Back to CVE List

CVE-2026-35467

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.5 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Description

The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-522
Source
NVD
Vendor
CERT/CC
Product
cveClient/encrypt-storage.js

External References

Discussion (0)

Add Comment

No comments yet. Be the first!