CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

CVE-2026-42615

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5.4AI score0.00014EPSS

Exploits0References1

Github Security Blog•added 2026/04/29 6:33 a.m.•3 views

CyberChef has a Cross-site Scripting issue

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5.8AI score0.00014EPSS

Exploits0References6Affected Software1

OSV•added 2026/04/29 6:33 a.m.•0 views

GHSA-H4HV-92PP-PCJG CyberChef has a Cross-site Scripting issue

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5.8AI score0.00014EPSS

Exploits0References6

NVD•added 2026/04/29 4:16 a.m.•0 views

CVE-2026-42615

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS0.00014EPSS

Exploits0References4

Cvelist•added 2026/04/29 2:55 a.m.•26 views

CVE-2026-42615

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS0.00014EPSS

Exploits0References4

ATTACKERKB•added 2026/04/29 2:55 a.m.•1 views

CVE-2026-42615

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5AI score0.00014EPSS

Exploits0References5

Vulnrichment•added 2026/04/29 2:55 a.m.•0 views

CVE-2026-42615

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5AI score0.00014EPSS

Exploits0References4

EUVD•added 2026/04/29 2:55 a.m.•0 views

EUVD-2026-26191

GCHQ CyberChef before 11.0.0 allows XSS via Show Base64 offsets, as demonstrated by the /recipe=ShowBase64offsets'%3Cscript substring...

7.2CVSS5.1AI score0.00014EPSS

Exploits0References4

CVE•added 2026/04/29 2:55 a.m.•4 views

CVE-2026-42615

CyberChef up to version 11.0.0 is affected by an XSS in the Show Base64 offsets path, allowing script injection via the URL/fragment (e.g., /#recipe=Show_Base64_offsets...). Root cause: improper handling of Base64 offset input in the recipe viewer. Impact: potential script execution in the victim...

7.2CVSS5.1AI score0.00014EPSS

Exploits0References4

CNNVD•added 2026/04/29 12:0 a.m.•7 views

CyberChef 跨站脚本漏洞

CyberChef is an open-source network application developed by GCHQ, featuring functions such as encryption, encoding, compression, and data analysis. Versions of CyberChef prior to 11.0.0 contained a cross-site scripting vulnerability. This vulnerability stemmed from the Show Base64 Offsets...

7.2CVSS5.6AI score0.00014EPSS

Exploits0References1

Positive Technologies•added 2026/04/29 12:0 a.m.•2 views

PT-2026-35866

Name of the Vulnerable Software and Affected Versions GCHQ CyberChef versions prior to 11.0.0 Description Cross-Site Scripting XSS is possible via the Show Base64 offsets feature. This occurs through the endpoint '/recipe=Show Base64 offsets', where an attacker can inject malicious scripts...

7.2CVSS5.8AI score0.00014EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by