CVE-2026-8881
EUVD-2026-3416603.06.2026, 19:16
Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no key stretching.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| securly | securly | 3.0.7 |
𝑥
= Vulnerable software versions
References