37975 matches found
CVE-2026-10918
Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10917
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10917
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10909
Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10909
The connected sources confirm CVE-2026-10909 is a use-after-free vulnerability in Dawn within Google Chrome, fixed by Chrome 149.0.7827.53. A remote attacker who has compromised the renderer could potentially perform a sandbox escape via a crafted HTML page. Affected component/file: Dawn in Chrom...
CVE-2026-10909
Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10907
CVE-2026-10907 is an out-of-bounds write in ANGLE used by Google Chrome, affecting Chrome versions prior to 149.0.7827.53. The issue allows a remote attacker to potentially cause heap corruption via a crafted HTML page. The connected documents confirm ANGLE as the vulnerable component and Chrome ...
CVE-2026-10905
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10895
Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10882
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10881
The CVE-2026-10881 issue affects ANGLE in Google Chrome, with an out-of-bounds read/write that could enable a sandbox escape via a crafted HTML page. It is resolved in Chrome 149.0.7827.53 and later, per Chrome’s stability update notes. The vulnerability is identified across multiple sources (NVD...
CVE-2026-47644
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
ROOT-APP-NPM-CVE-2022-38900 CVE-2022-38900 in @rootio/decode-uri-component - Patched by Root
Root has patched CVE-2022-38900 in the @rootio/decode-uri-component package for Root:npm. Multiple fixed versions available...
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
Copilot Chat (Microsoft Edge) Information Disclosure Vulnerability
Improper neutralization of special elements in output used by a downstream component 'injection' in Copilot Chat Microsoft Edge allows an unauthorized attacker to disclose information over a network...
CVE-2026-10810 itsourcecode Fees Management System navbar.php cross site scripting
A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to t...
EUVD-2025-210064
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874 HCL Hive Telco Observability is affected by a Required directives missing from the CSP .
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...
CVE-2025-59874 HCL Hive Telco Observability is affected by a Required directives missing from the CSP .
HCL Hive Telco Observability is affected by a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable...