Lucene search
K

7 matches found

Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.8 views

CVE-2026-14129

Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.2CVSS5.8AI score0.00154EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54404

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An inappropriate implementation in the PreviewTab allows a remote attacker to perform UI spoofing via a crafted HTML page. This occurs when a user is convinced to engage in...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Cvelist
Cvelist
added 2026/06/03 12:0 a.m.46 views

CVE-2026-39107

A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is...

0.0027EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/03 12:0 a.m.18 views

EUVD-2026-34156

A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is...

6.3CVSS6AI score0.0027EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.5 views

CVE-2026-39107

A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is...

6.3CVSS6AI score0.0027EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/03 12:0 a.m.9 views

CVE-2026-39107

A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is...

6AI score0.0027EPSS
Exploits0References2
CVE
CVE
added 2026/06/03 12:0 a.m.25 views

CVE-2026-39107

CVE-2026-39107 affects the Kimi AI v1.0 web interface, specifically the Preview feature. The issue is a Cross Site Scripting vulnerability where HTML/JavaScript payloads generated by the AI model are not properly sanitized or encoded, causing the payload to be rendered into the DOM when users vie...

6.3CVSS6AI score0.0027EPSS
Exploits0References2
Rows per page
Query Builder