Lucene search
K

8944 matches found

NVD
NVD
added yesterday7 views

CVE-2026-55110

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday6 views

CVE-2026-55110

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS
Exploits0References1
EUVD
EUVD
added yesterday4 views

EUVD-2026-41388

A malicious actor who lures an authenticated user to a malicious page could exploit a Cross-Origin Resource Sharing CORS misconfiguration found in UniFi OS to trigger actions in UniFi OS using that user's session...

7.5CVSS5.7AI score
Exploits0References1
EUVD
EUVD
added yesterday5 views

EUVD-2026-41190

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00164EPSS
Exploits0References3
EUVD
EUVD
added yesterday4 views

EUVD-2026-41178

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-41177

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00182EPSS
Exploits0References3
NVD
NVD
added 2 days ago9 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00164EPSS
Exploits0References2
NVD
NVD
added 2 days ago4 views

CVE-2026-14396

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00174EPSS
Exploits0References2
NVD
NVD
added 2 days ago4 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00182EPSS
Exploits0References2
CVE
CVE
added 2 days ago15 views

CVE-2026-14418

Technical details about CVE-2026-14418 are not publicly available in the provided documents. Monitor for updates from official advisories for affected products, impact, and fixes.

4.3CVSS5.8AI score0.00164EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2 days ago23 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00164EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago21 views

CVE-2026-14396

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00174EPSS
Exploits0References2
CVE
CVE
added 2 days ago6 views

CVE-2026-14396

CVE-2026-14396 describes an out-of-bounds read in ANGLE used by Google Chrome, allowing a remote attacker to leak cross-origin data via a crafted HTML page. Affected component: ANGLE within Chrome, with the flaw exploitable through networked HTML content. The issue is tied to Chrome versions prio...

6.5CVSS5.8AI score0.00174EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-14396

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00174EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2 days ago21 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00182EPSS
Exploits0References2
CVE
CVE
added 2 days ago8 views

CVE-2026-14384

CVE-2026-14384 describes an out-of-bounds read in ANGLE used by Google Chrome on Windows , affecting versions prior to 150.0.7871.46 . The underlying issue in ANGLE allows a remote attacker to leak cross-origin data via a crafted HTML page . Affected component: ANGLE within Chromium-based Chrome;...

6.5CVSS5.8AI score0.00182EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2 days ago5 views

CVE-2026-55660

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS0.00196EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-55660

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS5.7AI score0.00196EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-55660 TinaCMS: Cross-origin postMessage handlers and rich-text URL-sanitization bypass enable stored XSS and session takeover

Tina is a headless content management system. In versions prior to @tinacms/app 2.5.6 and tinacms 3.9.3, cross-origin postMessage handlers and a rich-text URL-sanitization bypass enable stored XSS and session takeover. The library registers window message listeners — the useTina overlay handler,...

7.6CVSS0.00196EPSS
Exploits0References2
Rows per page
Query Builder