CVE-2026-4995 in wandb OpenUI
Sumário (Inglês)
A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message Event Handler. This manipulation causes cross site scripting. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
Divulgação
28/03/2026
Inscrições
| Publicado em | Base | Temp | Vulnerabilidade | CWE | Prod | Exp | Con | EPSS | CTI | CVE |
|---|---|---|---|---|---|---|---|---|---|---|
| 27/03/2026 | 3.5 | 3.2 | wandb OpenUI Window Message Event index.html Script de Site Cruzado | 79 | Desconhecido | Prova de conceito | Não definido | 0.00029 | 2.14 | CVE-2026-4995 |