CVE Catalog
CVE-2026-8889
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk0.02%
4th percentile - higher than 4% of all known CVEs
Summary
Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching and CIPA blocklist matching.
Risk Assessment
The use of a deprecated hashing algorithm increases the risk that attackers can more easily perform collision attacks, potentially leading to unauthorized access to blocked content.
Recommendation
It is recommended to update the Securly extension to the latest version that uses more secure hashing algorithms.
Original NVD description (English source)
Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes).

