📄 Google Chrome CSSFontFeatureValuesMap Use-After-Free

Google Chrome versions prior to 145.0.7632.75 CSSFontFeatureValuesMap use-after-free proof of concept exploit. When an iterator is created over a CSSFontFeatureValuesMap object and the underlying HashMap is mutated during iteration, a rehash operation occurs, freeing the original memory while the...

Update Chrome now: Zero-day bug allows code execution via malicious webpages

Google has issued a patch for a high‑severity Chrome zero‑day, tracked as CVE‑2026‑2441, a memory bug in how the browser handles certain font features that attackers are already exploiting. CVE-2026-2441 has the questionable honor of being the first Chrome zero-day of 2026. Google considered it...

External Control Of Filename

phenx/php-svg-lib is vulnerable to External Control of Filename. The vulnerability is due to insecure handling of inline CSS font definitions, allowing an attacker to deserialize a PHAR file through the phar:// URL handler. Note that remote code execution is only possible on PHP versions less the...

cssfontstack.com Cross Site Scripting vulnerability OBB-3849266

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cssfontstack.com Cross Site Scripting vulnerability OBB-2624871

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

cssfontstack.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-861959 Security Researcher geeknik Helped patch 8675 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting cssfontstack.com website an...

Google Chrome Blink Same-Origin Policy Bypass Vulnerability (CNVD-2015-06764)

Google Chrome is an open source WEB browser. Google uses Blink in the Cascading Style Sheets CSS implementation of the core/css/CSSFontFaceSrcValue.cpp file in the 'CSSFontFaceSrcValue::fetch ' function in the core/css/css/CSSFontFaceSrcValue.cpp file contains a security vulnerability that can be...

CVE-2015-6762

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...

UBUNTU-CVE-2015-6762

The CSSFontFaceSrcValue::fetch function in core/css/CSSFontFaceSrcValue.cpp in the Cascading Style Sheets CSS implementation in Blink, as used in Google Chrome before 46.0.2490.71, does not use the CORS cross-origin request algorithm when a font's URL appears to be a same-origin URL, which allows...

webkit: CSS Font Face Parsing Type Confusion Vulnerability

The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google Chrome before 8.0.552.224, Chrome OS before 8.0.552.343, webkitgtk before 1.2.6, and other products does not properly parse Cascading Style Sheets CSS token sequences, which allows remote attackers ...

Mozilla Firefox CSS font-face Remote Code Execution Vulnerability

Exploit for windows platform in category dos / poc ================================================================= Mozilla Firefox CSS font-face Remote Code Execution Vulnerability ================================================================= Title : Mozilla Firefox CSS font-face Remote Cod...