PT-2026-41091

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.168 Description Side-channel information leakage in Navigation allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Side-channel attacks are methods used to extra...

PT-2026-41092

Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 148.0.7778.168 Description Insufficient policy enforcement in the IFrame Sandbox allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google...

PT-2026-40869

The The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to stored cross-site scripting via the menu hover click parameter of the Navigation Menu Lite widget in all versions up to, and including, 6.4.11 due to...

CVE-2026-44439

PlaywrightCapture is vulnerable prior to version 1.39.6: an attacker-controlled page could abuse browser redirect mechanisms (e.g., window.location.href) to cause the capture process to open file:// URLs or access resources at private/loopback/non-public IPs, enabling potential SSRF and leakage o...

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...

CVE-2026-44548

ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php causes a logged-in ChurchCRM user with the relevant role to silently delete records,...

CVE-2026-44548

ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php causes a logged-in ChurchCRM user with the relevant role to silently delete records,...

EUVD-2026-29885

ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php causes a logged-in ChurchCRM user with the relevant role to silently delete records,...

ChurchCRM 跨站请求伪造漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.3.2 contained a cross-site request forgeing vulnerability. This vulnerability originated from a top-level cross-site GET navigation request and could potentially allow logged-in users to delete records...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability, which was caused by a side-channel information leakage issue in the Navigation component. This vulnerability could allow remote attackers to leak...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the IFrame Sandbox component, which could allow remote attackers to bypass navigation...

Do Androids Dream of Breaking the Game? Systematically Auditing AI Agent Benchmarks with BenchJack

Agent benchmarks have become the de facto measure of frontier AI competence, guiding model selection, investment, and deployment. However, reward hacking, where agents maximize a score without performing the intended task, emerges spontaneously in frontier models without overfitting. We argue tha...

webkitgtk: Processing maliciously crafted web content may bypass Same Origin Policy

A flaw was found in WebKitGTK. Processing malicious web content can cause a cross-origin issue in the Navigation API due to improper input validation and result in a bypass of the same origin policy...

CVE-2026-7967

An insufficient validation of untrusted input flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497365545...

CVE-2026-7959

An inappropriate implementation flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496645205...

CVE-2026-7956

An use after free flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496463315...

SUSE CVE-2026-7915

Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-7932

Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-7934

Insufficient validation of untrusted input in Popup Blocker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-7937

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...