CVE-2026-11326EPSS p11.6%

CVE-2026-11326CVE-2026-11326

Description

OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on *.openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI Atlas 1.2025.288.15 narrows access to these APIs to *.chatgpt.com; users should upgrade to 1.2025.288.15 or later.

Scoring

EPSS0.21% probability of exploitation · percentile 11.6% · 2026-06-19T12:03:05Z
Last modified2026-06-05

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-36728
CVE
CVE-2026-11691
CVE
CVE-2026-27169
CVE
CVE-2026-11200
CVE
CVE-2026-11105
CVE
CVE-2026-32302
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.