Vulnerability Details CVE-2026-8878
Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover the original hash values and access the protected data.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.2%
CVSS Severity
CVSS v3 Score 7.5
References