16 matches found
CVE-2026-11241
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11259
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11241
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11241
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11069
The CVE-2026-11069 entry describes a vulnerability in the Cast component of Google Chrome. It arises from insufficient validation of untrusted input and affects Chrome versions prior to 149.0.7827.53. A remote attacker could bypass the same-origin policy by presenting a crafted HTML page, potenti...
SUSE CVE-2026-8005
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...
EUVD-2026-28117
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-8005
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...
CVE-2026-8007
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-8005
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...
CVE-2026-8005
Summary: CVE-2026-8005 in Google Chrome involves insufficient validation of untrusted input in the Cast component, enabling a local-network attacker to bypass the same-origin policy. Affected software/area: Google Chrome prior to 148.0.7778.96 (Cast). Root cause / scope: Insufficient input valida...
CVE-2026-8005
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...
CVE-2026-8005
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. Chromium security severity: Low...
PT-2026-38198
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Cast allows an attacker on the local network segment to bypass the same origin policy via malicious network traffic. The same origin policy...
CVE-2026-34593
Ash Framework is a declarative, extensible framework for building Elixir applications. Prior to version 3.22.0, Ash.Type.Module.castinput/2 unconditionally creates a new Erlang atom via Module.concatvalue for any user-supplied binary string that starts with "Elixir.", before verifying whether the...
Ash Framework 资源管理错误漏洞
Ash Framework is an open-source framework used for building Elixir applications. Versions of Ash Framework prior to 3.22.0 contained a resource management vulnerability. This vulnerability stems from Ash.Type.Module.castinput/2, which “Elixir.”, thereby creating new Erlang atoms. This could lead ...