CVE Watchtower β Back to CVE ListCVE-2026-38978NVDDescriptiontransmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths.Severity LevelUNKNOWNPublished Date02/06/2026Last Modified02/06/2026Exploitation Status????Referenceshttps://github.com/transmission/transmission/commit/6b24c1c214ec6a44fa5fdff0ce7da6b16d8ecaa8https://github.com/transmission/transmission/issues/8726https://github.com/transmission/transmission/pull/8747