CVE-2026-33622

NVD data not available for this CVE. It may be pending analysis or not yet published.

Related Intelligence (1)

NVD HIGH: CVE-2026-33622 — PinchTab is a standalone HTTP server that gives AI agents direct control over a ...

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. PinchTab `v0.8.3` through `v0.8.5` allow arbitrary JavaScript execution through `POST /wait` and `POST /tabs/{id}/wait` when the request uses `fn` mode, even if `security.allowEvaluate` is disabled. `POST /evaluate` correctly enforces the `security.allowEvaluate` guard, which is disabled by default. How

CVE-2026-33622

Mar 26, 2026NIST NVD

Command Palette

CVE-2026-33622

Related Intelligence (1)

NVD HIGH: CVE-2026-33622 — PinchTab is a standalone HTTP server that gives AI agents direct control over a ...