CVE Catalog

CVE-2026-8889

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.02%

4th percentile - higher than 4% of all known CVEs

Summary

Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching and CIPA blocklist matching.

Risk Assessment

The use of a deprecated hashing algorithm increases the risk that attackers can more easily perform collision attacks, potentially leading to unauthorized access to blocked content.

Recommendation

It is recommended to update the Securly extension to the latest version that uses more secure hashing algorithms.

Original NVD description (English source)

Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes).

Vulnerability data from NVD (NIST) · CISA KEV · EPSS