Lucene search
+L

90 matches found

nvd
nvd
added 6 days ago9 views

CVE-2026-41482

Frappe is a full-stack web application framework. Prior to 16.18.3, possible path traversal and local file inclusion were possible through secure local resource access in the Chrome PDF Generator. This issue is fixed in version 16.18.3...

7.1CVSS0.00338EPSS
Exploits0References6
cvelist
cvelist
added 6 days ago29 views

CVE-2026-41482 Frappe: Possible Path Traversal and Local File Inclusion via Chrome PDF Generator

Frappe is a full-stack web application framework. Prior to 16.18.3, possible path traversal and local file inclusion were possible through secure local resource access in the Chrome PDF Generator. This issue is fixed in version 16.18.3...

7.1CVSS0.00338EPSS
Exploits0References6
osv
osv
added 6 days ago3 views

CVE-2026-41482 Frappe: Possible Path Traversal and Local File Inclusion via Chrome PDF Generator

Frappe is a full-stack web application framework. Prior to 16.18.3, possible path traversal and local file inclusion were possible through secure local resource access in the Chrome PDF Generator. This issue is fixed in version 16.18.3...

7.1CVSS6.1AI score0.00338EPSS
Exploits0References8
nessus
nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13962

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass...

6.5CVSS6.2AI score0.00272EPSS
Exploits0References2
cve
cve
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13962

CVE-2026-13962 affects Google Chrome (Chromium-based) prior to 150.0.7871.47. The issue is insufficient data validation in PDF handling within the renderer process, allowing a remote attacker who has already compromised the renderer to bypass navigation restrictions via a crafted HTML page. The o...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/30 10:38 p.m.30 views

CVE-2026-13962

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

0.00272EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.7 views

PT-2026-54238

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient data validation in the PDF component allows a remote attacker who has already compromised the renderer process to bypass navigation restrictions by using a specially crafte...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
susecve
susecve
added 2026/06/10 2:31 a.m.9 views

SUSE CVE-2026-11670

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6AI score0.00224EPSS
Exploits0References3
nvd
nvd
added 2026/06/09 12:16 a.m.17 views

CVE-2026-11670

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS0.00224EPSS
Exploits0References2
susecve
susecve
added 2026/06/07 4:40 a.m.10 views

SUSE CVE-2026-11261

Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References2
euvd
euvd
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34722

Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00176EPSS
Exploits0References3
euvd
euvd
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34394

Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS6.2AI score0.0036EPSS
Exploits0References3
osv
osv
added 2026/06/05 12:17 a.m.6 views

DEBIAN-CVE-2026-11261

Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References1
nessus
nessus
added 2026/06/05 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11261

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI...

4.3CVSS5.5AI score0.00176EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/04 11:6 p.m.9 views

CVE-2026-11261

Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00176EPSS
Exploits0
cvelist
cvelist
added 2026/06/04 11:3 p.m.36 views

CVE-2026-10945

Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

0.0036EPSS
Exploits0References2
cve
cve
added 2026/06/04 11:3 p.m.25 views

CVE-2026-10945

Summary: CVE-2026-10945 is a use-after-free in Google Chrome’s PDF handling prior to 149.0.7827.53. A remote attacker could lure a user into specific UI gestures to trigger execution of arbitrary code inside the browser sandbox via a crafted PDF file. The impact is high (arbitrary code execution ...

8.8CVSS6.2AI score0.0036EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/06/04 11:3 p.m.10 views

CVE-2026-10945

Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

6.2AI score0.0036EPSS
Exploits0References2
nessus
nessus
added 2026/05/29 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-9957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

8.8CVSS5.8AI score0.0028EPSS
Exploits0References2
nvd
nvd
added 2026/05/28 11:16 p.m.10 views

CVE-2026-9957

Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

8.8CVSS0.0028EPSS
Exploits0References2
Rows per page
Query Builder