Product
CVE-2026-59928 identifies a vulnerability in the Mistune block_parser component where quadratic-time parsing of long lists of repeated reference-link definitions can be exploited by an attacker to cause a denial-of-service condition due to excessive resource consumption.