Lucene search
K

632 matches found

Brave Browser
Brave Browser
added 2026/03/19 6:15 a.m.9 views

Brave Desktop 1.88.134 Security Fixes

Fixed "Gate3" explorer URL validation to prevent XSS. Upgraded Chromium to 146.0.7680.153 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References2Affected Software1
Brave Browser
Brave Browser
added 2026/03/11 10:36 a.m.10 views

Brave Android 1.88.128 Security Fixes

Fixed race condition which could result in incorrect origin being displayed on Brave Wallet as reported on HackerOne by b4dc4t. Upgraded Chromium to 146.0.7680.111 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References2Affected Software1
Brave Browser
Brave Browser
added 2026/03/11 8:37 a.m.12 views

Brave Desktop 1.88.127 Security Fixes

Fixed race condition which could result in incorrect origin being displayed on Brave Wallet as reported on HackerOne by b4dc4t. Upgraded Chromium to 146.0.7680.71 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References2Affected Software1
Malwarebytes
Malwarebytes
added 2026/02/02 6:11 p.m.6 views

How Manifest v3 forced us to rethink Browser Guard, and why that’s a good thing

As a Browser Guard user, you might not have noticed much difference lately. Browser Guard still blocks scams and phishing attempts just like always, and, in many cases, even better. But behind the scenes, almost everything changed. The rules that govern how browser extensions work went through a...

5.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/01/26 1:31 p.m.9 views

One privacy change I made for 2026 (Lock and Code S07E02)

This week on the Lock and Code podcast … When you hear the words "data privacy," what do you first imagine? Maybe you picture going into your social media apps and setting your profile and posts to private. Maybe you think about who you've shared your location with and deciding to revoke some of...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 12:18 p.m.10 views

CVE-2018-10799

A hang issue was discovered in Brave before 0.14.0 on, for example, Linux. This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element...

6.5CVSS6.9AI score0.00821EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:15 p.m.8 views

CVE-2018-1000815

Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript in contentsettingsobserver.cc that can result in Websites can run inline JavaScript even if script is blocked, making attackers easier to track user...

4.3CVSS6.8AI score0.01123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.5 views

CVE-2021-22916

In Brave Desktop between versions 1.17 and 1.26.60, when adblocking is enabled and a proxy browser extension is installed, the CNAME adblocking feature issues DNS requests that used the system DNS settings instead of the extension's proxy settings, resulting in possible information disclosure...

5.9CVSS6.7AI score0.01826EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.9 views

CVE-2021-22917

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled...

6.5CVSS6.5AI score0.0123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:58 a.m.6 views

CVE-2025-23086

On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open...

6.1CVSS6.7AI score0.0035EPSS
Exploits0References1
Brave Browser
Brave Browser
added 2026/01/07 2:49 a.m.11 views

Brave Desktop 1.85.120 Security Fixes

Updated Picture-in-Picture PiP to display origin as reported on HackerOne by frozzipies. Upgraded Chromium to 143.0.7499.192 — refer to Google Chrome advisories for inherited CVEs...

5.8AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2025/12/30 12:0 a.m.6 views

WordPress Brave plugin missing authorization vulnerability

WordPress Brave plugin by Brave Software develops Brave Browser Extensions for WordPress integration. A lack of authorization vulnerability exists in the WordPress Brave plugin, which can be exploited by an attacker to cause the exploitation of a misconfigured access control security level...

9.1CVSS6.8AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/25 1:23 p.m.6 views

CVE-2025-68508

Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...

5.3CVSS7AI score0.00199EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/24 3:30 p.m.5 views

EUVD-2025-205207

Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...

9.1CVSS6.5AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2025/12/24 1:16 p.m.4 views

CVE-2025-68508

Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...

5.3CVSS0.00199EPSS
Exploits0References1
CVE
CVE
added 2025/12/24 12:31 p.m.19 views

CVE-2025-68508

CVE-2025-68508 affects the WordPress Brave plugin’s brave-popup-builder component (Brave Brave plugin) up to version 0.8.3. The root cause is missing/incorrect authorization due to misconfigured access control levels, enabling a broken access control vulnerability. Reported details across multipl...

5.3CVSS6.6AI score0.00199EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/24 12:31 p.m.4 views

CVE-2025-68508 WordPress Brave plugin <= 0.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...

5.3CVSS6.6AI score0.00199EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/24 12:31 p.m.28 views

CVE-2025-68508 WordPress Brave plugin <= 0.8.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in Brave Brave brave-popup-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Brave: from n/a through = 0.8.3...

5.3CVSS0.00199EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.5 views

PT-2025-53080

Name of the Vulnerable Software and Affected Versions Brave versions through 0.8.3 Description A missing authorization issue exists in Brave's brave-popup-builder component. This allows exploitation due to incorrectly configured access control security levels. Recommendations Update to a version...

9.1CVSS6.6AI score0.00199EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/24 12:0 a.m.5 views

WordPress plugin Brave 安全漏洞

WordPress Brave plugin by Brave Software develops Brave Browser Extensions for WordPress integration. A lack of authorization vulnerability exists in the WordPress Brave plugin, which can be exploited by an attacker to cause the exploitation of a misconfigured access control security level...

5.3CVSS6.4AI score0.00199EPSS
Exploits0References1
Rows per page
Query Builder