Lucene search
K

993 matches found

Nuclei
Nuclei
added 5 hours ago13 views

Custom Product Tabs for WooCommerce < 1.7.8 - Unauthenticated Toggle Content Setting Update

YIKES Inc. Custom Product Tabs for WooCommerce plugin \u003C= 1.7.7 contains a broken access control caused by improper permission checks in &yikes-the-content-toggle option update, letting attackers modify content without authorization. id: CVE-2022-28666 info: name: Custom Product Tabs for...

5.3CVSS6AI score0.01226EPSS
Exploits1References1
NVD
NVD
added 8 hours ago8 views

CVE-2026-11600

The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...

4.3CVSS
Exploits0References8
CVE
CVE
added 9 hours ago8 views

CVE-2026-11600

The CVE-2026-11600 entry concerns Envo’s Templates & Widgets for Elementor and WooCommerce (WordPress). Affected: Tabs and Off Canvas widgets up to version 1.4.26. Root cause: the Tabs widget render() passes a user-controlled template/post ID to Elementor’s get_builder_content_for_display() witho...

4.3CVSS5.7AI score
Exploits0References8
ATTACKERKB
ATTACKERKB
added 9 hours ago2 views

CVE-2026-11600

The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...

4.3CVSS5.7AI score
Exploits0References9
EUVD
EUVD
added 9 hours ago3 views

EUVD-2026-41244

The Envo's Templates & Widgets for Elementor and WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing authorization check on the Envo Tabs and Off Canvas widget's template rendering in versions up to, and including, 1.4.26. The render method of the Tabs...

4.3CVSS5.7AI score
Exploits0References8
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-14046

Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00185EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-13955

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Medium...

3.3CVSS0.00127EPSS
Exploits0References2
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-13803

Type Confusion in Chrome Tabs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00226EPSS
Exploits0References1
NVD
NVD
added 2 days ago3 views

CVE-2026-13803

Type Confusion in Chrome Tabs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago19 views

CVE-2026-13955

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Medium...

0.00127EPSS
Exploits0References2
CVE
CVE
added 2 days ago4 views

CVE-2026-13955

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-13955.

3.3CVSS5.8AI score0.00127EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-13863

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS5.8AI score0.00127EPSS
Exploits0
Cvelist
Cvelist
added 2 days ago19 views

CVE-2026-13803

Type Confusion in Chrome Tabs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00226EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13803

Type Confusion in Chrome Tabs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00226EPSS
Exploits0
CVE
CVE
added 2 days ago5 views

CVE-2026-13803

CVE-2026-13803 describes a Type Confusion in Chrome Tabs affecting Google Chrome prior to 150.0.7871.47. The root cause is a type-confusion vulnerability in the Chrome renderer that could allow a remote attacker who already compromised the renderer process to potentially escape the sandbox by pre...

8.3CVSS5.8AI score0.00226EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2026/06/19 5:4 p.m.2 views

SUSE-SU-2026:22185-1 Security update for dovecot24

This update for dovecot24 fixes the following issues - CVE-2026-27851: lib-var-expand: safe filter leaks to all following pipelines bsc1265146. - CVE-2026-33603: login: base64 input can contain tabs that bypass IPC protection bsc1265147. - CVE-2026-40016: Sieve: contains/: matches ONxM substring...

9.1CVSS5.8AI score0.00454EPSS
Exploits0References11
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS6.2AI score0.0025EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Firefox

By first using the AI chatbot in one tab and then activating it in another tab, the document title from the previous tab would be leaked into the chat prompt. This vulnerability was fixed in Firefox 137...

5.3CVSS7.5AI score0.00257EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Tabs in Google Chrome before version 127.0.6533.72 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS7AI score0.00517EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS6.2AI score0.0054EPSS
Exploits0References2
Rows per page
Query Builder