naver

Top products

The 15 most recently published vulnerabilities affecting naver.

• CVE-2026-8148NAVER MYBOX Explorer for Windows before 3.0.11.160 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM via registry manipulation due to improper privilege checks.7.8May 8, 2026
• CVE-2026-1513billboard.js before 3.18.0 allows an attacker to execute malicious JavaScript due to improper sanitization during chart option binding.6.1Jan 28, 2026
• CVE-2026-23769lucy-xss-filter before commit e5826c0 allows an attacker to execute malicious JavaScript due to improper sanitization caused by misconfigured default superset rule files.6.1Jan 16, 2026
• CVE-2026-23768lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed o...6.1Jan 16, 2026
• CVE-2025-69235Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.7.5Dec 30, 2025
• CVE-2025-69234Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.9.1Dec 30, 2025
• CVE-2025-62585Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment.7.5Oct 16, 2025
• CVE-2025-62584Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.7.5Oct 16, 2025
• CVE-2025-62583Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.9.8Oct 16, 2025
• CVE-2025-58323NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by executing arbitrary files due to improper privilege checks.7.7Aug 29, 2025
• CVE-2025-58322NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks.7.8Aug 28, 2025
• CVE-2025-53600Whale browser before 4.32.315.22 allow an attacker to bypass the Same-Origin Policy in a dual-tab environment.7.5Jul 4, 2025
• CVE-2025-53599Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme.9.8Jul 4, 2025
• CVE-2025-49223billboard.js before 3.15.1 was discovered to contain a prototype pollution via the function generate, which could allow attackers to execute arbitrary code or cause a Denial of Service (DoS) via in...9.8Jun 4, 2025
• CVE-2024-50583Whale browser Installer before 3.1.0.0 allows an attacker to execute a malicious DLL in the user environment due to improper permission settings.6.3Oct 25, 2024