Linux Distros Unpatched Vulnerability : CVE-2026-10020

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the rendere...

Linux Distros Unpatched Vulnerability : CVE-2026-9971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI...

Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-27136)

The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-27136 advisory. - Parsing arbitrary HTML which is then rendered using Render can result in an unexpected HTML...

Linux Distros Unpatched Vulnerability : CVE-2026-9979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process ...

Linux Distros Unpatched Vulnerability : CVE-2026-9899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a...

SillyTavern 跨站脚本漏洞

SillyTavern is a frontend interface for the SillyTavern open-source language model. Versions of SillyTavern prior to 1.18.0 had a cross-site scripting vulnerability. This vulnerability occurred when the fetchurl function was called, causing the code to send error responses containing a URL value...

HAX 安全漏洞

HAX is an open-source microsite managed using HAX+CMS with a PHP backend. Versions of HAX 26.0.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the /system/api/saveNode endpoint, which had a storage-oriented cross-site scripting vulnerability. Users with edit...

PHP-SHOP 跨站请求伪造漏洞

PHP-SHOP is an online shopping system developed by joeyrush, based on PHP. Version 1.0 of PHP-SHOP has a cross-site request forgeing vulnerability. This vulnerability stems from the lack of verification of the request source, which may allow unauthenticated attackers to add administrative users...

CVE-2026-10012

Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-9880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process ...

Linux Distros Unpatched Vulnerability : CVE-2026-9885

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-9963

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to...

Linux Distros Unpatched Vulnerability : CVE-2026-9998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a...

Linux Distros Unpatched Vulnerability : CVE-2026-9982

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process ...

Linux Distros Unpatched Vulnerability : CVE-2026-9883

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Base in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security...

Linux Distros Unpatched Vulnerability : CVE-2026-9988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML...

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to version 29 contain security vulnerabilities. These vulnerabilities stem from storing user-input category descriptions as raw HTML during Gallery view rendering. This allows...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Postorius vulnerability (USN-8323-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8323-1 advisory. It was discovered that Postorius did not properly escape HTML in message subjects when rendering the Held...

Security update for python-pytest-html (important)

openSUSE security update: security update for python-pytest-html ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20839-1 Rating: important References: bsc1266254 Cross-References: CVE-2026-9277 CVSS scores: CVE-2026-9277 SUSE : 8.1...

SUSE SLES15 Security Update : yq (SUSE-SU-2026:2096-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2096-1 advisory. This update for yq fixes the following issues - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be...