Lucene search
K

432 matches found

EUVD
EUVD
added 22 hours ago3 views

EUVD-2026-41182

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score
Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-13323

In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...

4.1CVSS
Exploits0References2
CVE
CVE
added yesterday12 views

CVE-2026-13323

Open VSX Registry before 1.0.2 is affected by a vulnerability in the /vscode/unpkg/ endpoint that serves user-supplied HTML with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition header. An unauthenticated attacker can create a publisher account, upload a VSIX c...

4.1CVSS5.8AI score
Exploits0References2
EUVD
EUVD
added yesterday4 views

EUVD-2026-40841

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40719

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

6.1AI score0.00134EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-40633

Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00133EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-40550

Insufficient policy enforcement in WebHID in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00133EPSS
Exploits0References3
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-14047

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00118EPSS
Exploits0References1
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-14040

Use after free in BrowserTag in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Low...

8.8CVSS5.8AI score0.00117EPSS
Exploits0References1
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-14032

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

8.1CVSS6.1AI score0.00134EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-13948

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS0.00133EPSS
Exploits0References2
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-13864

Insufficient policy enforcement in WebHID in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...

8.1CVSS5.8AI score0.00133EPSS
Exploits0References1
NVD
NVD
added 2 days ago4 views

CVE-2026-13864

Insufficient policy enforcement in WebHID in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...

8.1CVSS0.00133EPSS
Exploits0References2
NVD
NVD
added 2 days ago4 views

CVE-2026-13822

Inappropriate implementation in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

6.5CVSS0.00141EPSS
Exploits0References2
NVD
NVD
added 2 days ago5 views

CVE-2026-13774

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

8.1CVSS0.00164EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-14047

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00118EPSS
Exploits0
Cvelist
Cvelist
added 2 days ago21 views

CVE-2026-14032

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

0.00134EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago22 views

CVE-2026-13791

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

0.00153EPSS
Exploits0References2
CVE
CVE
added 2 days ago20 views

CVE-2026-13774

CVE-2026-13774: Use-after-free in Chrome Extensions allows arbitrary code execution when a user installs a malicious extension. Affected: Google Chrome (Extensions). Root cause: use-after-free in Extensions. Impact: potential arbitrary code execution. Mitigation: update to Chrome 150.0.7871.47 or...

8.1CVSS6.1AI score0.00164EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-55199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libssh2 through 1.11.1, fixed in commit 1762685, contains a pre-authentication denial of service vulnerability in the SSHMSGEXTINFO handler in src/packet.c that...

8.2CVSS7.1AI score0.00408EPSS
Exploits1References3
Rows per page
Query Builder