CVE-2026-12823

LOW SEVERITY

CVSS Score & Metrics

Base Score

3.3 / 10

Vector String

                                        CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N                                    

Vulnerability Description

A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability Details

Published Date

June 22, 2026

Last Modified

June 22, 2026

CWE ID

CWE-266

Source

NVD

Product

Browserbase

External References

https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/Advisory.md
https://github.com/NARKHEDE-VAIBHAV/poc/blob/main/CVE-2026-12823%20-%20Browserbase%20Skills%20Autobrowse%20Trace%20Artifact%20Insecure%20File%20Permissions/poc.sh
https://vuldb.com/cve/CVE-2026-12823
https://vuldb.com/submit/837600
https://vuldb.com/vuln/372613
https://vuldb.com/vuln/372613/cti

CVE-2026-12823

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment