3395 matches found
PT-2026-48768
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.115 Description A race condition in Safe Browsing allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a malicious file. A sandbox...
Google Chrome 竞争条件问题漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a vulnerability due to race conditions in the Safe Browsing component. This vulnerability could allow remote attackers to execute a sandbox escape through malicious files after...
chromium -- security fixes
Chrome Releases reports: This update includes 33 security fixes: 516496659 Critical CVE-2026-12437: Use after free in WebShare. 516947912 Critical CVE-2026-12438: Inappropriate implementation in WebView. 519728275 Critical CVE-2026-12439: Use after free in Digital Credentials. 519731619 Critical...
Direct Request ('Forced Browsing')
Overview org.springframework:spring-webmvc is a package that provides Model-View-Controller MVC architecture and ready components that can be used to develop flexible and loosely coupled web applications. Affected versions of this package are vulnerable to Direct Request 'Forced Browsing' via...
Direct Request ('Forced Browsing')
Overview org.springframework:spring-webflux is a Spring Framework module that contains support for reactive HTTP and WebSocket clients as well as for reactive server web applications including REST, HTML browser, and WebSocket style interactions. Affected versions of this package are vulnerable t...
CVE-2026-11266
A policy bypass flaw was found in the SafeBrowsing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500521311...
CVE-2026-11231
An inappropriate implementation flaw was found in the Safe Browsing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495840862...
CVE-2026-11210
An insufficient policy enforcement flaw was found in the Safe Browsing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506473226...
SUSE CVE-2026-11210
Inappropriate implementation in Safe Browsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted RAR file. Chromium security severity: Medium...
SUSE CVE-2026-11231
Inappropriate implementation in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a malicious file. Chromium security severity: Low...
SUSE CVE-2026-11266
Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. Chromium security severity: Low...
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration
OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks. The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection...
CVE-2026-8495
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15...
CVE-2026-8491
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1...
CVE-2026-46390
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenticated browsing of git repositories and git history. Version 26.0.0 patches the issue...
CVE-2026-46390
HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenticated browsing of git repositories and git history. Version 26.0.0 patches the issue...
Chromium: CVE-2026-11231 Inappropriate implementation in Safe Browsing
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11266 Policy bypass in SafeBrowsing
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11210 Insufficient policy enforcement in Safe Browsing
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-34727
Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. Chromium security severity: Low...