UBUNTU-CVE-2026-10702

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

CVE-2026-10702

CVE-2026-10702 is a Firefox issue involving a JIT miscompilation in the JavaScript Engine (JIT component). The vulnerability was fixed in Firefox 151.0.3. The CVSS score is 4.3 (Medium) with network attack vector, user interaction required, and availability impact of Low. Affected product: Mozill...

CVE-2026-10701 Incorrect boundary conditions in the Graphics: Text component

Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3...

CVE-2026-10701

CVE-2026-10701 relates to an Incorrect boundary condition in Firefox’s Graphics: Text component. Connected sources confirm this is addressed by the Firefox 151.0.3 update, fixing the vulnerability. The issue is described as a boundary condition problem within the Graphics: Text component and is i...

EUVD-2026-33989

Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3...

CVE-2026-10701 Incorrect boundary conditions in the Graphics: Text component

Incorrect boundary conditions in the Graphics: Text component. This vulnerability was fixed in Firefox 151.0.3...

CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

CVE-2026-45554 NiceGUI: Unauthenticated log-flood DoS via trailing slash on ESM and per-component resource routes

NiceGUI is a Python-based UI framework. Prior to version 3.12.0, two FastAPI routes that serve per-component static assets in NiceGUI accept a sub-path parameter that may resolve to a directory rather than a file. Requests that resolve to a directory raise an unhandled RuntimeError inside...

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

firefox: thunderbird: Information disclosure due to incorrect boundary conditions in the Audio/Video component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Information disclosure due to incorrect boundary conditions in the Audio/Video component...

firefox: thunderbird: webrtc: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component...

CVE-2026-10565

A security flaw has been discovered in Open5GS up to 2.7.6. The impacted element is the function gmmstatesecuritymode of the file src/amf/gmm-sm.c of the component NGAP Handover. Performing a manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack...

CVE-2026-39821 affecting package kata-containers-cc for versions less than 3.15.0.aks0-11

CVE-2026-39821 affecting package kata-containers-cc for versions less than 3.15.0.aks0-11. A patched version of the package is available...

PT-2026-46570

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This...

PT-2026-46456

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in Dawn allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. An out of bounds rea...

PT-2026-46762

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page...

PT-2026-46819

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Blink allows a remote attacker to bypass the content security policy CSP, which is a security layer that helps detect and mitigate certain types of...