PatchSiren

gchq CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

MEDIUM gchq CVE published 2026-07-08

CVE-2026-57439

CVE-2026-57439 is a medium-severity vulnerability in CyberChef, a web app for encryption, encoding, compression, and data analysis. The Series Chart operation's acceptance of __proto__ as a key while parsing user-supplied CSV allows for prototype pollution. This issue can be chained with operations such as Parse UDP to inject malicious JavaScript into HTML output. The vulnerability is fixed in version 11. [truncated]