Refine your search
2 vulnerabilities found for Desktop Browser by Brave
CVE-2025-48980 (GCVE-0-2025-48980)
Vulnerability from cvelistv5
Published
2025-10-30 23:29
Modified
2025-12-01 20:22
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Brave | Desktop Browser |
Version: 1.83.10 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-48980",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-31T14:47:46.566526Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-565",
"description": "CWE-565 Reliance on Cookies without Validation and Integrity Checking",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-01T20:22:29.067Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Desktop Browser",
"vendor": "Brave",
"versions": [
{
"lessThan": "1.83.10",
"status": "affected",
"version": "1.83.10",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the \"Open Link in Split View\" context menu item did not respect the SameSite cookie attribute. Therefore SameSite=Strict cookies would be sent on a cross-site navigation using this method."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T23:29:44.075Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/3253725"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-48980",
"datePublished": "2025-10-30T23:29:44.075Z",
"dateReserved": "2025-05-29T15:00:04.773Z",
"dateUpdated": "2025-12-01T20:22:29.067Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-23086 (GCVE-0-2025-23086)
Vulnerability from cvelistv5
Published
2025-01-21 04:26
Modified
2025-03-22 14:00
Severity ?
VLAI Severity ?
EPSS score ?
Summary
On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open redirector vulnerability on a trusted site, this could allow a malicious site to initiate a download whose origin in the file select dialog appears as the trusted site which initiated the redirect.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Brave | Desktop Browser |
Version: 1.74.48 ≤ |
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-23086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:18:53.994412Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-601",
"description": "CWE-601 URL Redirection to Untrusted Site (\u0027Open Redirect\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-22T14:00:42.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Desktop Browser",
"vendor": "Brave",
"versions": [
{
"lessThan": "1.74.48",
"status": "affected",
"version": "1.74.48",
"versionType": "semver"
},
{
"lessThan": "1.70.117",
"status": "unaffected",
"version": "1.70.117",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site\u0027s origin on the OS-provided file selector dialog when a site prompts the user to upload or download a file. However the origin was not correctly inferred in some cases. When combined with an open redirector vulnerability on a trusted site, this could allow a malicious site to initiate a download whose origin in the file select dialog appears as the trusted site which initiated the redirect."
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T04:26:10.943Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"url": "https://hackerone.com/reports/2888770"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2025-23086",
"datePublished": "2025-01-21T04:26:10.943Z",
"dateReserved": "2025-01-10T19:05:52.772Z",
"dateUpdated": "2025-03-22T14:00:42.023Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}