Vulnerabilities > Tailscale > Tailscale > 1.22.1

DATE CVE VULNERABILITY TITLE RISK
2022-11-23 CVE-2022-41924 Origin Validation Error vulnerability in Tailscale
A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon `tailscaled`, which can then be used to remotely execute code.
network
low complexity
tailscale CWE-346
critical
 9.6
9.6
2022-11-23 CVE-2022-41925 Cross-Site Request Forgery (CSRF) vulnerability in Tailscale
A vulnerability identified in the Tailscale client allows a malicious website to access the peer API, which can then be used to access Tailscale environment variables.
low complexity
tailscale CWE-352
8.8
8.8