Skip to main content

Lightpanda CVE-2026-52843

| EUVDEUVD-2026-44714 CRITICAL
Origin Validation Error (CWE-346)
2026-07-15 GitHub_M
9.3
CVSS 3.1 · Vendor: GitHub_M
Share

Severity by source

Vendor (GitHub_M) PRIMARY
9.3 CRITICAL
AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
vuln.today AI
9.3 CRITICAL

Network-reachable, low-complexity, no privileges but requires the session to load attacker content (UI:R); abusing one origin against a different victim origin is a scope change with high confidentiality and integrity impact, no availability effect.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (GitHub_M).

CVSS VectorVendor: GitHub_M

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
High
Integrity
High
Availability
None

Lifecycle Timeline

4
Patch available
Jul 15, 2026 - 21:18 EUVD
Source Code Evidence Fetched
Jul 15, 2026 - 16:46 vuln.today
Analysis Generated
Jul 15, 2026 - 16:46 vuln.today
CVE Published
Jul 15, 2026 - 16:16 cve.org
CRITICAL 9.3

DescriptionCVE.org

Lightpanda is a headless browser designed for AI and automation. Prior to 0.2.9, Lightpanda fetch() and XMLHttpRequest unconditionally attached session cookies to every HTTP request, ignoring credentials: omit, credentials: same-origin, credentials: include, and XMLHttpRequest.withCredentials, allowing an attacker-controlled origin in a Lightpanda session to issue authenticated cross-origin requests against a victim origin. This issue is fixed in version 0.2.9.

AnalysisAI

Cross-origin credential leakage in Lightpanda, a headless browser built for AI and automation workloads, occurs because fetch() and XMLHttpRequest attach session cookies to every outbound HTTP request regardless of the caller's requested credentials mode. In versions prior to 0.2.9, the credentials: omit, credentials: same-origin, credentials: include, and XMLHttpRequest.withCredentials controls are all ignored, so attacker-controlled content running inside a Lightpanda session can silently issue authenticated cross-origin requests against any victim origin whose cookies are present in the session's shared cookie jar. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Automation session loads attacker-controlled origin
Delivery
Script calls fetch()/XHR with credentials omit
Exploit
Lightpanda ignores credentials mode
Execution
Session cookies attached to cross-origin request
Persist
Authenticated response returned to attacker script
Impact
Exfiltrate victim origin data

Vulnerability AssessmentAI

Exploitation Exploitation requires a Lightpanda session (version prior to 0.2.9) whose shared cookie jar already contains valid session cookies for a target/victim origin, and requires attacker-controlled web content to execute inside that same session and issue a fetch() or XMLHttpRequest to the victim origin - this is the UI:R interaction. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The published CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N, 9.3) is internally consistent with the described flaw: network-reachable, low-complexity, no privileges, but requiring interaction (the session must load attacker-controlled content), with a scope change because the attacker abuses one origin's context to act against a different victim origin, yielding high confidentiality and integrity impact and no availability impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An operator runs a Lightpanda automation session that is logged into an internal application (holding its session cookies), then directs or allows the session to load an attacker-controlled page. That page issues a fetch() or XMLHttpRequest to the internal application's origin with credentials: omit set; Lightpanda ignores the directive, attaches the victim's session cookies, and the attacker's script reads the authenticated response. …
Remediation Vendor-released patch: 0.2.9 - upgrade Lightpanda to 0.2.9 or later, which enforces credentials mode and same-origin checks before attaching session cookies (see release https://github.com/lightpanda-io/browser/releases/tag/0.2.9 and advisory https://github.com/lightpanda-io/browser/security/advisories/GHSA-36mm-v3c2-24cc). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit your Lightpanda deployments to identify instances handling untrusted content or running with persistent authentication credentials; document which systems and credentials are at risk. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-52843 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy