Chrome Browser Extension

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2026-40451 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in DeepL Chrome browser extension versions 1.22.0 through 1.23.0 allows remote attackers to execute arbitrary JavaScript and inject malicious HTML into web pages viewed by users. The vulnerability requires user interaction with a malicious web page but can compromise the security context of all visited websites.

XSS Google Chrome Browser Extension

NVD GitHub VulDB

CVSS 4.0

5.1

EPSS

0.0%

CVE-2026-40451

EPSS 0% CVSS 5.1

MEDIUM This Month

Cross-site scripting (XSS) vulnerability in DeepL Chrome browser extension versions 1.22.0 through 1.23.0 allows remote attackers to execute arbitrary JavaScript and inject malicious HTML into web pages viewed by users. The vulnerability requires user interaction with a malicious web page but can compromise the security context of all visited websites.

XSS Google Chrome Browser Extension

NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy