Lucene search
K

9800 matches found

OSV
OSV
added 2026/05/30 6:3 p.m.25 views

RLSA-2026:21381 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

7.5CVSS5.9AI score0.00605EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/05/30 2:18 a.m.17 views

SUSE CVE-2026-9897

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00291EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/05/30 12:0 a.m.13 views

RockyLinux 9 : firefox (RLSA-2026:21378)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21378 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

9.8CVSS6AI score0.00605EPSS
Exploits0References37
OSV
OSV
added 2026/05/29 3:16 p.m.6 views

UBUNTU-CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/29 1:53 p.m.36 views

CVE-2026-41159 Mermaid: Improper sanitization of configuration leads to CSS injection

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS0.00398EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/05/29 1:53 p.m.9 views

CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0
Snyk
Snyk
added 2026/05/29 1:18 p.m.7 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the project selector component when rendering selection menus for associating projects with system entities due to improper sanitization of project names returned via AJAX before injecting them into the DOM a...

6.1CVSS5.5AI score0.00133EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/05/29 12:30 p.m.11 views

CVE-2026-23870

A flaw was found in the React Server DOM components, including react-server-dom-webpack, react-server-dom-parcel, and react-server-dom-turbopack. A remote attacker could exploit this denial of service DoS vulnerability by sending specially crafted HTTP requests to server function endpoints. This...

7.5CVSS5.7AI score0.01533EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2026/05/29 7:35 a.m.77 views

Exploit for XPath Injection in Huggingface Smolagents

🔐 Smolagents XPath Injection Simulation Framework CVE-2025-11...

5.4CVSS6AI score0.00252EPSS
Exploits2
OSV
OSV
added 2026/05/29 5:12 a.m.14 views

MGASA-2026-0164 Updated thunderbird(-l10n) packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References4
OSV
OSV
added 2026/05/29 5:12 a.m.16 views

MGASA-2026-0165 Updated nspr, nss and firefox(-l10n) packages fix security issues

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References6
Mageia
Mageia
added 2026/05/29 5:12 a.m.16 views

Updated thunderbird(-l10n) packages fix security vulnerabilities

The updated packages fix security vulnerabilities: Incorrect boundary conditions in the Audio/Video: Web Codecs component. CVE-2026-8946 Incorrect boundary conditions in the JavaScript Engine: JIT component. CVE-2026-8388 Use-after-free in the DOM: Bindings WebIDL component. CVE-2026-8947 Other...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/29 12:38 a.m.12 views

EUVD-2026-33158

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00252EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/29 12:13 a.m.8 views

CVE-2026-9897

An use after free flaw was found in the DOM component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496271580...

9.6CVSS5.7AI score0.00291EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/29 12:7 a.m.8 views

CVE-2026-10016

An use after free flaw was found in the DOM component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=515155946...

8.8CVSS5.7AI score0.00252EPSS
Exploits0References5
OSV
OSV
added 2026/05/29 12:0 a.m.14 views

RLSA-2026:21382 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

7.5CVSS5.9AI score0.00605EPSS
Exploits0References19
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.7 views

Mermaid 代码注入漏洞

Mermaid is an open-source application software developed by mermaid-js. It uses text and code to create charts and visualizations. Versions of Mermaid prior to 10.9.6 and 11.15.0 contain a code injection vulnerability. This vulnerability stems from the default configuration, which allows CSS to b...

5.3CVSS5.9AI score0.00398EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-10016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

8.8CVSS5.8AI score0.00252EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.13 views

AlmaLinux 8 : firefox (ALSA-2026:21382)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2026:21382 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

9.8CVSS5.9AI score0.00605EPSS
Exploits0References20
NVD
NVD
added 2026/05/28 11:16 p.m.9 views

CVE-2026-9897

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00291EPSS
Exploits0References2
Rows per page
Query Builder