CVE-2026-8881

HIGH 7.5

CVE-2026-8881

CVSS Score

7.5

EPSS Score

0.0%

EPSS Percentile

1th

Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching.

Vendor	securly
Product	securly chrome extension
Published	Jun 3, 2026
Last Updated	Jun 4, 2026

Stay Ahead of the Next One

Get instant alerts for securly securly chrome extension

Be the first to know when new high vulnerabilities affecting securly securly chrome extension are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Securly / Securly Chrome Extension

0 ≤ 3.0.7

References

NVD ↗ CVE.org ↗ EPSS Data ↗

kb.cert.org: https://kb.cert.org/vuls/id/595768