A vulnerability, which was classified as problematic , has been found in GCHQ CyberChef up to 10.x . Affected is an unknown function of the file /#recipe of the component Show Base64 Offsets . The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2026-42615 . Remote exploitation of the attack is possible. No exploit is available. It is advisable to upgrade the affected component.