ГлавнаяУязвимости → CVE-2026-35467
7.5высокая

CVE-2026-35467

Описание

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

Затрагиваемое ПО
Cmu Cveclient
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/CERTCC/cveClient/https://github.com/CERTCC/cveClient/pull/39