Lucene search
+L

790 matches found

euvd
euvd
added 6 days ago6 views

EUVD-2026-42909

In JetBrains YouTrack before 2026.2.17012 cSS injection via Mermaid diagram rendering was possible...

3.5CVSS6.1AI score0.00135EPSS
Exploits0References1
github
github
added 2026/07/09 1:37 p.m.7 views

Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

Summary The CSS selector parser in soupsieve the CSS selector engine for Beautiful Soup 4 allocates unbounded memory when compiling large comma-separated selector lists. An attacker who can supply a crafted CSS selector string to soupsieve.compile or Beautiful Soup's .select / .selectone can caus...

7.5CVSS6AI score0.00601EPSS
Exploits0References2Affected Software1
euvd
euvd
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40832

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score0.00154EPSS
Exploits0References3
euvd
euvd
added 2026/07/01 12:34 a.m.4 views

EUVD-2026-40835

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00221EPSS
Exploits0References3
euvd
euvd
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40700

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References3
euvd
euvd
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40524

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3
nvd
nvd
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14148

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00221EPSS
Exploits0References2
nvd
nvd
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14145

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS0.00154EPSS
Exploits0References2
osv
osv
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14085

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References1
nvd
nvd
added 2026/06/30 11:17 p.m.4 views

CVE-2026-14012

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00205EPSS
Exploits0References2
cve
cve
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14148

CVE-2026-14148 : Type Confusion in CSS handling in Google Chrome before version 150.0.7871.47 allows a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. The vulnerability is documented across multiple feeds (NVD/ENISA/CVE records) with a Chromi...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14148

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

0.00221EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14098

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00229EPSS
Exploits0References2
cve
cve
added 2026/06/30 10:39 p.m.18 views

CVE-2026-14085

CVE-2026-14085: A side‑channel information leakage in CSS in Google Chrome (Chromium) before 150.0.7871.47 allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected software: Google Chrome (CSS rendering path). Root cause: side‑channel exposure in CSS handling; impact i...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/30 10:39 p.m.27 views

CVE-2026-14085

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00247EPSS
Exploits0References2
cve
cve
added 2026/06/30 10:38 p.m.149 views

CVE-2026-14012

This CVE describes a side-channel information leakage in CSS within Google Chrome (Chromium) prior to version 150.0.7871.47. The vulnerability allows a remote attacker to exfiltrate potentially sensitive data from process memory via a crafted HTML page. The affected component is the CSS handling ...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-14012

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00205EPSS
Exploits0References2
cve
cve
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13943

CVE-2026-13943 affects Google Chrome on Android and is caused by uninitialized use in CSS. A crafted HTML page can allow a remote attacker to read potentially sensitive information from process memory. Affected version range is Chrome on Android prior to 150.0.7871.47; the issue is mitigated by u...

6.5CVSS5.8AI score0.00326EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13839

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3Affected Software1
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.12 views

PT-2026-54373

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Cross-origin data leakage occurs when a website accesse...

9.6CVSS6AI score0.00413EPSS
Exploits0References447
Rows per page
Query Builder