CVE-2025-53599

Critical CVSS: 9.8

Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted javascript scheme.

Vendor

Product

CWE

Yayın Tarihi

2025-07-04 08:15:25

Güncelleme

2025-10-01 13:49:43

Source Identifier

cve@navercorp.com

KEV Date Added

CWE-79 Whale CRITICAL Navercorp 2025

https://cve.naver.com/detail/cve-2025-53599.html

Critical

CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.

High

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.

Critical

CVE-2025-62583

Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.

High

CVE-2025-62584

Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.

High

CVE-2025-62585

Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dua…

High

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM…