CVE-2026-35467 - CERT CVE

  1. CVE-2026-35467

ID CVE-2026-35467
Sažetak The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
Reference
CVSS
Base: 7.5
Impact: 3.6
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Zadnje važnije ažuriranje 03-04-2026 - 16:10
Objavljeno 02-04-2026 - 21:16