CVE-2026-4995 in OpenUIالمعلومات

الملخص

بحسب MITRE • 28/03/2026

A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

مسؤول

VulDB

إفشاء

28/03/2026

الاعتدال

تمت الموافقة

إدخال

VDB-353882

استغلال

تحميل

EPSS

0.00191

KEV

لا

النشاطات

منخفض جدًا

المصادر

Interested in the pricing of exploits?

See the underground prices here!