Lucene search
K

5 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-58266

Anki is a program for creating and reviewing flashcards. Prior to 25.09.4, Anki's webview-based pages communicate with the Rust backend using an internal localhost API, and user scripts included via iframes in the editor can access this API despite protections intended to block reviewer and edito...

6.5CVSS0.00169EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago4 views

CVE-2026-58266

Anki is a program for creating and reviewing flashcards. Prior to 25.09.4, Anki's webview-based pages communicate with the Rust backend using an internal localhost API, and user scripts included via iframes in the editor can access this API despite protections intended to block reviewer and edito...

6.5CVSS6AI score0.00169EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2 days ago7 views

CVE-2026-58266

The CVE-2026-58266 issue affects Anki prior to 25.09.4, where webview pages expose the internal localhost API to user scripts loaded in iframes. This allows a malicious imported card package with an embedded iframe to call exposed API methods (e.g., getImageForOcclusion) and read files accessible...

6.5CVSS6AI score0.00169EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago22 views

CVE-2026-58266 Anki: User scripts in iframes have access to the internal Anki API

Anki is a program for creating and reviewing flashcards. Prior to 25.09.4, Anki's webview-based pages communicate with the Rust backend using an internal localhost API, and user scripts included via iframes in the editor can access this API despite protections intended to block reviewer and edito...

6.5CVSS0.00169EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/06/29 12:0 a.m.33 views

Mozilla Firefox ESR < 91.11

The version of Firefox ESR installed on the remote Windows host is prior to 91.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2022-25 advisory. - The Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101 and Firefox ESR 91.10. Some of...

9.8CVSS7.7AI score0.23941EPSS
Exploits2References10
Rows per page
Query Builder