1035501 matches found
CVE-2026-11696
An uninitialized use flaw was found in the Video component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517993381...
CVE-2026-11693
An inappropriate implementation flaw was found in the Plugins component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517644287...
CVE-2026-11682
An insufficient validation of untrusted input flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517103584...
CVE-2026-11677
A race flaw was found in the Network component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516979551...
CVE-2026-11671
An use after free flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516608438...
CVE-2026-11669
An integer overflow flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=515429352...
CVE-2026-11663
An use after free flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513820666...
CVE-2026-11659
An insufficient validation of untrusted input flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513702971...
CVE-2026-11655
An integer overflow flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513396305...
CVE-2026-11650
An use after free flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511279942...
CVE-2026-11642
An use after free flaw was found in the Web Apps component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517678820...
CVE-2026-11640
An integer overflow flaw was found in the libyuv component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517339758...
CVE-2026-11639
An use after free flaw was found in the Compositing component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517227707...
CVE-2026-11637
An use after free flaw was found in the Views component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517040438...
CVE-2026-11632
An use after free flaw was found in the TabStrip component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516707881...
CVE-2026-11629
An use after free flaw was found in the Ozone component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516674532...
Critical Unauthenticated Authentication Bypass Vulnerability Patched in UpdraftPlus WordPress Plugin
On June 2nd, 2026, we received a submission for a critical Unauthenticated Authentication Bypass vulnerability in UpdraftPlus, a WordPress plugin with more than 3 million active installations. Although the plugin has such a large install base, the vulnerability is only exploitable on sites that...
org.eclipse.jetty.ee10/jetty-ee10: early return from the JASPIAuthenticator class without clearing ThreadLocal variables
A flaw was found in Eclipse Jetty. The JASPIAuthenticator class is responsible for handling authentication checks. During these checks, the class sets two ThreadLocal variables to store authentication state. Under certain conditions, the authentication process can return early without properly...
CVE-2026-45569
Roxy-WI path-traversal patch in commit d4d10006 uses a tuple-membership check, which can bypass common ../../ payloads; no publicly available patches yet.
CVE-2026-45565 Roxy-WI: EscapedString validator skips its '..' block when stripping (root cause for several path-traversal/RCE vectors)
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, EscapedString app/modules/roxywi/classmodels.py:16-30 is the centralised Pydantic validator used on dozens of fields including SSH credential name, username, description, etc. Its...