{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T04:08:29.447","vulnerabilities":[{"cve":{"id":"CVE-2025-3839","sourceIdentifier":"patrick@puiterwijk.org","published":"2026-01-23T05:16:21.753","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this action, resulting in potential code execution on the client device via trusted UI behavior."},{"lang":"es","value":"Se encontró una falla en Epiphany, una herramienta que permite a los sitios web abrir aplicaciones de manejadores de URL externos con mínima interacción del usuario. Este diseño puede ser mal utilizado para explotar vulnerabilidades dentro de esos manejadores, haciéndolos parecer remotamente explotables. El navegador no logra advertir o restringir adecuadamente esta acción, lo que resulta en una posible ejecución de código en el dispositivo del cliente a través de un comportamiento de interfaz de usuario de confianza."}],"metrics":{"cvssMetricV31":[{"source":"patrick@puiterwijk.org","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N","baseScore":8.0,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":1.6,"impactScore":5.8}]},"weaknesses":[{"source":"patrick@puiterwijk.org","type":"Secondary","description":[{"lang":"en","value":"CWE-356"}]}],"references":[{"url":"https://access.redhat.com/security/cve/CVE-2025-3839","source":"patrick@puiterwijk.org"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361430","source":"patrick@puiterwijk.org"}]}}]}