PT-2026-47474

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in FullScreen on Windows, which could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free is a...

CVE-2026-49494 Comodo Internet Security Inspect.sys IPv6 Integer Underflow Remote Denial of Service

Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value taken from the IPv6 fixed header's payload length field by the size of each IPv6 extension header without validating it, so...

OPENSUSE-SU-2026:20916-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 149 149.0.7827.53 stable boo1267706: CVE-2026-10881: Out of bounds read and write in ANGLE CVE-2026-10882: Use after free in Network CVE-2026-10883: Out of bounds write in ANGLE CVE-2026-10884: Use after free in...

SUSE CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10908

An use after free flaw was found in the FullScreen component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505045913...

PT-2026-47183

Name of the Vulnerable Software and Affected Versions Comodo Internet Security affected versions not specified Description The firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value, derived from the IPv6...

SUSE CVE-2026-50263

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

CVE-2025-48616

In multiple functions of KeyguardViewMediator.java , there is a possible way to bypass lockdown mode with screen pinning due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitatio...

CVE-2026-34849

UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-49318

Incorrect behavior order in the Infotainment / Digital Round display of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the PIN entry screen. The Infotainment uses presence of Wireless Control Module WCM traffic during its boot window as a...

CVE-2026-28965

A privacy issue was addressed with improved checks. This issue is fixed in iOS 26.5 and iPadOS 26.5. A user may be able to view restricted content from the lock screen...

CVE-2026-8669

Imager versions through 1.030 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match...

CVE-2026-2810

Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death BSOD. Successful...

CVE-2026-39309

Trilium Notes is a cross-platform, hierarchical note taking application focused on building large personal knowledge bases. In versions 0.102.1 and prior, the Electron configuration is vulnerable to TCC Bypass via Prompt Spoofing, allowing local attackers to trigger misleading macOS permission...

CVE-2026-49194

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...

CVE-2026-50263

CVE-2026-50263 affects the X.Org X server and Xwayland. The flaw is a use-after-free in CreateSaverWindow() that can cause a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure. Impact is confidentiality (information disclosure) wit...

EUVD-2026-34357

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-10908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentiall...

CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-49194

The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...