7418 matches found
CVE-2026-41482
Technical details of CVE-2026-41482 are not publicly available in the provided connected documents. Monitor for updates and refer to the initial description for basic vulnerability context (Frappe Chrome PDF Generator path traversal/LFI fixed in 16.18.3).
BIT-LIBPYTHON-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()
Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be bypassed for certain browser types the "webbrowser.open" API could have commands injected into the underlying shell. See CVE-2026-4519 for details...
EUVD-2026-41597
Insufficient ui warning of dangerous operations in Microsoft Edge Chromium-based allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-14404
Inappropriate implementation in PDFium in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted PDF file. Chromium security severity: Medium...
EUVD-2026-40523
Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...
CVE-2026-13907
CVE-2026-13907 describes an inappropriate implementation in iOSWeb in Google Chrome on iOS (versions prior to 150.0.7871.47) that could allow UI spoofing when a user is guided to perform specific UI gestures on a crafted HTML page. Impact is described as Medium (CVSS 4.2); remediation or patch de...
CVE-2026-13867
Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
lynx security update
An update is available for lynx. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Lynx is a text-based Web browser. Lynx does not display any images, but it does...
Astra Linux – Vulnerability in Python 3.11
The webbrowser.open API accepts URLs with leading hyphens, which can be treated as command-line options for certain web browsers. However, the new behavior disallows the use of leading hyphens. It is recommended that users sanitize URLs before passing them to webbrowser.open...
AlmaLinux 10 : python3.14 (ALSA-2026:28581)
The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:28581 advisory. python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open API CVE-2026-4786 python: Python: Cross-Site Scripting XSS...
ROS-20260622-73-0002
The vulnerability in Firefox is related to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
[SECURITY] Fedora 43 Update: firefox-152.0-1.fc43
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability...
[SECURITY] Fedora 43 Update: firefox-151.0.3-1.fc43
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs...
Google Chrome 访问控制错误漏洞
Google Chrome is a web browser developed by the American company Google. Google Chrome has a access control vulnerability, which stems from improper implementation of plugins...
CVE-2026-11208
An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506387278...
CVE-2026-11184
An insufficient policy enforcement flaw was found in the Actor component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502777516...
CVE-2026-11173
An out of bounds write flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502337304...
CVE-2026-10972
An use after free flaw was found in the Ozone component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513006660...
RHEL 9 : firefox (RHSA-2026:22324)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22324 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...