Monthly
Same-Origin Policy bypass in Lightpanda headless browser before 0.3.1 allows an attacker-controlled site to impersonate an arbitrary victim origin. Because origin computation searched for the '@' userinfo delimiter across the entire URL string rather than only the authority component, a URL like http://attacker.com/@victim.com/ was fetched from attacker.com yet treated as origin http://victim.com, breaking the fundamental web isolation boundary. No public exploit identified at time of analysis and not listed in CISA KEV, but the CVSS 9.3 rating and the trivial, deterministic nature of the parsing flaw make it a high-priority fix for any automation pipeline using Lightpanda.
Cross-origin credential leakage in Lightpanda, a headless browser built for AI and automation workloads, occurs because fetch() and XMLHttpRequest attach session cookies to every outbound HTTP request regardless of the caller's requested credentials mode. In versions prior to 0.2.9, the credentials: omit, credentials: same-origin, credentials: include, and XMLHttpRequest.withCredentials controls are all ignored, so attacker-controlled content running inside a Lightpanda session can silently issue authenticated cross-origin requests against any victim origin whose cookies are present in the session's shared cookie jar. There is no public exploit identified at time of analysis and no CISA KEV listing, but the root-cause code fix is public in PR #2155, and the CVSS base score is 9.3.
Same Origin Policy bypass in Google Chrome's V8 JavaScript engine (prior to 150.0.7871.125) allows a remote attacker to cross origin security boundaries via a crafted HTML page, enabling high-impact integrity violations against cross-origin content. Exploitation requires the victim to visit the malicious page (UI:R), limiting automated mass exploitation - a constraint confirmed by SSVC's Automatable:no finding. No public exploit code has been identified and this vulnerability does not appear in the CISA KEV catalog; EPSS at 0.26% (17th percentile) is consistent with no observed active exploitation at time of analysis.
Same-origin policy bypass in Google Chrome prior to 150.0.7871.125 enables remote attackers to manipulate cross-origin content integrity through the browser's HTML-in-Canvas rendering subsystem. Exploitation requires a victim to visit a crafted HTML page, making this a socially-engineered attack rather than a fully autonomous one. No active exploitation has been recorded (CISA KEV: absent, SSVC exploitation: none), and EPSS sits at 0.26% - indicating low real-world exploitation activity at time of analysis.
Spoofing via origin validation error in the Windows Network Address Translation (NAT) component affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, including Server Core installations. An unauthenticated attacker positioned on an adjacent network segment can bypass origin/authentication checks (CWE-346) to impersonate a trusted source, with Microsoft rating scope-changed high impact to confidentiality, integrity, and availability (CVSS 8.3). No public exploit identified at time of analysis, though high attack complexity limits reliable exploitation.
Cross-domain cookie injection in Eclipse Vert.x Web Client (WebClientSession) lets any server a victim application contacts set a cookie scoped to an unrelated third-party domain, which the client later replays to that domain. Versions up to 4.5.29 (4.x) and 5.1.4 (5.x) fail to enforce the RFC 6265 Domain-attribute ownership check, so an attacker can bind their own session cookie into the victim's WebClientSession and have the victim's later requests to a target service execute under the attacker's account, exposing sensitive request payloads. No public exploit identified at time of analysis and it is not listed in CISA KEV; scored CVSS 4.0 8.2 (High) by Eclipse.
Cross-origin WebSocket hijacking in the Cline Hub dashboard server (the process started by `cline dashboard`) before version 3.0.30 lets a malicious website drive an active local Cline session. Because the /browser WebSocket endpoint does not validate the Origin header and isAuthorizedBrowserRequest() trusts any request when ROOM_SECRET is unset on a 127.0.0.1 bind, any site a victim visits can send desktopCommand frames to read workspace state, alter MCP and provider/model settings, and-when a provider or model is configured-invoke command execution on the developer's machine. There is no public exploit identified at time of analysis and it is not in CISA KEV; the flaw is a classic origin-validation gap (CWE-346) fixed in 3.0.30.
Cookie domain suffix-matching bypass in Guzzle PHP HTTP client (prior to 7.12.3) allows cross-host cookie disclosure, cookie injection, and session fixation when an application makes requests to multiple IP-address-based or bare-numeric-domain hosts within a shared CookieJar session. The SetCookie::matchesDomain() method incorrectly applied suffix-matching logic - valid for FQDN hierarchies - to numeric domain identifiers such as 192.168.0.1, [::1], and bare labels like 1, meaning a cookie set by one numeric host could be forwarded to a structurally related but distinct host. No public exploit has been identified at time of analysis; a vendor-released patch is available in version 7.12.3.
Arbitrary file read and exfiltration in Anki prior to 25.09.4 allows a remote attacker to access sensitive files on a victim's system by distributing a maliciously crafted card package (.apkg). The root cause is an origin validation failure (CWE-346) in Anki's internal localhost API, which fails to block iframe-embedded scripts from accessing privileged backend methods such as getImageForOcclusion. Exploitation requires the victim to import the malicious deck; no public exploit code or CISA KEV listing has been identified at time of analysis.
Cross-origin request forgery against Anki's local HTTP server allows a malicious website to trigger unauthorized side-effecting requests to the application while it is running on the victim's machine. All Anki versions prior to 25.09.3 are affected (CPE: cpe:2.3:a:ankitects:anki:*:*:*:*:*:*:*:*). The practical severity varies significantly by browser: implementations with Private Network Access (PNA) protections block such requests by default, limiting real-world impact to older or less-restrictive browser configurations. No public exploit identified at time of analysis, though security researcher Tavis Ormandy (Google Project Zero) publicly discussed the issue on X, indicating independent researcher awareness.
Same-Origin Policy bypass in Lightpanda headless browser before 0.3.1 allows an attacker-controlled site to impersonate an arbitrary victim origin. Because origin computation searched for the '@' userinfo delimiter across the entire URL string rather than only the authority component, a URL like http://attacker.com/@victim.com/ was fetched from attacker.com yet treated as origin http://victim.com, breaking the fundamental web isolation boundary. No public exploit identified at time of analysis and not listed in CISA KEV, but the CVSS 9.3 rating and the trivial, deterministic nature of the parsing flaw make it a high-priority fix for any automation pipeline using Lightpanda.
Cross-origin credential leakage in Lightpanda, a headless browser built for AI and automation workloads, occurs because fetch() and XMLHttpRequest attach session cookies to every outbound HTTP request regardless of the caller's requested credentials mode. In versions prior to 0.2.9, the credentials: omit, credentials: same-origin, credentials: include, and XMLHttpRequest.withCredentials controls are all ignored, so attacker-controlled content running inside a Lightpanda session can silently issue authenticated cross-origin requests against any victim origin whose cookies are present in the session's shared cookie jar. There is no public exploit identified at time of analysis and no CISA KEV listing, but the root-cause code fix is public in PR #2155, and the CVSS base score is 9.3.
Same Origin Policy bypass in Google Chrome's V8 JavaScript engine (prior to 150.0.7871.125) allows a remote attacker to cross origin security boundaries via a crafted HTML page, enabling high-impact integrity violations against cross-origin content. Exploitation requires the victim to visit the malicious page (UI:R), limiting automated mass exploitation - a constraint confirmed by SSVC's Automatable:no finding. No public exploit code has been identified and this vulnerability does not appear in the CISA KEV catalog; EPSS at 0.26% (17th percentile) is consistent with no observed active exploitation at time of analysis.
Same-origin policy bypass in Google Chrome prior to 150.0.7871.125 enables remote attackers to manipulate cross-origin content integrity through the browser's HTML-in-Canvas rendering subsystem. Exploitation requires a victim to visit a crafted HTML page, making this a socially-engineered attack rather than a fully autonomous one. No active exploitation has been recorded (CISA KEV: absent, SSVC exploitation: none), and EPSS sits at 0.26% - indicating low real-world exploitation activity at time of analysis.
Spoofing via origin validation error in the Windows Network Address Translation (NAT) component affects Windows 11 (24H2, 25H2, 26H1) and Windows Server 2025, including Server Core installations. An unauthenticated attacker positioned on an adjacent network segment can bypass origin/authentication checks (CWE-346) to impersonate a trusted source, with Microsoft rating scope-changed high impact to confidentiality, integrity, and availability (CVSS 8.3). No public exploit identified at time of analysis, though high attack complexity limits reliable exploitation.
Cross-domain cookie injection in Eclipse Vert.x Web Client (WebClientSession) lets any server a victim application contacts set a cookie scoped to an unrelated third-party domain, which the client later replays to that domain. Versions up to 4.5.29 (4.x) and 5.1.4 (5.x) fail to enforce the RFC 6265 Domain-attribute ownership check, so an attacker can bind their own session cookie into the victim's WebClientSession and have the victim's later requests to a target service execute under the attacker's account, exposing sensitive request payloads. No public exploit identified at time of analysis and it is not listed in CISA KEV; scored CVSS 4.0 8.2 (High) by Eclipse.
Cross-origin WebSocket hijacking in the Cline Hub dashboard server (the process started by `cline dashboard`) before version 3.0.30 lets a malicious website drive an active local Cline session. Because the /browser WebSocket endpoint does not validate the Origin header and isAuthorizedBrowserRequest() trusts any request when ROOM_SECRET is unset on a 127.0.0.1 bind, any site a victim visits can send desktopCommand frames to read workspace state, alter MCP and provider/model settings, and-when a provider or model is configured-invoke command execution on the developer's machine. There is no public exploit identified at time of analysis and it is not in CISA KEV; the flaw is a classic origin-validation gap (CWE-346) fixed in 3.0.30.
Cookie domain suffix-matching bypass in Guzzle PHP HTTP client (prior to 7.12.3) allows cross-host cookie disclosure, cookie injection, and session fixation when an application makes requests to multiple IP-address-based or bare-numeric-domain hosts within a shared CookieJar session. The SetCookie::matchesDomain() method incorrectly applied suffix-matching logic - valid for FQDN hierarchies - to numeric domain identifiers such as 192.168.0.1, [::1], and bare labels like 1, meaning a cookie set by one numeric host could be forwarded to a structurally related but distinct host. No public exploit has been identified at time of analysis; a vendor-released patch is available in version 7.12.3.
Arbitrary file read and exfiltration in Anki prior to 25.09.4 allows a remote attacker to access sensitive files on a victim's system by distributing a maliciously crafted card package (.apkg). The root cause is an origin validation failure (CWE-346) in Anki's internal localhost API, which fails to block iframe-embedded scripts from accessing privileged backend methods such as getImageForOcclusion. Exploitation requires the victim to import the malicious deck; no public exploit code or CISA KEV listing has been identified at time of analysis.
Cross-origin request forgery against Anki's local HTTP server allows a malicious website to trigger unauthorized side-effecting requests to the application while it is running on the victim's machine. All Anki versions prior to 25.09.3 are affected (CPE: cpe:2.3:a:ankitects:anki:*:*:*:*:*:*:*:*). The practical severity varies significantly by browser: implementations with Private Network Access (PNA) protections block such requests by default, limiting real-world impact to older or less-restrictive browser configurations. No public exploit identified at time of analysis, though security researcher Tavis Ormandy (Google Project Zero) publicly discussed the issue on X, indicating independent researcher awareness.