Chromium: CVE-2026-12439 Use after free in Digital Credentials

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-12439

Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

Linux Distros Unpatched Vulnerability : CVE-2026-12439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HT...

CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

DEBIAN-CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

CVE-2025-12439

CVE-2025-12439 affects Google Chrome (Windows) prior to 142.0.7444.59 due to an inappropriate implementation in App-Bound Encryption. A local attacker could obtain potentially sensitive information from a process’s memory via a malicious file. This is a Chromium-based issue affecting Chrome/Chrom...

SUSE CVE-2025-12439

Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

Linux Distros Unpatched Vulnerability : CVE-2025-12439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive...

Linux Distros Unpatched Vulnerability : CVE-2019-12439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations related to XDGRUNTIMEDIR, a...

CVE-2024-12439

The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'marketplace' shortcode in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-12439

creationtimestamp| type| source ---|---|--- 2025-01-07 05:38:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/342 2025-01-07 06:03:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113785558213640255 2025-01-07 06:16:12+00:00| seen|...

CVE-2024-12439 Marketplace Items <= 1.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marketplace' Shortcode

The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'marketplace' shortcode in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-12439 Marketplace Items <= 1.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'marketplace' Shortcode

The Marketplace Items plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'marketplace' shortcode in all versions up to, and including, 1.5.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

RHEL 7 : CloudForms 4.7.7 (RHSA-2019:1833)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1833 advisory. Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments...

CVE-2017-12439

creationtimestamp| type| source ---|---|--- 2023-12-18 03:50:40+00:00| seen| https://t.me/arpsyndicate/1905...

SUSE CVE-2019-12439

bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories in /tmp as a mount point. In some particular configurations related to XDGRUNTIMEDIR, a local attacker may abuse this flaw to prevent other users from executing bubblewrap or potentially execute code...

SUSE: Security Advisory (SUSE-SU-2019:1826-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-12439 affecting package bubblewrap 0.3.0-5

CVE-2019-12439 affecting package bubblewrap 0.3.0-5. A patched version of the package is available...

CVE-2020-12439

Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain...