VYPR

nebula.example.com

by Nebula.example.com

CVEs (1)

  • CVE-2026-47725higJun 8, 2026
    Nebula.example.com
    nebula.example.com
    risk 0.38cvss epss

    Every `/ui/*` POST / PUT / PATCH / DELETE route processes the request as soon as the session cookie validates. `SameSite=Lax` on the session cookie prevents most cross-site form submits but does not protect: - top-level form-submit navigations from third-party pages (some…