openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20372-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20372-1 advisory. Changes in chromium: - Chromium 146.0.7680.80: CVE-2026-3909: Out of bounds write in Skia boo1259659 - Chromium 146.0.7680.75 released 2026-03-1...

CVE-2026-3913 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-3913 vulnerabilities

Vulnerabilities for packages: chromium...

CVE-2026-3913

A heap buffer overflow flaw was found in the WebML component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483445078...

CVE-2026-3913

creationtimestamp| type| source ---|---|--- 2026-03-12 01:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260312 2026-03-12 22:16:03+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgvggjhb7d2x 2026-03-16 00:00:00+00:00|...

Google Chrome < 146.0.7680.71 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 146.0.7680.71. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop10 advisory. - Use after free in WebView in Google Chrome on Android prior to 146.0.7680....

Linux Distros Unpatched Vulnerability : CVE-2026-3913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

CVE-2026-3913

Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

PT-2026-24861

Google releases Chrome 146, fixing 29 vulnerabilities including a critical heap buffer overflow in WebML CVE-2026-3913. Update your browser immediately. Chrome146 GoogleChrome CVE20263913 CyberSecurity PatchAlert InfoSec BugBounty Vulnerability https://t.co/Xywvdo0ywP https://t.co/eSaiAchpsb...

Stable Channel Update for Desktop

The Chrome team is delighted to announce the promotion of Chrome 146 to the stable channel for Windows, Mac and Linux. This will roll out over the coming days/weeks. Chrome 146.0.7680.71 Linux 146.0.7680.71/72 Windows/Mac contains a number of fixes and improvements -- a list of changes is availab...

MiracleLinux 8 : libksba-1.3.5-8.el8 (AXSA:2022-3913:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3913:01 advisory. libksba: integer overflow may lead to remote code execution CVE-2022-3515 Tenable has extracted the preceding description block directly from the MiracleLinu...

RockyLinux 8 : expat (RLSA-2025:3913)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3913 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from...

SUSE CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

CVE-2025-3913

creationtimestamp| type| source ---|---|--- 2025-05-29 16:42:35+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqd5v7n4bva2 2025-05-29 18:39:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqdeiza7kr27...

CVE-2025-3913

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

CVE-2025-3913

Mattermost Server vulnerability CVE-2025-3913 affects versions 10.7.x &lt;= 10.7.0, 10.6.x &lt;= 10.6.2, 10.5.x &lt;= 10.5.3, and 9.11.x

CVE-2025-3913 Team Privacy Settings Authorization Bypass in Mattermost Server

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

CVE-2025-3913 Team Privacy Settings Authorization Bypass in Mattermost Server

Mattermost versions 10.7.x = 10.7.0, 10.6.x = 10.6.2, 10.5.x = 10.5.3, 9.11.x = 9.11.12 fail to properly validate permissions when changing team privacy settings, allowing team administrators without the 'invite user' permission to access and modify team invite IDs via the...

CVE-2010-3913

CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors...