MEDIUM
DeepL
CVE published 2026-04-22
CVE-2026-40451
A medium-severity cross-site scripting vulnerability was discovered in the DeepL Chrome browser extension, affecting versions from v1.22.0 to v1.23.0. This vulnerability, tracked as CVE-2026-40451, allows an attacker to execute arbitrary script in a user's browser and inject malicious HTML into web pages viewed by the user.