CVE-2026-42615
CyberChef up to version 11.0.0 is affected by an XSS in the Show Base64 offsets path, allowing script injection via the URL/fragment (e.g., /#recipe=Show_Base64_offsets...). Root cause: improper handling of Base64 offset input in the recipe viewer. Impact: potential script execution in the victim...