CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

CVE-2026-35080 Arbitrary file delete vulnerability in method ugw-restoreinfo

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

Chromium: CVE-2026-9977 Insufficient validation of untrusted input in WebShare

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-9979 Insufficient validation of untrusted input in Input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-9986

An insufficient validation of untrusted input flaw was found in the OptimizationGuide component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513028160...

CVE-2026-9987

An insufficient validation of untrusted input flaw was found in the WebAppInstalls component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513046475...

CVE-2026-9982

An insufficient validation of untrusted input flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513001247...

CVE-2026-9979

An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511742228...

CVE-2026-9903

An insufficient validation of untrusted input flaw was found in the Site Isolation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498783665...

CVE-2026-10021

An insufficient validation of untrusted input flaw was found in the USB component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497327715...

CVE-2026-9986

The CVE-2026-9986 entry concerns the Chromium-based Google Chrome component OptimizationGuide. Affected product: Google Chrome (OptimizationGuide in Chromium). The flaw is insufficient validation of untrusted input, exploitable when an attacker who has compromised the renderer process crafts an H...

CVE-2026-9950

Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

CVE-2026-4646

Mattermost has an input-validation flaw in the API request handlers used by the PR details endpoint. Affected versions are 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, and 10.11.x

Chromium: CVE-2026-8527 Insufficient validation of untrusted input in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-8579

An insufficient validation of untrusted input flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496526419...

CVE-2026-8516

An insufficient validation of untrusted input flaw was found in the DataTransfer component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496393078...

CVE-2026-8579

Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. Chromium security severity: Medium...

CVE-2026-8538

Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. Chromium security severity: High...

EUVD-2026-30444

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. Chromium security severity: High...

CVE-2026-1659

GitLab CE/EE: CVE-2026-1659 affects all versions before 18.9.7 (9.0–18.9.x), 18.10 before 18.10.6, and 18.11 before 18.11.3. An unauthenticated user could cause a denial-of-service by sending specially crafted requests due to insufficient input validation. Remediation: patch releases have been is...