CVE-2026-8889

Same vendor

• CVE-2026-8888 — Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular... (7.5 HIGH)
• CVE-2026-8881 — Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption (7.5 HIGH)
• CVE-2026-8879 — Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerCon... (7.5 HIGH)
• CVE-2026-8878 — Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensiti... (7.5 HIGH)
• CVE-2026-8876 — Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js (7.3 HIGH)

Same CWE

• CVE-2026-45664 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.3 MEDIUM)
• CVE-2026-41850 — Applications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulnerable to an Algorithmic Denial of Service... (7.5 HIGH)
• CVE-2026-11312 — A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
• CVE-2026-3276 — unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining cha...
• CVE-2026-42504 — Decoding a maliciously-crafted MIME header containing many invalid encoded-words can consume excessive CPU (7.5 HIGH)