PatchSiren

Lookyloo CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Lookyloo CVE published 2026-07-15

CVE-2026-63175

CVE-2026-63175 is a vulnerability in PlaywrightCapture where capture-specific configuration and runtime data were stored as mutable class-level variables instead of instance-level variables. This allowed multiple Capture objects within the same Python process to share state, including sensitive information like HTTP headers, cookies, and authentication credentials. Consequently, in a multi-user or concurr [truncated]