Lucene search
+L

700 matches found

Github Security Blog
Github Security Blog
added 2026/07/09 1:37 p.m.7 views

Soup Sieve has Memory Exhaustion via Large Comma-Separated Selector Lists

Summary The CSS selector parser in soupsieve the CSS selector engine for Beautiful Soup 4 allocates unbounded memory when compiling large comma-separated selector lists. An attacker who can supply a crafted CSS selector string to soupsieve.compile or Beautiful Soup's .select / .selectone can caus...

7.5CVSS6AI score0.00601EPSS
Exploits0References2Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.5 views

Chromium: CVE-2026-13839 Inappropriate implementation in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00218EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.6 views

Chromium: CVE-2026-14098 Inappropriate implementation in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00229EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.8 views

Chromium: CVE-2026-14145 Inappropriate implementation in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS5.9AI score0.00154EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/07/03 2:0 p.m.7 views

Chromium: CVE-2026-14085 Side-channel information leakage in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.9AI score0.00247EPSS
Exploits0
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40832

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.5 views

EUVD-2026-40835

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00221EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40700

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40524

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-14148

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00221EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14145

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS0.00154EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-14085

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14148

Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

0.00221EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14148

CVE-2026-14148 : Type Confusion in CSS handling in Google Chrome before version 150.0.7871.47 allows a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. The vulnerability is documented across multiple feeds (NVD/ENISA/CVE records) with a Chromi...

6.5CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.28 views

CVE-2026-14098

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00229EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14085

CVE-2026-14085: A side‑channel information leakage in CSS in Google Chrome (Chromium) before 150.0.7871.47 allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected software: Google Chrome (CSS rendering path). Root cause: side‑channel exposure in CSS handling; impact i...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.29 views

CVE-2026-14085

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-14012

Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00205EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.151 views

CVE-2026-14012

This CVE describes a side-channel information leakage in CSS within Google Chrome (Chromium) prior to version 150.0.7871.47. The vulnerability allows a remote attacker to exfiltrate potentially sensitive data from process memory via a crafted HTML page. The affected component is the CSS handling ...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13839

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00218EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder