Lucene search
K

38636 matches found

RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.3 views

CVE-2026-5283

An inappropriate implementation flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=492131521...

7.4CVSS5.8AI score0.002EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.4 views

CVE-2026-5282

An out of bounds read flaw was found in the WebCodecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491655161...

8.1CVSS5.8AI score0.00193EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.4 views

CVE-2026-5281

An use after free flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491518608...

9CVSS5.8AI score0.05036EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.3 views

CVE-2026-5280

An use after free flaw was found in the WebCodecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491515787...

9.6CVSS5.8AI score0.00395EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.5 views

CVE-2026-5279

An object corruption flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490642836...

9.6CVSS5.8AI score0.0034EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.3 views

CVE-2026-5277

An integer overflow flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489791424...

9CVSS5.9AI score0.00255EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.6 views

CVE-2026-5274

An integer overflow flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=488596746...

9.6CVSS5.9AI score0.00336EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.5 views

CVE-2026-5275

A heap buffer overflow flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489494022...

9.6CVSS6AI score0.0035EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/01 6:21 a.m.6 views

CVE-2026-5272

A heap buffer overflow flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491732188...

9.6CVSS6AI score0.0045EPSS
Exploits0References5
NVD
NVD
added 2026/04/01 5:16 a.m.8 views

CVE-2026-5286

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00313EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/01 4:41 a.m.4 views

CVE-2026-5284

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6AI score0.0028EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/01 3:15 a.m.32 views

CVE-2026-5253 bufanyun HotGo editNotice Endpoint MessageList.vue cross site scripting

A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...

5.1CVSS0.00239EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/01 3:15 a.m.2 views

CVE-2026-5253

A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice Endpoint. Executing a manipulation can lead to cross site scripting. The attack can be...

5.1CVSS4.2AI score0.00239EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.4 views

PT-2026-29503

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A lack of output escaping creates a cross-site scripting XSS vector within the multilingual associations component. Recommendations Update to version 2.3 or later...

8.4CVSS5.7AI score0.00216EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.11 views

PT-2026-29501

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The ajax component was excluded from the default logged-in-user check in the administrative area, which may have been unexpected by third-party developers...

7.3CVSS5.8AI score0.00249EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/01 12:0 a.m.8 views

MEPIS RM 安全漏洞

MEPIS RM is a management platform developed by the Slovenian company MEPIS, used for centralized monitoring and remote control of devices. There is a security vulnerability in MEPIS RM, which stems from the hardcoded encryption key present in the Mx.Web.ComponentModel.dll component. This...

6.7CVSS5.8AI score0.0016EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/03/31 11:58 p.m.10 views

OpenClaw's Discord component interaction ingress skips guild/channel policy enforcement

Summary Discord button and component interaction ingress did not consistently reapply the same guild and channel policy gates used for normal inbound messages. Impact Users could trigger privileged component actions from contexts that should have been blocked by Discord channel policy. Affected...

5.8AI score
Exploits0References4Affected Software1
OSV
OSV
added 2026/03/31 11:58 p.m.1 views

GHSA-JP4J-Q5FC-58GV OpenClaw's Discord component interaction ingress skips guild/channel policy enforcement

Summary Discord button and component interaction ingress did not consistently reapply the same guild and channel policy gates used for normal inbound messages. Impact Users could trigger privileged component actions from contexts that should have been blocked by Discord channel policy. Affected...

5.3CVSS5.8AI score
Exploits0References4
vulnersOsv
vulnersOsv
added 2026/03/31 11:2 p.m.9 views

org.webjars.npm:angular-tree-component (>=3.2.3 <=3.7.2), org.webjars.npm:chevrotain (>=11.0.3 <=11.1.2) +72 more potentially affected by CVE-2025-13465 +1 more via org.webjars.npm:lodash-es (>=4.17.21 <=4.17.4)

org.webjars.npm:lodash-es MAVEN version =4.17.21, =3.2.3, =11.0.3, =11.0.3, =11.0.3, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =39.0.1, =44.1.0, =39.0.1, =44.3.0 and more Source cves: CVE-2025-13465, CVE-2026-2950 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15869624...

8.2CVSS6.4AI score0.01535EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/31 5:52 p.m.27 views

CVE-2025-62184 Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component.

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none...

4.8CVSS0.00258EPSS
Exploits0References1
Rows per page
Query Builder