{"uuid": "016e2496-f040-4be0-b114-72d72ce6c4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11525", "type": "seen", "source": "https://bsky.app/profile/nodeland.dev/post/3mol72ndrtt2r", "content": "\ud83d\udd35 Low: SameSite downgrade (CVE-2026-11525).\nSubstring matching meant `SameSite=NoneOfYourBusiness` parsed as `None` and `StrictLax` as `Lax`, silently weakening cookie policies. v6/v7/v8.", "creation_timestamp": "2026-06-18T15:59:06.190352Z"}