CVE-2026-25516 is a cross-site scripting (XSS) vulnerability identified in the NiceGUI Python UI framework, specifically in versions prior to 3.7.0. NiceGUI's ui.markdown() component uses the markdown2 library to convert markdown content to HTML, which is then rendered using innerHTML in the browser. The markdown2 library, by default, permits raw HTML to pass through without sanitization. This design choice means that if an application renders user-controlled markdown content via ui.markdown(), an attacker can inject malicious HTML elements containing JavaScript event handlers. Unlike other NiceGUI components such as ui.html(), ui.chat_message(), or ui.interactive_image(), which provide or require sanitization parameters, ui.markdown() lacks such a feature, leaving applications vulnerable to XSS attacks. The vulnerability allows attackers to execute arbitrary JavaScript in the context of the victim's browser when they view the malicious content, potentially leading to theft of session tokens, manipulation of the DOM, or other client-side attacks. The CVSS v3.1 score is 6.1, indicating medium severity, with an attack vector of network (remote), low attack complexity, no privileges required, but requiring user interaction. The scope is changed, meaning the vulnerability can affect resources beyond the vulnerable component. Confidentiality and integrity impacts are low, while availability is unaffected. No known exploits have been reported in the wild as of the publication date. The vulnerability was published on February 6, 2026, and fixed in NiceGUI version 3.7.0.

For European organizations, this vulnerability poses a moderate risk primarily to web applications built using NiceGUI versions prior to 3.7.0 that render user-generated markdown content via the ui.markdown() component. Successful exploitation can lead to cross-site scripting attacks, allowing attackers to execute arbitrary JavaScript in users' browsers. This can result in theft of sensitive information such as session cookies, user impersonation, or manipulation of displayed content, undermining confidentiality and integrity. Although availability is not impacted, the reputational damage and potential regulatory consequences under GDPR for data breaches involving personal data could be significant. Organizations providing SaaS, internal dashboards, or customer-facing portals using NiceGUI are particularly at risk. The requirement for user interaction (e.g., clicking a link or viewing malicious content) somewhat limits the attack surface but does not eliminate risk. Given the widespread use of Python frameworks in European tech sectors, especially in Germany, France, and the UK, the vulnerability could affect a broad range of organizations, including government, finance, and healthcare sectors that rely on secure web interfaces.

1. Upgrade NiceGUI to version 3.7.0 or later, where this vulnerability is fixed. 2. Avoid rendering untrusted or user-controlled markdown content directly via ui.markdown() without sanitization. 3. If upgrading is not immediately possible, implement external HTML sanitization of markdown content before passing it to ui.markdown(), using robust libraries such as Bleach or similar to remove malicious scripts and event handlers. 4. Educate developers on the risks of rendering raw HTML from user input and enforce secure coding practices around UI components. 5. Conduct code audits and penetration testing focusing on user input handling in NiceGUI applications. 6. Monitor web application logs and user reports for suspicious activity indicative of XSS exploitation attempts. 7. Implement Content Security Policy (CSP) headers to restrict execution of unauthorized scripts in browsers, mitigating impact even if XSS occurs. 8. Review and update incident response plans to include XSS attack scenarios relevant to this vulnerability.