VYPR
High severity7.5NVD Advisory· Published Jun 3, 2026· Updated Jun 5, 2026

CVE-2026-8881

CVE-2026-8881

Description

Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

1