OESA-2026-1468 thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: When a user explicitly requested Thunderbird to decrypt an inline OpenPGP message that was embedded in a text section of an email that was formatted and styled with HTML and CSS, then the decrypted contents were render...

Exploit for Use After Free in Google Chrome

CSS in Google Chrome prior to Remote Code Execution CVE-2026-...

📄 Google Chrome CSSFontFeatureValuesMap Use-After-Free

Google Chrome versions prior to 145.0.7632.75 CSSFontFeatureValuesMap use-after-free proof of concept exploit. When an iterator is created over a CSSFontFeatureValuesMap object and the underlying HashMap is mutated during iteration, a rehash operation occurs, freeing the original memory while the...

Exploit for Use After Free in Google Chrome

CSS in Google Chrome prior to Remote Code Execution CVE-2026-...

Exploit for Use After Free in Google Chrome

CSS in Google Chrome prior to Remote Code Execution CVE-2026-...

Microsoft Edge (Chromium) < 144.0.3719.130 (CVE-2026-2441)

The version of Microsoft Edge installed on the remote Windows host is prior to 144.0.3719.130. It is, therefore, affected by a vulnerability as referenced in the February 17, 2026 advisory. - Use after free in CSS allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Exploit for Use After Free in Google Chrome

CVE-2026-2441-PoC CVE-2026-2441 PoC Chrome CSS Use-After-Free...

Vulnerability fixed in Google Chrome

Google has fixed a vulnerability in Google Chrome for versions prior to 145.0.7632.75. The vulnerability is in the way Google Chrome handles CSS and involves a use-after-free issue. This can lead to remote code execution via specially crafted HTML pages. Both Google Chrome and Microsoft Edge base...

OPENSUSE-SU-2026:20248-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - more fixes for desktop file, some variables were lowercased, further adaptions in INSTALL script boo1258199 - also copy rollup into thirdparty/node/nodemodules - stay on llvm-10 for swiftshader but bring a similar patch -...

Fedora 43 : chromium (2026-443f9ace49)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-443f9ace49 advisory. Update to 145.0.7632.75 CVE-2026-2441: Use after free in CSS CVE-2026-2313: Use after free in CSS CVE-2026-2314: Heap buffer overflow in Codecs...

Fedora 42 : roundcubemail (2026-d684b372f1)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-d684b372f1 advisory. Release 1.6.13 - Managesieve: Fix handling of string-list format values for date tests in Out of Office 10075 - Fix remote image blocking bypass via SVG...

Exploit for Use After Free in Google Chrome

CSS in Google Chrome prior to Remote Code Execution CVE-2026-...

Exploit for Use After Free in Google Chrome

CVE-2026-2441 — Chrome CSSFontFeatureValuesMap Use-After-Free...

CVE-2026-1640 Taskbuilder <= 5.0.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Project/Task Comment Creation

The Taskbuilder – WordPress Project Management & Task Management plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 5.0.2. This is due to missing authorization checks on the project and task comment submission functions AJAX actions:...

Chromium: CVE-2026-2313 Use after free in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

WordPress plugin Taskbuilder – WordPress Project Management & Task Management 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added t...

Update Chrome now: Zero-day bug allows code execution via malicious webpages

Google has issued a patch for a high‑severity Chrome zero‑day, tracked as CVE‑2026‑2441, a memory bug in how the browser handles certain font features that attackers are already exploiting. CVE-2026-2441 has the questionable honor of being the first Chrome zero-day of 2026. Google considered it...

[SECURITY] [DSA 6137-1] roundcube security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6137-1 [email protected] https://www.debian.org/security/ Sebastien Delafond February 17, 2026 https://www.debian.org/security/faq -...

Debian dsa-6137 : roundcube - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6137 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6137-1 [email protected]...

Google Chromium CSS Use-After-Free Vulnerability

Google Chromium CSS contains a use-after-free vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge,...