Lucene search
+L

1227 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13909

CVE-2026-13909 refers to insufficient policy enforcement in Google Chrome DevTools, allowing a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page in Chrome versions before 150.0.7871.47. The vulnerability is described across multiple...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.96 views

CVE-2026-13905

Chrome for iOS on Google Chrome (iOS) is affected by a race in versions prior to 150.0.7871.47, allowing a local attacker with physical access to potentially read confidential data from process memory. The issue is documented across CVE-2026-13905 and EUVD-2026-40591. Remediation is to upgrade to...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.28 views

CVE-2026-13899

Use after free in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00413EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:37 p.m.8 views

CVE-2026-13818

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00262EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/30 10:37 p.m.26 views

CVE-2026-13814

CVE-2026-13814 affects Google Chrome (Views) with use-after-free in the rendering/Views UI path, prior to 150.0.7871.47. Root cause: use-after-free leading to potential heap corruption. Attack flow requires user interaction (specific UI gestures) and a crafted HTML page; impact is high confidenti...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.34 views

CVE-2026-13782

Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00293EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.13 views

PT-2026-54156

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the Bluetooth component. This allows an attacker located on the same local network segment to retrieve potentially sensitive information from the proces...

9.8CVSS5.9AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54248

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Paint component allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.8 views

PT-2026-54318

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists in the GetUserMedia function. This flaw allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape b...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54127

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input allows a local attacker to execute arbitrary code inside a sandbox by using a malicious file. Recommendations Update Google Chrome on i...

9.6CVSS6.3AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.13 views

PT-2026-54154

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory via...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
CVE
CVE
added 2026/06/26 12:38 p.m.28 views

CVE-2026-57923

JetBrains YouTrack (before 2026.2.16593) is affected by CVE-2026-57923 due to improper authorization in the app configurations endpoint, which allowed modifying project settings. Root cause: inadequate access checks on the app configurations endpoint. Documented impact: potential unintended chang...

7.5CVSS5.8AI score0.00159EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/06/25 10:33 p.m.5 views

CVE-2026-40082 Cacti: Session Fixation via missing session_regenerate_id() after login

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have missing sessionregenerateid after login, leading to Session Fixation. sessionregenerateid is NOT called after successful login. The login flow at authlogin.php:203-207 directly sets $SESSIONSESSUSER...

5.4CVSS6.1AI score0.00183EPSS
Exploits1References5
CVE
CVE
added 2026/06/25 1:43 p.m.14 views

CVE-2026-46734

Dell DDPM Mac is affected by CVE-2026-46734: an Improper Certificate Validation in DDPM Mac versions prior to 2.3. The issue allows a local, low-privilege attacker (requires user interaction) to bypass protections, with potential impact on confidentiality, integrity, and availability (CVSSv3.1: 7...

7.8CVSS5.9AI score0.00064EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/06/24 12:0 a.m.10 views

CVE-2025-60467

GPAC Project/MP4Box prior to 26.02.0 is affected by a use-after-free in the gf_filter_pid_inst_swap_delete_task function (/filter_core/filter_pid.c). The issue can allow a Denial of Service when processing a crafted media file. The vulnerability is confirmed across multiple sources (NVD, CVE reco...

7.5CVSS5.9AI score0.0051EPSS
Exploits1References6Affected Software1
AstraLinux
AstraLinux
added 2026/06/23 11:48 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.5AI score0.00163EPSS
Exploits0References3
NVD
NVD
added 2026/06/20 1:16 a.m.15 views

CVE-2026-56214

Capgo before 12.128.2 contains an information disclosure vulnerability in Supabase PostgREST RPC endpoints istrialorg and ispayingorg that allows unauthenticated attackers to enumerate organizations and disclose billing status using the public sbpublishable key. Attackers can invoke these endpoin...

8.7CVSS0.00302EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/17 6:35 p.m.13 views

EUVD-2026-37518

Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00143EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/17 1:38 a.m.11 views

CVE-2026-12465

Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00242EPSS
Exploits0
CVE
CVE
added 2026/06/17 1:38 a.m.31 views

CVE-2026-12438

The CVE-2026-12438 entry corresponds to an issue in WebView for Google Chrome on Android, where an attacker who compromised the renderer process could escape the browser sandbox via a crafted HTML page. Affected product/vector: Android WebView in Chrome; root cause: inappropriate implementation i...

8.3CVSS5.4AI score0.00207EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder