Desktop Browser
Approved changes feed: RSS · Atom
cpe:2.3:a:brave:desktop_browser:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Brave (b3516991-2714-56a1-be63-9c87fa6b4495) |
|---|---|
| Product | Desktop Browser (58019373-170f-5ac7-8a42-725a9471e4a8) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2025-48980 |
vulnerable | 2026-06-08 07:29:12.358506 |
Details available
MEDIUM (6.5)
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method.
Published: 2025-10-30T23:29:44.075Z
Updated: 2025-12-01T20:22:29.067Z Reference links |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2025-23086 |
vulnerable | 2026-06-08 07:10:55.170881 |
Details available
On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open redirector vulnerability on a trusted site, this could allow a malicious site to initiate a download whose origin in the file select dialog appears as the trusted site which initiated the redirect.
Published: 2025-01-21T04:26:10.943Z
Updated: 2025-03-22T14:00:42.023Z Reference links |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.