Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes).
References
History

Wed, 10 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 05 Jun 2026 23:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-327

Fri, 05 Jun 2026 21:00:00 +0000

Type Values Removed Values Added
First Time appeared Securly securly
Weaknesses CWE-407
CPEs cpe:2.3:a:securly:securly:3.0.7:*:*:*:*:chrome:*:*
Vendors & Products Securly securly
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}


Fri, 05 Jun 2026 10:45:00 +0000

Type Values Removed Values Added
First Time appeared Securly
Securly securly Chrome Extension
Vendors & Products Securly
Securly securly Chrome Extension

Wed, 03 Jun 2026 20:45:00 +0000

Type Values Removed Values Added
Weaknesses CWE-327

Wed, 03 Jun 2026 19:00:00 +0000

Type Values Removed Values Added
Description Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes).
Title CVE-2026-8889
References

cve-icon MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2026-06-03T18:15:15.450Z

Updated: 2026-06-10T19:00:10.351Z

Reserved: 2026-05-18T20:43:53.154Z

Link: CVE-2026-8889

cve-icon Vulnrichment

Updated: 2026-06-04T19:49:17.519Z

cve-icon NVD

Status : Modified

Published: 2026-06-03T19:16:39.950

Modified: 2026-06-10T19:16:38.537

Link: CVE-2026-8889

cve-icon Redhat

No data.