PT-2026-46516

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. V8 is the open-source high-performance JavaScript and...

PT-2026-46504

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46470

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Out of bounds memory access in Skia allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Out of bounds memory access occurs when a program...

PT-2026-46457

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Script injection in Headless mode allows a remote attacker to execute arbitrary code through a crafted HTML page. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-46422

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code through malicious network traffic. Use after free is a memory corruption flaw that occurs when an...

PT-2026-46737

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46652

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Compositing allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that...

PT-2026-46604

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue in CSS allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Type confusion occurs when a program accesses a...

VulnCheck KEV: CVE-2026-7465

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server...

EUVD-2026-33966

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the setgetparam.cgi component...

PT-2026-45834

Name of the Vulnerable Software and Affected Versions React Router versions 7.0.0 through 7.14.1 Description When using Framework Mode, a combination of steps could allow unauthorized remote code execution RCE through external requests. This occurs because the vendored turbo-stream v2 can be abus...

PT-2026-46520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox. This is achieved by convincing a user to perform specific UI gestures while interacting...

PT-2026-46424

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Ozone allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free is a memory corruption flaw that occurs when an applicatio...

IBM WebSphere Application Server 8.5.x < 8.5.5.30 / 9.x < 9.0.5.29 RCE (7274738)

The version of IBM WebSphere Application Server running on the remote host is affected by a remote code execution vulnerability as referenced in the 7274738 advisory. - IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrust...

Linux Distros Unpatched Vulnerability : CVE-2026-10532

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of untrusted data vulnerability in QOS.CH Sarl logback logback-core HardenedObjectInputStream logback-core modules allows Object Injection, albe...

PT-2026-46579

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory corruption flaw that...

Collibra Agent contains improper authentication and path traversal vulnerabilities

Overview The Collibra Platform Agent contains vulnerabilities that can be chained by a remote, unauthenticated attacker to achieve remote code execution. An attacker can exploit these issues by uploading a crafted ZIP archive that writes attacker-controlled files to arbitrary locations on the...

PT-2026-46698

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in Blink allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. An integer overflow occurs when an arithmetic...

PT-2026-46657

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Media component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free occurs when ...

PT-2026-46433

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in V8, the open-source JavaScript and WebAssembly engine, allows a remote attacker to execute arbitrary code within a sandbox by enticing a user to open ...