Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brav

An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated

Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows

Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argumen

Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of servic

Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS finger

Brave Browser iOS before 1.2.18 and Brave Browser Android 1.9.56 and earlier suffer from Full Address Bar Spoofing, allowing attac