Lucene search
K

25566 matches found

The Hacker News
The Hacker News
added yesterday5 views

ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API

The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Google API. "In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail,...

6AI score
Exploits0
EUVD
EUVD
added yesterday4 views

EUVD-2026-41156

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS6.1AI score0.00229EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-41160

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00282EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-41180

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00232EPSS
Exploits0References3
EUVD
EUVD
added yesterday3 views

EUVD-2026-41196

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.0019EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-41197

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-41177

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00182EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-14398

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.0019EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2 days ago8 views

CVE-2026-14402

CVE-2026-14402 describes an uninitialized use in ANGLE within Google Chrome on Windows, prior to version 150.0.7871.46. The issue allows a remote attacker to potentially read sensitive data from a process's memory via a crafted HTML page. Affected component is ANGLE in Chrome’s Windows build; und...

6.5CVSS5.8AI score0.00198EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago8 views

CVE-2026-14423

CVE-2026-14423 describes a Type Confusion vulnerability in Google Chrome’s Tint component, exploitable via a crafted HTML page to potentially escape the sandbox. Affected software: Google Chrome (Tint component) before version 150.0.7871.46. Root cause: type confusion in Tint leading to sandbox e...

9.6CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago8 views

CVE-2026-14412

The CVE-2026-14412 entry concerns ANGLE in Google Chrome with insufficient validation of untrusted input. Attack vector involves a remote attacker who has already compromised the renderer process and could potentially escape the sandbox through a crafted HTML page. Affected product context is Goo...

8.3CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago6 views

CVE-2026-14401

CVE-2026-14401 affects Google Chrome on Android through ANGLE, where insufficient validation of untrusted input in ANGLE prior to 150.0.7871.46 enables a renderer-Process-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is described as high ...

8.3CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2 days ago6 views

CVE-2026-14407

CVE-2026-14407: In Google Chrome, an inappropriate implementation in the V8 engine prior to 150.0.7871.46 allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Affects the V8 implementation in Chrome; details indicate a sandbox escape/vector leadin...

8.8CVSS6.2AI score0.00282EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2 days ago5 views

CVE-2026-50521

Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...

8.3CVSS0.00822EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-50521 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

...

8.3CVSS0.00822EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-41137

Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...

8.3CVSS5.9AI score0.00822EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago2 views

CVE-2026-50521

Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...

8.3CVSS5.9AI score0.00822EPSS
Exploits0References2Affected Software1
Chainguard
Chainguard
added 2 days ago2 views

GHSA-XX2V-HW92-QXMX vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2 days ago1 views

GHSA-XRV4-RVR5-75GV vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
Chainguard
Chainguard
added 2 days ago2 views

GHSA-XMX7-WHJX-VF2R vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
Rows per page
Query Builder