Browse all 3 CVE security advisories affecting qutebrowser. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Qutebrowser is a keyboard-focused Qt-based web browser emphasizing minimalism and efficiency. Historically, it has faced vulnerabilities including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation, with three CVEs currently recorded. The browser's security profile reflects its lightweight architecture, though its reliance on Qt and Python introduces potential attack surfaces. While no major security incidents have been widely documented, the CVE history indicates consistent but manageable risks typical of niche browsers. Its design prioritizes user control over automated protections, potentially exposing users to web-based threats if not properly configured.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-41146 | Arbitrary command execution on Windows in qutebrowser — qutebrowserCWE-77 | 8.8 | High | 2021-10-21 |
| CVE-2020-11054 | Incorrect Provision of Specified Functionality in qutebrowser — qutebrowserCWE-684 | 3.5 | Low | 2020-05-07 |
| CVE-2018-10895 | qutebrowser 跨站请求伪造漏洞 — cross-site request forgery flaw allows sites to access 'quteCWE-352 | 8.8 | - | 2018-07-12 |
This page lists every published CVE security advisory associated with qutebrowser. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.