CVE-2026-39835 affecting package moby-engine for versions less than 25.0.3-18

CVE-2026-39835 affecting package moby-engine for versions less than 25.0.3-18. A patched version of the package is available...

PT-2026-46492

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46650

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in ANGLE Almost Native Graphics Layer Engine, an abstraction layer that allows OpenGL ES to run on various graphics APIs allows a remote attacker to obtain...

PT-2026-46603

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in V8 allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out of bounds read occurs when the...

PT-2026-46665

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in ANGLE Almost Native Graphics Layer Engine, a compatibility layer between OpenGL ES and native graphics APIs, allows a remote attacker to leak cross-origin data...

ALSA-2026:22643 Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

PT-2026-46493

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46700

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in V8, the JavaScript and WebAssembly engine. This allows a remote attacker who has already compromised the renderer process to execute arbitrary code with...

PT-2026-45823

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 151.0.3 Description A JIT miscompilation occurs within the JIT component of the JavaScript Engine. JIT Just-In-Time compilation is a method used to improve the execution speed of programs by compiling code during...

PT-2026-46520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox. This is achieved by convincing a user to perform specific UI gestures while interacting...

PT-2026-46433

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in V8, the open-source JavaScript and WebAssembly engine, allows a remote attacker to execute arbitrary code within a sandbox by enticing a user to open ...

PT-2026-46579

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory corruption flaw that...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefox: Sandbox escape in the Profile Backup component...

CVE-2026-49121

AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...

CVE-2026-49121

CVE-2026-49121 affects AI Tensor Engine for ROCm (AITER) up to version 0.1.14. The vulnerability exists in the MessageQueue.recv() function in shm_broadcast.py, where an unauthenticated remote attacker can deliver a crafted pickle payload to a ZMQ SUB socket (no authentication, no HMAC, no format...

firefox: thunderbird: Incorrect boundary conditions in the JavaScript Engine: JIT component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the JavaScript Engine: JIT component...

firefox: thunderbird: Other issue in the JavaScript Engine component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Other issue in the JavaScript Engine component...

CVE-2026-42683

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

CVE-2026-42683

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...

EUVD-2026-33653

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows DOM-Based XSS. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.8...