CVE-2026-40734

Name of the Vulnerable Software and Affected Versions Zahlan Categories Images versions n/a through 3.3.1

Description Improper neutralization of input during web page generation in the categories-images component allows DOM-Based Cross-Site Scripting (XSS), a flaw where the application contains client-side JavaScript that processes data from an untrusted source in an unsafe way, typically updating the Document Object Model (DOM).

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.