CVE-2025-40901 — A Stored HTML Injection vulnerability was discovered in the Credentials Manager functionality due to improper validation of an input parameter. An authenticated user with administrative privileges can — CVE Database · The Intelligence Room