CVE-2025-62583

Critical CVSS: 9.8

Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment.

Vendor

Product

CWE

Yayın Tarihi

2025-10-16 07:15:33

Güncelleme

2025-10-21 13:26:06

Source Identifier

cve@navercorp.com

KEV Date Added

CWE-358 Whale CRITICAL Navercorp 2025

https://cve.naver.com/detail/cve-2025-62583.html

Critical

CVE-2025-69234

Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.

High

CVE-2025-69235

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.

High

CVE-2025-62584

Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment.

High

CVE-2025-62585

Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dua…

High

CVE-2025-58323

NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM…

Critical

CVE-2025-53599

Whale browser for iOS before 3.9.1.4206 allow an attacker to execute malicious scripts in the browser via a crafted java…