Graphite <=1.1.5 - Server-Side Request Forgery

Graphite's sendemail in graphite-web/webapp/graphite/composer/views.py in versions up to 1.1.5 is vulnerable to server-side request forgery SSRF. The vulnerable SSRF endpoint can be used by an attacker to have the Graphite web server request any resource. The response to this SSRF request is...

GHSA-QW48-84F6-28GV Graphite Has a Pickle Deserialization Vulnerability

Impact Type of vulnerability: Insecure Deserialization via Python's pickle module. Who is impacted: Users of Graphite graph database engine versions before 0.2 who load database files from untrusted or third-party sources. An attacker could craft a malicious database file that executes arbitrary...

Graphite Has a Pickle Deserialization Vulnerability

Impact Type of vulnerability: Insecure Deserialization via Python's pickle module. Who is impacted: Users of Graphite graph database engine versions before 0.2 who load database files from untrusted or third-party sources. An attacker could craft a malicious database file that executes arbitrary...

OPENSUSE-SU-2026:20654-1 Security update for grafana

This update for grafana fixes the following issues: Changes in grafana: - Update to version 11.6.11: Features and enhancements: Alerting: Add limits for the size of expanded notification templates Correlations: Remove support for orgid=0 Security: CVE-2026-21722: Public dashboards annotations: us...

ICE Uses Graphite Spyware

ICE has admitted that it uses spyware from the Israeli company Graphite...

Chromium: CVE-2026-6304 Use after free in Graphite

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-6304

An use after free flaw was found in the Graphite component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496393742...

EUVD-2026-23050

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6304

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6304

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6304

CVE-2026-6304 covers a use-after-free in Graphite within Google Chrome prior to version 147.0.7727.101 . The issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape via a crafted HTML page . The vulnerability affects Chrome’s Graphit...

CVE-2026-6304

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6304

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6304

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6304

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Stable Channel Update for Desktop

The Stable channel has been updated to 147.0.7727.101/102 for Windows/Mac and 147.0.7727.101 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

Linux Distros Unpatched Vulnerability : CVE-2026-6304

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Graphite component allowing for post-release reuse, which could enable remote attackers who have infiltrated the...

KLA90990 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in ANGLE can be exploited...

PT-2026-33142

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in Graphite allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Use after free...