CVE-2026-7941

CVE-2026-7941 affects Google Chrome on Android (mobile) prior to 148.0.7778.96. The root cause is insufficient validation of untrusted input in the mobile Chrome, enabling UXSS: a local attacker could inject arbitrary scripts or HTML via a crafted Chrome Extension. Remediation is to update to ver...

CVE-2026-7939

Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

CVE-2026-0073 PoC Wireless ADB TLS Auth Bypass This directo...

CVE-2026-20172

A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email ECE could allow an authenticated, remote attacker to conduct browser-based attacks. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Agent. This...

CVE-2025-31983

HCL BigFix Service Management SM is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting XSS and potential exposure of sensitive information...

CVE-2025-31983 HCL BigFix Service Management (SM) is affected by a security misconfiguration vulnerability due to CSP header

HCL BigFix Service Management SM is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting XSS and potential exposure of sensitive information...

CVE-2025-31983

HCL BigFix Service Management SM is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting XSS and potential exposure of sensitive information...

CVE-2026-7448

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage...

EUVD-2026-27542

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'firstname' parameter in all versions up to, and including, 5.5.0 due to insufficient input sanitization and output escaping. This makes it possible for...

ex-kernel

EXPLOIT KERNEL LINUX Installation gu...

Exploit for SQL Injection in Progress Moveit_Cloud

CVE-2023-34362 MOVEit Transfer Vulnerability Analysis Proj...

RHCOS 4 : OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:4089)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:4089 advisory. - jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in...

RHCOS 4 : Red Hat OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:2662)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2662 advisory. - jenkins-plugin-script-security: Sandbox bypass through type casts in Script Security Plugin CVE-2019-10355 -...

RHCOS 3 : Red Hat OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:2651)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:2651 advisory. - jenkins-plugin-script-security: Sandbox bypass through type casts in Script Security Plugin CVE-2019-10355 -...

RHCOS 4 : OpenShift Container Platform 4.2 jenkins-2-plugins (RHSA-2019:4097)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:4097 advisory. - jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in...

RHCOS 4 : OpenShift Container Platform 4.3.35 jenkins-2-plugins (RHSA-2020:3616)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3616 advisory. - jenkins-script-security-plugin: sandbox protection bypass leads to execute arbitrary code in sandboxed scripts CVE-2019-16538 -...

PT-2026-37629

Cross Site Scripting vulnerability in Juzaweb CMS v.5.0.0 allows a remote attacker via execute arbitrary code via a crafted script to the Add Banner Ads function...

RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2019:4055)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:4055 advisory. - jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in...

PT-2026-37636

HCL BigFix Service Management SM is affected by a security misconfiguration vulnerability due to CSP header. This could allow attackers to inject malicious scripts increasing the risk of cross-site scripting XSS and potential exposure of sensitive information...

RHCOS 3 : OpenShift Container Platform 3.11 jenkins-2-plugins (RHSA-2020:2478)

The remote Red Hat Enterprise Linux CoreOS 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2478 advisory. - jenkins-git-client-plugin: OS command injection via 'git ls-remote' CVE-2019-10392 - jenkins-script-security-plugin: sandbox...