2 matches found
CVE-2026-35466
CVE-2026-35466 describes a stored XSS in cveInterface.js caused by unsanitized input from remote CVE API services. Multiple sources (NVD, Red Hat, ENISA, CIRCL, CVE List, ATT&CK references) reiterate the vulnerability, with the NVD metrics showing MEDIUM severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:...
CVE-2026-35467
CVE-2026-35467 concerns unprotected storage of API keys in a temporary browser client (IndexedDB), allowing exposure of encryption credentials via JavaScript console or similar errors. Multiple sources (NVD, Red Hat, ENISA EUVD, CIRCL, CVE List, AttackersKB, CVE records) describe the same issue w...