NVD Vulnerability Detail

Search Exploit, PoC

NVD脆弱性検索トップ

->

NVD Vulnerability Detail

CVE-2026-11326

Summary	OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on .openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI Atlas 1.2025.288.15 narrows access to these APIs to .chatgpt.com; users should upgrade to 1.2025.288.15 or later.
Publication Date	June 5, 2026, 11:17 a.m.
Registration Date	June 6, 2026, 4:16 a.m.
Last Update	June 6, 2026, 3:17 a.m.

Related information, measures and tools

No	URL	refsource	タグ
1	https://www.hacktron.ai/blog/hacking-openai-atlas-browser	8f4f43ab-ba69-4d92-aa1d-d772184d6fb7

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-284	不適切なアクセス制御	https://cwe.mitre.org/data/definitions/284.html