Lucene search
K

10182 matches found

Nuclei
Nuclei
added 4 hours ago17 views

DevDojo Voyager <=1.8.0 - Cross-Site Scripting

DevDojo Voyager through version 1.8.0 is vulnerable to reflected XSS via /admin/compass. By manipulating an authenticated user to click on a link, arbitrary Javascript can be executed. id: CVE-2024-55416 info: name: DevDojo Voyager =1.8.0 - Cross-Site Scripting author:...

3.5CVSS7.7AI score0.24095EPSS
Exploits1References4
CVE
CVE
added yesterday6 views

CVE-2026-14394

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.8AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-14405

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

9.6CVSS6.2AI score
Exploits0References3Affected Software1
CVE
CVE
added yesterday6 views

CVE-2026-14395

CVE-2026-14395 describes an out-of-bounds write in V8 impacting Google Chrome before version 150.0.7871.46. The issue allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Affected component: V8 in Chrome. Root cause: out-of-bounds write. Impact: full remote...

8.8CVSS6.2AI score
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-40826

Inappropriate implementation in TabStrip in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00163EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40817

Incorrect security UI in Omnibox in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added yesterday6 views

EUVD-2026-40809

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

6AI score0.00182EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-40761

Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00208EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40729

Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00174EPSS
Exploits0References3
NVD
NVD
added 2 days ago5 views

CVE-2026-14112

Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.3CVSS0.00218EPSS
Exploits0References2
NVD
NVD
added 2 days ago5 views

CVE-2026-14090

Insufficient validation of untrusted input in CameraCapture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Low...

9.8CVSS0.00174EPSS
Exploits0References2
NVD
NVD
added 2 days ago5 views

CVE-2026-14083

Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS0.00179EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-14072

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-14063

Out of bounds read in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via malicious network traffic. Chromium security severity: Low...

5.7CVSS0.00098EPSS
Exploits0References2
NVD
NVD
added 2 days ago4 views

CVE-2026-14034

Inappropriate implementation in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00185EPSS
Exploits0References2
CVE
CVE
added 2 days ago6 views

CVE-2026-14149

Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00238EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago18 views

CVE-2026-14146

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00202EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-14146

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00202EPSS
Exploits0
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-14140

Insufficient validation of untrusted input in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00182EPSS
Exploits0
CVE
CVE
added 2 days ago28 views

CVE-2026-14138

CVE-2026-14138 affects Google Chrome on Windows (WebAppInstalls) prior to build 150.0.7871.47. The issue is an inappropriate implementation that can enable UI spoofing via a crafted HTML page when a user is prompted to perform specific UI gestures. Impact is UI spoofing with low severity and part...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder