CVE Tools

brave

Consumer SoftwareUScommercial

7

Cumulative CVEs

3

Monthly snapshots

#128

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting brave.

CVE-2025-68508WordPress Brave plugin <= 0.8.3 - Broken Access Control vulnerability5.3Dec 24, 2025
CVE-2025-48980In Brave Browser Desktop versions prior to 1.83.10 that have the split view feature enabled, the "Open Link in Split View" context menu item did not respect the SameSite cookie attribute. Therefore...6.5Oct 30, 2025
CVE-2025-7710Brave Conversion Engine (PRO) <= 0.7.7 - Authentication Bypass to Administrator9.8Aug 2, 2025
CVE-2025-23086On most desktop platforms, Brave Browser versions 1.70.x-1.73.x included a feature to show a site's origin on the OS-provided file selector dialog when a site prompts the user to upload or download...6.1Jan 21, 2025
CVE-2024-37406In Brave Android prior to v1.67.116, domains in the Brave Shields popup are elided from the right instead of the left, which may lead to domain confusion.7.5Sep 18, 2024
CVE-2024-43337WordPress Brave plugin <= 0.7.0 - Cross Site Request Forgery (CSRF) vulnerability4.3Aug 26, 2024
CVE-2024-35655WordPress Brave – Interactive Content plugin <= 0.6.9 - Cross Site Scripting (XSS) vulnerability5.9Jun 4, 2024
CVE-2024-30453WordPress Brave plugin <= 0.6.5 - Server Side Request Forgery (SSRF) vulnerability5.4Mar 29, 2024
CVE-2023-51534WordPress Brave Popup Builder Plugin <= 0.6.2 is vulnerable to Cross Site Scripting (XSS)5.9Feb 1, 2024
CVE-2023-52263Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_contr...6.1Dec 30, 2023
CVE-2023-28364An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now th...6.1Jun 30, 2023
CVE-2023-28360An omission of security-relevant information vulnerability exists in Brave desktop prior to version 1.48.171 when a user was saving a file there was no download safety check dialog presented to the...4.3May 11, 2023
CVE-2023-22798Prior to commit 51867e0d15a6d7f80d5b714fd0e9976b9c160bb0, https://github.com/brave/adblock-lists removed redirect interceptors on some websites like Facebook in which the redirect interceptor may h...6.1Feb 9, 2023
CVE-2022-47934Brave Browser before 1.43.88 allowed a remote attacker to cause a denial of service in private and guest windows via a crafted HTML file that mentions an ipfs:// or ipns:// URL. This is caused by a...6.5Dec 24, 2022
CVE-2022-47933Brave Browser before 1.42.51 allowed a remote attacker to cause a denial of service via a crafted HTML file that references the IPFS scheme. This vulnerability is caused by an uncaught exception in...6.5Dec 24, 2022