CVE-2026-11679

Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11679

Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

CVE-2026-11668

CVE-2026-11668 concerns Google Chrome on Linux and ChromeOS versions before 149.0.7827.103, with an uninitialized use in codecs leading to potential cross-origin data leakage via a crafted video file. The issue is described as high severity; affected: Chrome on Linux/ChromeOS prior to the listed ...

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

Security Bulletin: IBM Datapower Operations Dashboard is vulnerable to HTTP Request Smuggling CVE-2025-58056

Summary Netty is used by the IBM Datapower Operations Dashboard as part of their server implementation Vulnerability Details CVEID:CVE-2025-58056 DESCRIPTION: Netty is an asynchronous event-driven network application framework for development of maintainable high performance protocol servers and...

PT-2026-47505

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in Codecs. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially...

PT-2026-47494

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux and ChromeOS versions prior to 149.0.7827.103 Description An uninitialized use in codecs allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that initiated the request, ...

Amazon Linux 2 : firefox, --advisory ALAS2FIREFOX-2026-061 (ALASFIREFOX-2026-061)

The version of firefox installed on the remote host is prior to 140.11.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2FIREFOX-2026-061 advisory. Three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming...

Amazon Linux 2 : thunderbird, --advisory ALAS2-2026-3340 (ALAS-2026-3340)

The version of thunderbird installed on the remote host is prior to 140.11.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3340 advisory. Three inter-frame chunk discard paths in the push-mode APNG parser clear the chunk-header flag without consuming th...

CVE-2026-11208

An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506387278...

CVE-2026-11198

An insufficient validation of untrusted input flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504395300...

CVE-2026-11094

An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500174874...

CVE-2026-11095

An insufficient validation of untrusted input flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500293394...

CVE-2026-11079

An insufficient validation of untrusted input flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500028989...

SUSE CVE-2026-10940

Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-10960

Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-10966

Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...