Lucene search
+L

5130 matches found

OSV
OSV
added 5 days ago4 views

DEBIAN-CVE-2026-15774

Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS6.1AI score0.00221EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-15774

Use after free in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00221EPSS
Exploits0References2
NVD
NVD
added 5 days ago5 views

CVE-2026-15778

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00263EPSS
Exploits0References2
OSV
OSV
added 5 days ago5 views

DEBIAN-CVE-2026-15771

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS6.1AI score0.00274EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-15769

Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00236EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-15772

Use after free in GPU in Google Chrome on Android prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00221EPSS
Exploits0References2
NVD
NVD
added 5 days ago4 views

CVE-2026-15771

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS0.00274EPSS
Exploits0References2
Cvelist
Cvelist
added 5 days ago37 views

CVE-2026-15778

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

0.00263EPSS
Exploits0References2
CVE
CVE
added 5 days ago11 views

CVE-2026-15778

CVE-2026-15778 affects Google Chrome navigation logic prior to version 150.0.7871.125, due to insufficient validation of untrusted input in Navigation. An attacker who compromises the renderer could bypass navigation restrictions via a crafted HTML page. The issue is addressed in Chrome 150.0.787...

6.5CVSS6.1AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago15 views

CVE-2026-15774

CVE-2026-15774 is a Use-after-free in Skia affecting Google Chrome prior to 150.0.7871.125. The issue could allow a remote attacker (with renderer access) to escape the Chrome sandbox via a crafted HTML page. Public references show a Chrome security update (Stable Channel) and list this CVE among...

8.3CVSS6.1AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago9 views

CVE-2026-15772

The CVE-2026-15772 entry describes a Use-After-Free in the GPU component of Google Chrome on Android prior to version 150.0.7871.125, which could allow a remote attacker who already compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The issue is classified...

8.3CVSS6.2AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago114 views

CVE-2026-15771

CVE-2026-15771 affects Google Chrome on Windows prior to 150.0.7871.125. The vulnerability arises from insufficient validation of untrusted input in the Media component, allowing a remote attacker who has compromised the renderer process to potentially read sensitive information from process memo...

5.3CVSS6.1AI score0.00274EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago10 views

CVE-2026-15769

CVE-2026-15769 concerns insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 150.0.7871.125, potentially allowing a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. The Chrome update notes roll-out of 150.0.7871....

8.3CVSS6.2AI score0.00236EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-58737

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description A use after free issue in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved by using a crafted HTML page...

8.3CVSS6.1AI score0.00221EPSS
Exploits0References20
Positive Technologies
Positive Technologies
added 5 days ago5 views

PT-2026-58741

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.125 Description Insufficient validation of untrusted input in Navigation allows a remote attacker who has compromised the renderer process to bypass navigation restrictions using a crafted HTML page...

8.8CVSS5.6AI score0.00315EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 5 days ago6 views

PT-2026-58734

Name of the Vulnerable Software and Affected Versions Google Chrome on Windows versions prior to 150.0.7871.125 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to obtain potentially sensitive informati...

9.6CVSS5.6AI score0.00328EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 5 days ago8 views

PT-2026-58735

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.125 Description A use after free issue in the GPU component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achiev...

8.3CVSS6.1AI score0.00268EPSS
Exploits0References20
EUVD
EUVD
added 2026/07/10 8:37 p.m.7 views

EUVD-2026-39128

SiYuan: Stored XSS to RCE via Unsanitized Attribute View Asset Cell Content...

9.9CVSS6.1AI score0.0044EPSS
Exploits0References2
NVD
NVD
added 2026/07/09 11:17 p.m.7 views

CVE-2026-59855

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, Asset.render in app/src/asset/index.ts interpolates the unsanitized this.path value into HTML assigned to innerHTML, allowing a crafted asset link containing a double quote to break out of the src attribute, inject an...

8.6CVSS0.00305EPSS
Exploits0References3
NVD
NVD
added 2026/07/09 11:17 p.m.8 views

CVE-2026-59833

SiYuan is an open-source personal knowledge management system. Prior to 3.7.1, SiYuan renders note and package content to HTML through the Lute engine with sanitization enabled, but Lute's dangerous javascript scheme block does not check form action or SVG xlink:href attributes, allowing stored...

8.6CVSS0.00388EPSS
Exploits0References3
Rows per page
Query Builder