Lucene search
K

44304 matches found

CVE
CVE
added yesterday8 views

CVE-2026-14430

CVE-2026-14430 describes an integer overflow in V8 (Chromium/Google Chrome) prior to version 150.0.7871.46 , allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Affected component: V8 engine within Chrome. Impact per documents: remote code execution with...

8.8CVSS6.2AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-14420

Summary (CVE-2026-14420): Out-of-bounds read/write in Dawn (Chrome’s Dawn integration) in Google Chrome

9.6CVSS5.8AI score
Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-14389

The provided sources describe a vulnerability in Google Chrome’s Skia: an integer overflow in Skia, prior to Chrome 150.0.7871.46, could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected component: Skia inside Chro...

8.3CVSS5.9AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14414

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score
Exploits0References3Affected Software1
CVE
CVE
added yesterday4 views

CVE-2026-14401

CVE-2026-14401 affects Google Chrome on Android through ANGLE, where insufficient validation of untrusted input in ANGLE prior to 150.0.7871.46 enables a renderer-Process-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is described as high ...

8.3CVSS5.8AI score
Exploits0References2
Cvelist
Cvelist
added yesterday12 views

CVE-2026-14407

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
Chainguard
Chainguard
added yesterday3 views

CVE-2024-0741 vulnerabilities

Vulnerabilities for packages: firefox-esr...

6.5CVSS6.8AI score0.02155EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-34098

Guardian language-system fails to sanitize the id GET parameter before inserting it into HTML source and form action attributes in media.php lines 119, 129. An authenticated attacker can craft a URL that injects script tags executing in the victim's browser session...

4.8CVSS5.8AI score
Exploits0References3
Chainguard
Chainguard
added yesterday3 views

CVE-2023-5728 vulnerabilities

Vulnerabilities for packages: firefox-esr...

7.5CVSS6.8AI score0.01184EPSS
Exploits0
Chainguard
Chainguard
added yesterday1 views

CVE-2025-13023 vulnerabilities

Vulnerabilities for packages: firefox, firefox-esr...

9.8CVSS7.3AI score0.00317EPSS
Exploits0
Chainguard
Chainguard
added yesterday2 views

GHSA-7JCF-W576-JVJ3 vulnerabilities

Vulnerabilities for packages: firefox, firefox-esr...

5.8AI score
Exploits0
Chainguard
Chainguard
added yesterday3 views

CVE-2025-11710 vulnerabilities

Vulnerabilities for packages: firefox, firefox-esr...

9.8CVSS7.3AI score0.00385EPSS
Exploits0
Chainguard
Chainguard
added yesterday2 views

GHSA-5JPH-4X8H-WX83 vulnerabilities

Vulnerabilities for packages: chromium...

5.8AI score
Exploits0
Chainguard
Chainguard
added yesterday3 views

CVE-2024-3516 vulnerabilities

Vulnerabilities for packages: chromium...

8.8CVSS6.7AI score0.01EPSS
Exploits1
Wolfi
Wolfi
added yesterday3 views

CVE-2025-6428 vulnerabilities

Vulnerabilities for packages: firefox...

4.3CVSS5.8AI score0.00189EPSS
Exploits1
The Hacker News
The Hacker News
added yesterday11 views

AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both...

8.8CVSS7.2AI score0.99739EPSS
Exploits9
RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-14101

An insufficient policy enforcement flaw was found in the Sandbox component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513454805...

9.6CVSS5.7AI score0.00174EPSS
Exploits0References5
EUVD
EUVD
added yesterday4 views

EUVD-2026-40426

Capgo console.capgo.app/login before 12.128.2 accepts accesstoken and refreshtoken in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious links to force victims into attacker-controlled sessions, exposing tokens in browser history and logs...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40843

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0018EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40719

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

6.1AI score0.00134EPSS
Exploits0References3
Rows per page
Query Builder