Astra Linux - уязвимость в firefox, thunderbird

Memory safety bugs exist in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145, and Thunderbird 145. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these bugs could have been exploited to execute arbitrary code. This vulnerability wa...

Astra Linux - уязвимость в firefox, thunderbird

Bypass of the same-origin policy in the DOM: Workers component. This vulnerability was fixed in Firefox 145, Firefox ESR 140.5, Thunderbird 145, and Thunderbird 140.5...

Security update for chromium (important)

openSUSE security update: security update for chromium ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20332-1 Rating: important References: bsc1259213 Cross-References: CVE-2026-3536 CVE-2026-3537 CVE-2026-3538 CVE-2026-3539 CVE-2026-3540...

CVE-2026-3542

An inappropriate implementation flaw was found in the WebAssembly component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=485152421...

CVE-2026-3543

Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2026-3538

Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-3539

Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

CVE-2026-3540

Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

Fedora 43 : cef (2026-0bced5158d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-0bced5158d advisory. Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use...

[SECURITY] Fedora 42 Update: cef-145.0.25^chromium145.0.7632.75-4.fc42

CEF is an embeddable build of Chromium, powered by WebKit Blink...

DEBIAN-CVE-2026-3063

Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via DevTools. Chromium security severity: High...

CVE-2026-3061

Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

Google Chrome < 145.0.7632.116 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 145.0.7632.116. It is, therefore, affected by multiple vulnerabilities as referenced in the 202602stable-channel-update-for-desktop23 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...

Fedora: Security Advisory (FEDORA-2026-583eef79a8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2026-2648

Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memory write via a crafted PDF file. Chromium security severity: High...

CVE-2026-2649

Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-2320

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2318

Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-2323

Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-2317

Google Chrome before version 145.0.7632.45 has an inappropriately implemented Animation component that enables a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Chrome (Desktop). Root cause: improper handling in the Animation feature within Chromium-based code...