capricorn86 CVE 脆弱性と CVE 一覧(2)

製品(CPE): — CVE 件数: 2

capricorn86 脆弱性概要

This page aggregates publicly disclosed CVE and security risk information related to capricorn86, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.

脆弱性分布の推移(直近24か月)

表示中 12 / 2 CVE 件数
«« 先頭 « 前へ 1 / 1 次へ »
CVE 概要 ソース CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-34226 Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. Versions prior to 20.8.9 may attach cookies from the current page origin (`window.location`) instead of the request target URL when `fetch(..., { credentials: "include" })` is used. This can leak cookies from origin A to destination B. Version 20.8.9 fixes the issue. [email protected] 7.5 0.46% 2026-03-27 2026-06-29
CVE-2026-33943 Happy DOM is a JavaScript implementation of a web browser without its graphical user interface. In versions 15.10.0 through 20.8.7, a code injection vulnerability in `ECMAScriptModuleCompiler` allows an attacker to achieve Remote Code Execution (RCE) by injecting arbitrary JavaScript expressions inside `export { }` declarations in ES module scripts processed by happy-dom. The compiler directly interpolates unsanitized content into generated code as an executable expression, and the quote filter [email protected] 8.8 0.79% 2026-03-27 2026-06-29
«« 先頭 « 前へ 1 / 1 次へ »
cvelogic Threat Intelligence