PT-2026-48767

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description A use after free issue in the Autofill component on Mac allows a remote attacker to potentially exploit heap corruption, which occurs when a program continues to use a pointer after it...

PT-2026-48760

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description A use after free issue in the Media component on Windows allows a remote attacker to potentially exploit heap corruption, which occurs when a program continues to use a pointer after i...

PT-2026-48779

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description An out of bounds read exists in VideoCapture, which allows a remote attacker who has compromised the GPU process to obtain potentially sensitive information from process memory by usin...

PT-2026-48774

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.115 Description A use after free issue in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use...

PT-2026-48771

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted HTML pag...

Gitlab -- vulnerabilities

Gitlab reports: Improper Access Control issue in Group SAML Identity API impacts GitLab EE Cross-site Scripting issue in Analytics Dashboard impacts GitLab EE Denial of Service issue in Grape API JSON parsing middleware impacts GitLab CE/EE HTML injection issue in certain group setting fields...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a resource management vulnerability, which stemmed from a reuse issue in the Autofill component. This vulnerability could allow remote attackers to exploit heap corruption through...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by a heap buffer overflow in the GPU. This vulnerability could allow a remote attacker with access to the renderer process to execute a sandbox escap...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.115, there was a resource management vulnerability. This vulnerability stemmed from the Views component reusing resources after they were released, which could allow remote attackers to exploit heap corruption...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a buffer overflow vulnerability. This vulnerability stemmed from an out-of-bound read operation in the VideoCapture component, which could allow remote attackers to obtain sensitive...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by an out-of-bound write issue in the GPU component. This vulnerability could allow remote attackers to execute sandbox escape through a specially...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reusing of resources after they were released by the Autofill component. It could allow remot...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a buffer overflow vulnerability, which was caused by an out-of-bounds read issue in the Video component. This vulnerability could allow remote attackers to obtain sensitive...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a security vulnerability caused by improper implementations in the Views component. This vulnerability could allow remote attackers to execute a sandbox escape by exploiting a...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.115, there was a resource management vulnerability that stemmed from issues with reusing resources after their release in the Media component. This vulnerability could allow remote attackers to exploit heap...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.115, there was a resource management vulnerability that stemmed from the reuse of resources after they were released in Core. This vulnerability could allow remote attackers to execute arbitrary code through a...

VMware Spring Web Flow 跨站脚本漏洞

VMware Spring Web Flow is a web application flow management framework developed by VMware, Inc. Versions 4.0.0, 3.0.0 to 3.0.1, and 2.5.0 to 2.5.1 of VMware Spring Web Flow have cross-site scripting vulnerabilities. These vulnerabilities stem from the JavaScript RemotingHandler’s ability to rende...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.115 contained a vulnerability related to input validation. This vulnerability stemmed from improper implementations in the DevTools component, which could allow remote attackers to execute a...

CVE-2026-46492

md-fileserver allows for local viewing of markdown files in a browser. Prior to version 1.10.3, a cross-site scripting XSS vulnerability exists in the application’s Markdown rendering logic. When user-supplied Markdown content is rendered, embedded raw HTML—including...

CVE-2026-53742

CVE-2026-53742 affects the WordPress plugin Simple Link Directory up to version 9.0.4. The issue is a Stored XSS via embed shortcode attributes: the embedder template echoes shortcode attributes into HTML data attributes without escaping. Attackers with contributor access can craft a shortcode at...