A vulnerability labeled as problematic has been found in lightpanda-io Lightpanda up to 0.3.0. This affects an unknown part of the component Authority. The manipulation results in permissive cross-domain policy with untrusted domains.

This vulnerability is identified as CVE-2026-52842. The attack can be executed remotely. There is not any exploit available.