What happened
A URL-parsing bug in Lightpanda's origin computation let attacker-crafted URLs impersonate a trusted origin for same-origin policy purposes.
Why it matters
Lightpanda is explicitly designed as a browsing tool for AI agents; an origin-confusion bug lets malicious pages trick an AI browser-use agent into treating attacker content as trusted, undermining any origin-based security control the agent relies on.
Attack vector
Lightpanda searched for '@' across the entire URL string rather than only the authority component when computing page origin, so a URL like http://attacker.com/@victim.com/ is fetched from attacker.com but treated as if it belonged to victim.com's origin, breaking same-origin security boundaries.
Affected systems
Lightpanda prior to 0.3.1
Mitigation
Upgrade to Lightpanda 0.3.1 or later.