diff --git a/Pipfile.lock b/Pipfile.lock
index 7881858..50fb86f 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -16,6 +16,14 @@
         ]
     },
     "default": {
+        "bleach": {
+            "hashes": [
+                "sha256:2bce3d8fab545a6528c8fa5d9f9ae8ebc85a56da365c7f85180bfe96a35ef22f",
+                "sha256:3c4c520fdb9db59ef139915a5db79f8b51bc2a7257ea0389f30c846883430a4b"
+            ],
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
+            "version": "==3.1.5"
+        },
         "bottle": {
             "hashes": [
                 "sha256:0819b74b145a7def225c0e83b16a4d5711fde751cd92bae467a69efce720f69e",
diff --git a/setup.py b/setup.py
index 79af221..9ad0740 100644
--- a/setup.py
+++ b/setup.py
@@ -53,6 +53,7 @@ setup(
     packages=find_packages(exclude=["tests"]),
     package_data={"sublime": ["ui/app_styles.css", *package_data_files]},
     install_requires=[
+        "bleach",
         "dataclasses-json",
         "deepdiff",
         "fuzzywuzzy",
diff --git a/sublime/app.py b/sublime/app.py
index c398fef..7f5af1d 100644
--- a/sublime/app.py
+++ b/sublime/app.py
@@ -1,3 +1,4 @@
+import bleach
 import logging
 import os
 import random
@@ -1184,9 +1185,9 @@ class SublimeMusicApp(Gtk.Application):
                     if glib_notify_exists:
                         notification_lines = []
                         if album := song.album:
-                            notification_lines.append(f"<i>{album.name}</i>")
+                            notification_lines.append(f"<i>{bleach.clean(album.name)}</i>")
                         if artist := song.artist:
-                            notification_lines.append(artist.name)
+                            notification_lines.append(bleach.clean(artist.name))
                         song_notification = Notify.Notification.new(
                             song.title, "\n".join(notification_lines),
                         )