CVE-2026-11525LowCVSS 3.7

undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching

Published
June 30, 2026
Last Modified

🔗 CVE IDs covered (1)