{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-11326", "assignerOrgId": "8f4f43ab-ba69-4d92-aa1d-d772184d6fb7", "state": "PUBLISHED", "assignerShortName": "OAI", "dateReserved": "2026-06-05T00:07:13.696Z", "datePublished": "2026-06-05T00:12:32.077Z", "dateUpdated": "2026-06-05T18:32:50.603Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8f4f43ab-ba69-4d92-aa1d-d772184d6fb7", "shortName": "OAI", "dateUpdated": "2026-06-05T17:59:00.942Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "type": "CWE"}]}], "affected": [{"vendor": "OpenAI", "product": "OpenAI Atlas", "versions": [{"version": "0", "status": "affected", "lessThan": "1.2025.288.15", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on *.openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI Atlas 1.2025.288.15 narrows access to these APIs to *.chatgpt.com; users should upgrade to 1.2025.288.15 or later."}], "metrics": [{"format": "CVSS", "cvssV4_0": {"version": "4.0", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/V:D/RE:L/U:Green", "baseScore": 6, "baseSeverity": "MEDIUM"}}], "solutions": [{"lang": "en", "value": "Upgrade to OpenAI Atlas 1.2025.288.15 or later."}], "credits": [{"lang": "en", "value": "s1r1us and sudi of hacktron.ai", "type": "finder"}], "references": [{"url": "https://www.hacktron.ai/blog/hacking-openai-atlas-browser", "name": "Pwning OpenAI Atlas Through Exposed Browser Internals", "tags": ["technical-description"]}], "x_generator": {"engine": "cvelib 1.8.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-05T18:32:37.907593Z", "id": "CVE-2026-11326", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-05T18:32:50.603Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "OpenAI Atlas before 1.2025.288.15 exposed privileged browser APIs to web content on *.openai.com origins. A cross-site scripting vulnerability in forum.openai.com could be used to access these functions, allowing access to browser history information and the ability to open or close tabs. OpenAI Atlas 1.2025.288.15 narrows access to these APIs to *.chatgpt.com; users should upgrade to 1.2025.288.15 or later."}], "id": "CVE-2026-11326", "lastModified": "2026-06-05T18:17:04.343", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.0, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "GREEN", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:X/V:D/RE:L/U:Green", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "LOW"}, "source": "8f4f43ab-ba69-4d92-aa1d-d772184d6fb7", "type": "Secondary"}]}, "published": "2026-06-05T02:17:11.180", "references": [{"source": "8f4f43ab-ba69-4d92-aa1d-d772184d6fb7", "url": "https://www.hacktron.ai/blog/hacking-openai-atlas-browser"}], "sourceIdentifier": "8f4f43ab-ba69-4d92-aa1d-d772184d6fb7", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "8f4f43ab-ba69-4d92-aa1d-d772184d6fb7", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,1.2025.288.15)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "OpenAI Atlas", "source": "cna", "vendor": "OpenAI"}, "product": "openai_atlas", "vendor": "openai"}], "created": "2026-06-05T04:45:32.037909+00:00", "title": "Cross\u2011Site Scripting Allowing Browser History Access and Tab Control in OpenAI Atlas", "updated": "2026-06-05T10:07:10.542974+00:00", "vendors": ["openai", "openai$PRODUCT$openai_atlas"]}