Chromium: CVE-2026-8516 Insufficient validation of untrusted input in DataTransfer

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-8516

Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...

CVE-2026-8516

CVE-2026-8516 affects Google Chrome (pre-148.0.7778.168) where insufficient validation of untrusted input in DataTransfer could allow a remote attacker to obtain potentially sensitive information from process memory. The attack requires convincing a user to perform specific UI gestures via a craf...

EUVD-2026-30427

Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...

CVE-2026-8516

Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity:...

PT-2026-41045

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Insufficient validation of untrusted input in DataTransfer allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convince...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs in the DataTransfer component. It could allow remote attacke...

KLA91044 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Denial of...

Linux Distros Unpatched Vulnerability : CVE-2026-7989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perfo...

CVE-2026-7989

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...

PT-2026-38182

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient data validation in DataTransfer allows a remote attacker who has compromised the renderer process to perform arbitrary read and write operations via a crafted HTML page...

EUVD-2025-0072

Malicious code in bioql PyPI...

GHSA-C3H5-H73C-29HQ Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)

Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...

Mediawiki - DataTransfer Extension Cross-Site Request Forgery (CSRF) and Cross-site Scripting (XSS)

Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...

CVE-2025-23081

Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...

CVE-2025-23081 Various security vulnerabilities in Extension:DataTransfer

Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...

CVE-2025-23081

CVE-2025-23081 describes a CSRF and XSS vulnerability in the Wikimedia Foundation MediaWiki DataTransfer Extension caused by improper neutralization of input during web page generation. Affected versions are MediaWiki DataTransfer Extension 1.39.X before 1.39.11, 1.41.X before 1.41.3, and 1.42.X ...

CVE-2025-23081 Various security vulnerabilities in Extension:DataTransfer

Cross-Site Request Forgery CSRF, Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Wikimedia Foundation Mediawiki - DataTransfer Extension allows Cross Site Request Forgery, Cross-Site Scripting XSS.This issue affects Mediawiki - DataTransf...

PT-2025-4811 · Mediawiki · Mediawiki

Name of the Vulnerable Software and Affected Versions: Mediawiki - DataTransfer Extension versions 1.39.X through 1.39.10 Mediawiki - DataTransfer Extension versions 1.41.X through 1.41.2 Mediawiki - DataTransfer Extension versions 1.42.X through 1.42.1 Description: The issue affects the Mediawik...

Mediawiki DataTransfer Extension 安全漏洞

Mediawiki DataTransfer Extension is a data transfer extension from the Wikimedia Foundation USA. A security vulnerability exists in Mediawiki DataTransfer Extension, which stems from cross-site request forgery CSRF and improper input neutralization, leaving it vulnerable to cross-site scripting X...