Lucene search
K

9799 matches found

EUVD
EUVD
added 2026/06/16 11:52 a.m.9 views

EUVD-2026-37085

Sandbox escape in the DOM: Workers component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

5.2AI score0.00363EPSS
Exploits0References6
CVE
CVE
added 2026/06/16 11:52 a.m.25 views

CVE-2026-12294

CVE-2026-12294 concerns a Sandbox escape in the DOM: Workers component found in Mozilla products. The vulnerability affects Firefox (including Firefox 152 and ESR branches 140.12 and 115.37) and Thunderbird (152 and 140.12). The underlying issue is a sandbox escape in the Workers component, with ...

9.6CVSS5.2AI score0.00363EPSS
Exploits0References15Affected Software2
RedHat Linux
RedHat Linux
added 2026/06/16 6:14 a.m.6 views

firefox: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

8.1CVSS5.2AI score0.00372EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.9 views

PT-2026-49671

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Firefox ESR versions prior to 115.37 Thunderbird versions prior to 152 Thunderbird versions prior to 140.12 Description A mitigation bypass exists within the DOM security...

9.1CVSS5.8AI score0.00476EPSS
Exploits0References187
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.7 views

Mozilla Firefox < 152.0

The version of Firefox installed on the remote Windows host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-57 advisory. - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

9.8CVSS5.8AI score0.00476EPSS
Exploits0References41
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.8 views

Mozilla Firefox < 152.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 152.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-57 advisory. - Use-after-free in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 152 and Thunderbir...

9.8CVSS5.8AI score0.00476EPSS
Exploits0References41
Tenable Nessus
Tenable Nessus
added 2026/06/16 12:0 a.m.6 views

Mozilla Firefox ESR < 115.37

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.37. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-59 advisory. - Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 1...

9.6CVSS6AI score0.00476EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.7 views

PT-2026-49664

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Firefox ESR versions prior to 115.37 Thunderbird versions prior to 152 Thunderbird versions prior to 140.12 Description A sandbox escape exists within the DOM Navigation...

9.6CVSS5.9AI score0.00407EPSS
Exploits0References190
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.7 views

PT-2026-49684

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Thunderbird versions prior to 152 Thunderbird versions prior to 140.12 Description A mitigation bypass exists within the DOM security component...

9.1CVSS5.2AI score0.00476EPSS
Exploits0References187
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.7 views

PT-2026-49663

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 152 Firefox ESR versions prior to 140.12 Firefox ESR versions prior to 115.37 Thunderbird versions prior to 152 Thunderbird versions prior to 140.12 Description A sandbox escape exists within the DOM: Workers componen...

9.6CVSS5.9AI score0.00363EPSS
Exploits0References190
OSV
OSV
added 2026/06/15 8:1 p.m.10 views

GHSA-RP9W-3FW7-7CWQ DOMPurify IN_PLACE Sanitization Bypass via Attached Shadow Root Inside <template>.content

If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript: URL, even a full script -...

5.1CVSS5.2AI score0.00038EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 8:0 p.m.15 views

DOMPurify: `IN_PLACE` mode trusts attacker-controlled `nodeName` on live non-form nodes, allowing script retention and XSS via attacker-supplied DOM objects

Summary When DOMPurify.sanitizeroot, INPLACE: true is called on an attacker-supplied live DOM node, DOMPurify still trusts currentNode.nodeName for non-form nodes in the main sanitizeElements pipeline. A real child node whose observable nodeName is attacker-controlled can therefore be misclassifi...

5.5AI score
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/15 7:56 p.m.16 views

DOMPurify: Cross-realm IN_PLACE sanitization leaves executable markup intact via realm-bound `instanceof` checks

Cross-realm INPLACE sanitization leaves executable markup intact via realm-bound instanceof checks CWE: CWE-79 XSS — Improper Neutralization of Input During Web Page Generation via CWE-693 Protection Mechanism Failure — realm-bound instanceof checks fail-open on foreign-realm DOM nodes and CWE-50...

5.8AI score0.00055EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2026/06/15 5:22 p.m.50 views

@angular/compiler: Two-Way Property Binding Sanitization Bypass (XSS)

An issue in the @angular/compiler package allows bypassing DOM property sanitization through the use of two-way property bindings. Specifically, when a native DOM property that requires sanitization such as innerHTML, srcdoc, src, href, data, or sandbox is bound using the two-way binding syntax...

6.1CVSS5.7AI score0.00195EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/06/15 5:22 p.m.6 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the two-way property binding. An attacker can execute arbitrary JavaScript in the context of the user's browser by supplying crafted input to a sensitive DOM property bound with two-way binding syntax. Note:...

8.3CVSS5.9AI score0.00195EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/06/15 3:16 p.m.10 views

Angular Client Hydration DOM Clobbering & Response-Cache Poisoning

To optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via provideClientHydration. During SSR, Angular serializes the application's runtime state such as cached HttpClient responses and outputs it into the HTML stream as a tag with a predictable...

8.6CVSS5.4AI score0.00179EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/06/15 3:16 p.m.4 views

GHSA-RGJC-H3X7-9MWG Angular Client Hydration DOM Clobbering & Response-Cache Poisoning

To optimize client-side bootstrap in Server-Side Rendered SSR environments, Angular supports Hydration via provideClientHydration. During SSR, Angular serializes the application's runtime state such as cached HttpClient responses and outputs it into the HTML stream as a tag with a predictable...

8.6CVSS5.5AI score0.00179EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49581

Name of the Vulnerable Software and Affected Versions Angular versions prior to 22.0.1 Angular versions prior to 21.2.17 Angular versions prior to 20.3.25 Description An issue in the @angular/compiler package allows bypassing DOM property sanitization when using two-way property bindings. When a...

5.3CVSS6AI score0.00195EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49559

If the HTML you give it contains a element, and inside that template there's an element with a shadow DOM attached to it, DOMPurify quietly skips over the shadow contents. Whatever the attacker put in there - an image with an onerror handler, a link with a javascript: URL, even a full script -...

5.1CVSS5.1AI score0.00038EPSS
Exploits0References3
NVD
NVD
added 2026/06/11 9:16 a.m.12 views

CVE-2023-33999

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in WPVibes WP Mail Log allows DOM-Based XSS. This issue affects WP Mail Log: from n/a through 1.0.2...

7.1CVSS0.00284EPSS
Exploits0References1
Rows per page
Query Builder