PT-2026-50188

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2026-50196

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data, which is data from a different domain than the one serving the current...

PT-2026-50217

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in Extensions allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A use after free...

PT-2026-50213

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.155 Description An inappropriate implementation in Views allows a remote attacker who has compromised the renderer process to inject arbitrary scripts or HTML via a crafted HTML page. This...

PT-2026-50212

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use-after-free issue exists in the Media component. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. A remote...

Cross-site Scripting (XSS)

Astro is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to improper HTML escaping of named slot content inserted into the data-astro-template attribute when using client: directives, which allows an attacker to break out of the attribute context and inject arbitrary HTML or...

CVE-2026-12323

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

CVE-2026-12299

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CVE-2026-12323 Spoofing issue in the DOM: Core & HTML component

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

EUVD-2026-37069

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

CVE-2026-12323 Spoofing issue in the DOM: Core & HTML component

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

CVE-2026-12323

CVE-2026-12323 describes a spoofing issue in the DOM: Core & HTML component. The vulnerability affected Mozilla Firefox and Thunderbird and was fixed in Firefox 152 and Thunderbird 152. The available references confirm the DOM spoofing flaw and its patch in version 152. Practical impact is modest...

CVE-2026-12323

Spoofing issue in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152 and Thunderbird 152...

CVE-2026-12299 JIT miscompilation in the DOM: Core & HTML component

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CVE-2026-12299 JIT miscompilation in the DOM: Core & HTML component

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

EUVD-2026-37090

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CVE-2026-12299

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CVE-2026-12299

JIT miscompilation in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12...

CVE-2026-12299

CVE-2026-12299 corresponds to a JIT miscompilation in the DOM: Core & HTML component. The issue affects Mozilla Firefox and related products; it has been fixed in Firefox 152, Firefox ESR 140.12, Firefox ESR 115.37, Thunderbird 152, and Thunderbird 140.12. Debian and OSV entries corroborate the s...

Dolibarr <7.0.2 - Cross-Site Scripting

Dolibarr before 7.0.2 is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php. id: CVE-2018-10095 info: name: Dolibarr 7.0.2 - Cross-Site Scripting author: pikpikcu severity: medium...