Analytics Insights for Google Analytics 4 < 6.3 - Open Redirect

The plugin is vulnerable to Open Redirect due to insufficient validation on the redirect oauth2callback.php file. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. id: CVE-2024-0250...

Travelpayouts <= 1.1.16 - Open Redirect

The plugin is vulnerable to Open Redirect due to insufficient validation on the travelpayoutsredirect variable. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action. id: CVE-2024-0337...

Mlflow < 2.11.0 - Path Traversal

A path traversal vulnerability exists in mlflow/mlflow version 2.11.0, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '' character can be used to insert a path into the fragment, effectively...

CVE-2026-12034

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Linux Toolkit Theming. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519258799...

CVE-2026-12025

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Network. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517153191...

Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-12016

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input DevTools. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516482138...

CVE-2026-12465

An insufficient validation of untrusted input flaw was found in the Metrics component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520189702...

Chromium: CVE-2026-11689 Insufficient validation of untrusted input in Passwords

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-12009 Insufficient validation of untrusted input  Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-53815

OpenClaw before 2026.5.19 contains an authorization bypass vulnerability in message read actions that skips channel allowlist checks. Lower-trust callers can request messages from channels not intended for them by exploiting insufficient validation in the affected feature, potentially exposing...

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.5.19 contained security vulnerabilities. These vulnerabilities stemmed from authorization bypass issues during message reading operations, resulting in bypassing channel permissio...

CVE-2026-0412

Insufficient input validation vulnerability in NETGEAR JR6150 AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014 allows administrators connected to the local network to make unauthorized modification of router software and functionality. NETGEAR JR6150 reached End-of-Support status in...

CVE-2026-11697

An insufficient validation of untrusted input flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518105731...

CVE-2026-11686

An insufficient validation of untrusted input flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517247333...

CVE-2026-11682

An insufficient validation of untrusted input flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517103584...

EUVD-2026-35892

Spring Data MongoDB repository query methods annotated with @Query that use regex parameter binding perform insufficient validation of the bound parameter. An attacker can supply a crafted string to break out of the intended regular expression quoting. Affected versions: Spring Data MongoDB 5.0.0...

CVE-2026-41696 Spring Data MongoDB Bind Parameter Literal Quoting Breakout

Spring Data MongoDB repository query methods annotated with @Query that use regex parameter binding perform insufficient validation of the bound parameter. An attacker can supply a crafted string to break out of the intended regular expression quoting. Affected versions: Spring Data MongoDB 5.0.0...

Chromium: CVE-2026-11029 Insufficient validation of untrusted input in Drag and Drop

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...