Product
CVE-2026-45553 allows a remote attacker to read arbitrary local files by injecting reStructuredText directives into the `ui.restructured_text()` function of a NiceGUI application, if the application passes user-controlled content to that function.