A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a. This affects an unknown part of the file flask/uniquemachine_app.py of the component details Endpoint. Such manipulation of the argument ID leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The vendor was contacted early about this disclosure but did not respond in any way.
References
| Link | Resource |
|---|---|
| https://github.com/wing3e/public_exp/issues/24 | Exploit Mitigation Third Party Advisory |
| https://vuldb.com/submit/783502 | Third Party Advisory VDB Entry |
| https://vuldb.com/vuln/355347 | Third Party Advisory VDB Entry |
| https://vuldb.com/vuln/355347/cti | Permissions Required VDB Entry |
Configurations
History
30 Apr 2026, 21:26
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:songli:cross_browser_fingerprinting:*:*:*:*:*:*:*:* | |
| First Time |
Songli
Songli cross Browser Fingerprinting |
|
| References | () https://github.com/wing3e/public_exp/issues/24 - Exploit, Mitigation, Third Party Advisory | |
| References | () https://vuldb.com/submit/783502 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/vuln/355347 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/vuln/355347/cti - Permissions Required, VDB Entry |
05 Apr 2026, 16:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-04-05 16:16
Updated : 2026-04-30 21:26
NVD link : CVE-2026-5577
Mitre link : CVE-2026-5577
CVE.ORG link : CVE-2026-5577
JSON object : View
Products Affected
songli
- cross_browser_fingerprinting