CVE-2026-12449

An use after free flaw was found in the Chromoting component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513480539...

CVE-2026-12448

An inappropriate implementation flaw was found in the WebView component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513458233...

CVE-2026-12447

A heap buffer overflow flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513405023...

CVE-2026-12445

An use after free flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513199795...

CVE-2026-12442

An use after free flaw was found in the Passwords component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=521950423...

CVE-2026-12441

An use after free flaw was found in the File Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520157118...

CVE-2026-12440

An use after free flaw was found in the DigitalCredentials component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519731619...

CVE-2026-12437

An use after free flaw was found in the WebShare component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516496659...

PT-2026-50988

Name of the Vulnerable Software and Affected Versions Joomla! Component J-BusinessDirectory version 4.9.7 Description An SQL injection allows unauthenticated attackers to execute arbitrary SQL queries. This is achieved by injecting malicious code into the type parameter via GET requests to the...

PT-2026-51003

Name of the Vulnerable Software and Affected Versions Joomla com booking component version 2.4.9 Description An information disclosure issue exists in the customer controller. Unauthenticated attackers can enumerate user accounts by sending GET requests to the 'index.php' endpoint with the...

Partial String Comparison

Overview Affected versions of this package are vulnerable to Partial String Comparison via the router component. An attacker can route requests to unintended backend servers by sending crafted HTTP requests with manipulated Host headers. Remediation A fix was pushed into the master branch but not...

SUSE CVE-2026-12315

Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12...

SUSE CVE-2026-12330

Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12...

UBUNTU-CVE-2026-47178

Unknown description...

CVE-2026-12330

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Incorrect boundary conditions in the Internationalization component...

CVE-2026-12294

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape in the DOM: Workers component...

EUVD-2026-37547

Use after free in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in miSyncDestroyFence()

A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDestroyFence. A client that sets up multiple fence triggers can trigger a use-after-free function pointer call. An attacker would connect to the X server to set up a fence and await that fence, then a second X connection...

firefox: Same-origin policy bypass in the Networking: HTTP component

A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: HTTP component...

firefox: thunderbird: Privilege escalation in the DOM: Workers component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Privilege escalation in the DOM: Workers component...