </div> <pre class="json-content" data-raw-json="{ "lastseen": "", "description": "SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove <iframe> elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious <iframe> in a Bazaar package README that executes arbitrary commands on the victim's machine when the package details are viewed. No package installation is required. This vulnerability is fixed in 3.7.0.", "published": "2026-06-24T21:21:57.842Z", "modified": "2026-06-24T21:21:57.842Z", "type": "cve", "title": "SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client", "source": "GitHub_M", "references": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-r6v5-4c66-f6pw", "id": "CVE-2026-54759", "bulletinFamily": "", "cwe": [ "CWE-79" ], "cvelist": null, "sourceData": "siyuan-note siyuan < 3.7.0", "sourceHref": "", "cvss": { "score": 8.7, "severity": "HIGH", "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" }, "cvss2": [], "cvss3": { "version": "", "vectorString": "", "baseScore": 0, "baseSeverity": "", "attackVector": "", "attackComplexity": "", "privilegesRequired": "", "userInteraction": "", "scope": "", "confidentialityImpact": "", "integrityImpact": "", "availabilityImpact": "", "cvssV3": { "version": "", "vectorString": "", "baseScore": 0, "baseSeverity": "", "attackVector": "", "attackComplexity": "", "privilegesRequired": "", "userInteraction": "", "scope": "", "confidentialityImpact": "", "integrityImpact": "", "availabilityImpact": "" } }, "href": "", "category_name": "CVE", "post_link": "", "product": "siyuan", "version": "< 3.7.0", "vendor": "siyuan-note", "ai_description": "Arbitrary command execution via malicious iframe in Bazaar package README", "ai_severity": "High", "ai_vendor": "siyuan-note", "ai_product": "SiYuan", "ai_version": "< 3.7.0", "ai_score": 8.7 }">{ "lastseen": "", "description": "SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, Lute's HTML sanitizer does not remove <iframe> elements. Combined with the SiYuan Electron client's permissive security configuration, an attacker can include a malicious <iframe> in a Bazaar package README that executes arbitrary commands on the victim's machine when the package details are viewed. No package installation is required. This vulnerability is fixed in 3.7.0.", "published": "2026-06-24T21:21:57.842Z", "modified": "2026-06-24T21:21:57.842Z", "type": "cve", "title": "SiYuan: Lute HTML sanitizer allows `<iframe>` tags in Bazaar package README, leading to arbitrary command execution via SiYuan Electron client", "source": "GitHub_M", "references": "https://github.com/siyuan-note/siyuan/security/advisories/GHSA-r6v5-4c66-f6pw", "id": "CVE-2026-54759", "bulletinFamily": "", "cwe": [ "CWE-79" ], "cvelist": null, "sourceData": "siyuan-note siyuan < 3.7.0", "sourceHref": "", "cvss": { "score": 8.7, "severity": "HIGH", "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0" }, "cvss2": [], "cvss3": { "version": "", "vectorString": "", "baseScore": 0, "baseSeverity": "", "attackVector": "", "attackComplexity": "", "privilegesRequired": "", "userInteraction": "", "scope": "", "confidentialityImpact": "", "integrityImpact": "", "availabilityImpact": "", "cvssV3": { "version": "", "vectorString": "", "baseScore": 0, "baseSeverity": "", "attackVector": "", "attackComplexity": "", "privilegesRequired": "", "userInteraction": "", "scope": "", "confidentialityImpact": "", "integrityImpact": "", "availabilityImpact": "" } }, "href": "", "category_name": "CVE", "post_link": "", "product": "siyuan", "version": "< 3.7.0", "vendor": "siyuan-note", "ai_description": "Arbitrary command execution via malicious iframe in Bazaar package README", "ai_severity": "High", "ai_vendor": "siyuan-note", "ai_product": "SiYuan", "ai_version": "< 3.7.0", "ai_score": 8.7 }</pre> </div> </div> </div> </div> <footer class="entry-footer"> <div class="entry-tags"><span class="tags-label">Tags</span><div class="tag-list"><a href="https://zero.redgem.net/?tag=cve" rel="tag">CVE</a><a href="https://zero.redgem.net/?tag=cvss" rel="tag">CVSS</a><a href="https://zero.redgem.net/?tag=cvss-8.7" rel="tag">CVSS-8.7</a><a href="https://zero.redgem.net/?tag=exploit" rel="tag">exploit</a><a href="https://zero.redgem.net/?tag=high" rel="tag">HIGH</a><a href="https://zero.redgem.net/?tag=news" rel="tag">news</a><a href="https://zero.redgem.net/?tag=security" rel="tag">Security</a><a href="https://zero.redgem.net/?tag=tapic" rel="tag">tapic</a><a href="https://zero.redgem.net/?tag=vulnerability" rel="tag">Vulnerability</a></div></div> <div class="post-navigation"> <div class="post-nav-grid"> <a href="https://zero.redgem.net/?p=65525" class="post-nav-link post-nav-prev"> <span class="post-nav-dir"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="m15 18-6-6 6-6"/></svg> Previous </span> <span class="post-nav-title">SiYuan: Stored XSS to RCE via attribute-view cell...</span> </a> <a href="https://zero.redgem.net/?p=65527" class="post-nav-link post-nav-next"> <span class="post-nav-dir"> Next <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="m9 18 6-6-6-6"/></svg> </span> <span class="post-nav-title">Appsmith: Caddy admin API exposed without authentication_CVE-2026-55454</span> </a> </div> </div> </footer> <!-- RedGem CTA --> <aside class="redgem-cta-card"> <div class="cta-inner"> <div class="cta-text"> <h3>Stay Protected with RedGem</h3> <p>AI-powered attack surface monitoring, dark web intelligence, and vulnerability scanning in one platform.</p> </div> <div class="cta-actions"> <a href="https://www.redgem.net" class="btn-primary" target="_blank" rel="noopener">Start Free Trial</a> <a href="https://www.redgem.net/demo" class="btn-secondary" target="_blank" rel="noopener">Request Demo</a> </div> </div> </aside> </article> <div id="comments" class="comments-area"> <div id="respond" class="comment-respond"> <h3 id="reply-title" class="comment-reply-title">💭 Join the Security Discussion <small><a rel="nofollow" id="cancel-comment-reply-link" href="/?p=65526#respond" style="display:none;">❌ Cancel Reply</a></small></h3><form action="https://zero.redgem.net/wp-comments-post.php" method="post" id="commentform" class="comment-form security-comment-form"><div class="comment-notes"> <p>🔒 Your email address will not be published. Required fields are marked <span class="required">*</span></p> <p>⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.</p> </div><div class="comment-form-comment"> <label for="comment">💬 Your Comment <span class="required">*</span></label> <textarea id="comment" name="comment" cols="45" rows="8" maxlength="65525" required="required" placeholder="Share your thoughts on this security advisory..."></textarea> </div><div class="comment-form-author"> <label for="author">👤 Name </label> <input id="author" name="author" type="text" value="" size="30" maxlength="245" /> </div> <div class="comment-form-email"> <label for="email">📧 Email </label> <input id="email" name="email" type="email" value="" size="30" maxlength="100" /> </div> <div class="comment-form-url"> <label for="url">🌐 Website</label> <input id="url" name="url" type="url" value="" size="30" maxlength="200" /> </div> <p class="comment-form-cookies-consent"><input id="wp-comment-cookies-consent" name="wp-comment-cookies-consent" type="checkbox" value="yes" /> <label for="wp-comment-cookies-consent">Save my name, email, and website in this browser for the next time I comment.</label></p> <div class="g-recaptcha" style="transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: 0 0; -webkit-transform-origin: 0 0;" data-sitekey="6LejfrMsAAAAAMk9PFMJ2LRof2S86gzzKEJO8mZX"></div><script src='https://www.google.com/recaptcha/api.js?ver=1.34' id='wpcaptcha-recaptcha-js'></script><p class="form-submit"><input name="submit" type="submit" id="submit" class="submit-comment-btn" value="📤 Post Comment" /> <input type='hidden' name='comment_post_ID' value='65526' id='comment_post_ID' /> <input type='hidden' name='comment_parent' id='comment_parent' value='0' /> </p></form> </div><!-- #respond --> </div> </div> </div> </main><!-- #primary --> </div><!-- #content --> <footer id="colophon" class="site-footer"> <div class="footer-accent"></div> <div class="container"> <div class="footer-top"> <div class="footer-brand"> <div class="footer-logo"> <img src="https://www.redgem.net/logo.png" alt="zero redgem" width="100" height="80" class="footer-logo-img" /> </div> <p class="footer-tagline">Your trusted source for security vulnerabilities, exploits, and CVE intelligence. Part of the RedGem security platform.</p> <div class="footer-social"> <a href="#" aria-label="Twitter" title="Follow us on Twitter"> <svg width="16" height="16" viewBox="0 0 24 24" fill="currentColor"><path d="M18.244 2.25h3.308l-7.227 8.26 8.502 11.24H16.17l-5.214-6.817L4.99 21.75H1.68l7.73-8.835L1.254 2.25H8.08l4.713 6.231zm-1.161 17.52h1.833L7.084 4.126H5.117z"/></svg> </a> <a href="#" aria-label="GitHub" title="View on GitHub"> <svg width="16" height="16" viewBox="0 0 24 24" fill="currentColor"><path d="M12 0c-6.626 0-12 5.373-12 12 0 5.302 3.438 9.8 8.207 11.387.599.111.793-.261.793-.577v-2.234c-3.338.726-4.033-1.416-4.033-1.416-.546-1.387-1.333-1.756-1.333-1.756-1.089-.745.083-.729.083-.729 1.205.084 1.839 1.237 1.839 1.237 1.07 1.834 2.807 1.304 3.492.997.107-.775.418-1.305.762-1.604-2.665-.305-5.467-1.334-5.467-5.931 0-1.311.469-2.381 1.236-3.221-.124-.303-.535-1.524.117-3.176 0 0 1.008-.322 3.301 1.23A11.509 11.509 0 0112 5.803c1.02.005 2.047.138 3.006.404 2.291-1.552 3.297-1.23 3.297-1.23.653 1.653.242 2.874.118 3.176.77.84 1.235 1.911 1.235 3.221 0 4.609-2.807 5.624-5.479 5.921.43.372.823 1.102.823 2.222v3.293c0 .319.192.694.801.576C20.566 21.797 24 17.3 24 12c0-6.627-5.373-12-12-12z"/></svg> </a> <a href="https://zero.redgem.net/?feed=rss2" aria-label="RSS Feed" title="RSS Feed"> <svg width="16" height="16" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2" stroke-linecap="round" stroke-linejoin="round"><path d="M4 11a9 9 0 0 1 9 9"/><path d="M4 4a16 16 0 0 1 16 16"/><circle cx="5" cy="19" r="1"/></svg> </a> </div> </div> <div class="footer-links-grid"> <div class="footer-section"> <h4>Quick Links</h4> <ul> <li><a href="https://zero.redgem.net/">Home</a></li> <li><a href="https://zero.redgem.net/?s=">Search</a></li> </ul> </div> <div class="footer-section"> <h4>RedGem Platform</h4> <ul> <li><a href="https://www.redgem.net" target="_blank" rel="noopener">Main Platform</a></li> <li><a href="https://www.redgem.net" target="_blank" rel="noopener">Asset Discovery</a></li> <li><a href="https://www.redgem.net" target="_blank" rel="noopener">Leakage Detection</a></li> <li><a href="https://www.redgem.net" target="_blank" rel="noopener">Vulnerability Scanners</a></li> </ul> </div> <div class="footer-section"> <h4>Security Resources</h4> <ul> <li><a href="https://cve.mitre.org/" target="_blank" rel="noopener">CVE Database</a></li> <li><a href="https://nvd.nist.gov/" target="_blank" rel="noopener">NVD</a></li> <li><a href="https://www.exploit-db.com/" target="_blank" rel="noopener">Exploit-DB</a></li> <li><a href="https://www.securityfocus.com/" target="_blank" rel="noopener">SecurityFocus</a></li> </ul> </div> </div> </div> <div class="footer-bottom"> <div class="footer-info"> <p>© 2026 zero redgem. All rights reserved.</p> <p>Powered by <a href="https://wordpress.org/" target="_blank" rel="noopener">WordPress</a> · RedGem Security Theme</p> </div> <div class="footer-badges"> <span class="footer-badge"> <svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M12 22s8-4 8-10V5l-8-3-8 3v7c0 6 8 10 8 10z"/></svg> Secured </span> <span class="footer-badge"> <svg width="12" height="12" viewBox="0 0 24 24" fill="none" stroke="currentColor" stroke-width="2"><path d="M22 11.08V12a10 10 0 1 1-5.93-9.14"/><polyline points="22 4 12 14.01 9 11.01"/></svg> Verified Data </span> </div> </div> </div> </footer> </div><!-- #page --> <script id="security-news-script-js-extra"> var securityNewsAjax = {"ajaxurl":"//zero.redgem.net/wp-admin/admin-ajax.php","nonce":"71be5f81ab"}; //# sourceURL=security-news-script-js-extra </script> <script src="https://zero.redgem.net/wp-content/themes/security-news/js/theme.js?ver=2.14.0" id="security-news-script-js"></script> <script id="wp-emoji-settings" type="application/json"> {"baseUrl":"https://s.w.org/images/core/emoji/17.0.2/72x72/","ext":".png","svgUrl":"https://s.w.org/images/core/emoji/17.0.2/svg/","svgExt":".svg","source":{"concatemoji":"https://zero.redgem.net/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4"}} </script> <script type="module"> /*! This file is auto-generated */ const a=JSON.parse(document.getElementById("wp-emoji-settings").textContent),o=(window._wpemojiSettings=a,"wpEmojiSettingsSupports"),s=["flag","emoji"];function i(e){try{var t={supportTests:e,timestamp:(new Date).valueOf()};sessionStorage.setItem(o,JSON.stringify(t))}catch(e){}}function c(e,t,n){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);t=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(n,0,0);const a=new Uint32Array(e.getImageData(0,0,e.canvas.width,e.canvas.height).data);return t.every((e,t)=>e===a[t])}function p(e,t){e.clearRect(0,0,e.canvas.width,e.canvas.height),e.fillText(t,0,0);var n=e.getImageData(16,16,1,1);for(let e=0;e<n.data.length;e++)if(0!==n.data[e])return!1;return!0}function u(e,t,n,a){switch(t){case"flag":return n(e,"\ud83c\udff3\ufe0f\u200d\u26a7\ufe0f","\ud83c\udff3\ufe0f\u200b\u26a7\ufe0f")?!1:!n(e,"\ud83c\udde8\ud83c\uddf6","\ud83c\udde8\u200b\ud83c\uddf6")&&!n(e,"\ud83c\udff4\udb40\udc67\udb40\udc62\udb40\udc65\udb40\udc6e\udb40\udc67\udb40\udc7f","\ud83c\udff4\u200b\udb40\udc67\u200b\udb40\udc62\u200b\udb40\udc65\u200b\udb40\udc6e\u200b\udb40\udc67\u200b\udb40\udc7f");case"emoji":return!a(e,"\ud83e\u1fac8")}return!1}function f(e,t,n,a){let r;const o=(r="undefined"!=typeof WorkerGlobalScope&&self instanceof WorkerGlobalScope?new OffscreenCanvas(300,150):document.createElement("canvas")).getContext("2d",{willReadFrequently:!0}),s=(o.textBaseline="top",o.font="600 32px Arial",{});return e.forEach(e=>{s[e]=t(o,e,n,a)}),s}function r(e){var t=document.createElement("script");t.src=e,t.defer=!0,document.head.appendChild(t)}a.supports={everything:!0,everythingExceptFlag:!0},new Promise(t=>{let n=function(){try{var e=JSON.parse(sessionStorage.getItem(o));if("object"==typeof e&&"number"==typeof e.timestamp&&(new Date).valueOf()<e.timestamp+604800&&"object"==typeof e.supportTests)return e.supportTests}catch(e){}return null}();if(!n){if("undefined"!=typeof Worker&&"undefined"!=typeof OffscreenCanvas&&"undefined"!=typeof URL&&URL.createObjectURL&&"undefined"!=typeof Blob)try{var e="postMessage("+f.toString()+"("+[JSON.stringify(s),u.toString(),c.toString(),p.toString()].join(",")+"));",a=new Blob([e],{type:"text/javascript"});const r=new Worker(URL.createObjectURL(a),{name:"wpTestEmojiSupports"});return void(r.onmessage=e=>{i(n=e.data),r.terminate(),t(n)})}catch(e){}i(n=f(s,u,c,p))}t(n)}).then(e=>{for(const n in e)a.supports[n]=e[n],a.supports.everything=a.supports.everything&&a.supports[n],"flag"!==n&&(a.supports.everythingExceptFlag=a.supports.everythingExceptFlag&&a.supports[n]);var t;a.supports.everythingExceptFlag=a.supports.everythingExceptFlag&&!a.supports.flag,a.supports.everything||((t=a.source||{}).concatemoji?r(t.concatemoji):t.wpemoji&&t.twemoji&&(r(t.twemoji),r(t.wpemoji)))}); //# sourceURL=https://zero.redgem.net/wp-includes/js/wp-emoji-loader.min.js </script> </body> </html>
