PatchSiren

AmauriC CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM AmauriC CVE published 2026-07-17

CVE-2026-49977

A vulnerability in tarteaucitron.js, a compliant and accessible cookie banner, was discovered prior to version 1.33.0. The issue arises from the tarteaucitron.cookie.purge() function being called on any element with the purgeBtn class without verifying if the element is a legitimate tarteaucitron button or if the cookie corresponds to a service handled by tarteaucitron. This allows an attacker to write HT [truncated]