What the vulnerability does

01Description

Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.

Key dates

02Disclosure timeline

December 30, 2025 CVE published
December 31, 2025 Record updated