KLA90894 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability can be exploited to...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0053-1 Rating: important References: 1258116 1258185 1258199 Cross-References: CVE-2026-2313 CVE-2026-2314 CVE-2026-2315 CVE-2026-2316 CVE-2026-2317 CVE-2026-2318 CVE-2026-2319 CVE-2026-2320 CVE-2026-2321...

PT-2026-8383

Apple recently patched the missing piece in the userland part of the Dec'25 full-chain exploit. CVE-2026-20700: dyld memory corruption to PAC bypass This bug completes the chain of CVE-2026-43529 jsc UAF RCE, PoC public and CVE-2026-14174 Angle OOB EoP, no working PoC yet. Patched in iOS 26.3...

CVE-2026-2027

The AMP Enhancer – Compatibility Layer for Official AMP Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AMP Custom CSS setting in all versions up to, and including, 1.0.49 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...

[SECURITY] Fedora 43 Update: nginx-mod-fancyindex-0.5.2-15.fc43

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

CVE-2026-2027

The AMP Enhancer – Compatibility Layer for Official AMP Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AMP Custom CSS setting in all versions up to, and including, 1.0.49 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...

CVE-2026-2027 AMP Enhancer <= 1.0.49 - Authenticated (Administrator+) Stored Cross-Site Scripting via AMP Custom CSS Setting

The AMP Enhancer – Compatibility Layer for Official AMP Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AMP Custom CSS setting in all versions up to, and including, 1.0.49 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...

CVE-2026-2027 AMP Enhancer <= 1.0.49 - Authenticated (Administrator+) Stored Cross-Site Scripting via AMP Custom CSS Setting

The AMP Enhancer – Compatibility Layer for Official AMP Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AMP Custom CSS setting in all versions up to, and including, 1.0.49 due to insufficient input sanitization and output escaping on user supplied attributes. This makes ...

Linux Distros Unpatched Vulnerability : CVE-2026-2441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

WordPress AMP Enhancer plugin <= 1.0.49 - Authenticated (Administrator+) Stored Cross-Site Scripting via AMP Custom CSS Setting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting via AMP Custom CSS Setting vulnerability discovered by Muqsith Barru - TCC in WordPress Plugin AMP Enhancer Compatibility Layer for Official AMP Plugin versions = 1.0.49...

CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-2313

Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

Stable Channel Update for Desktop

The Stable channel has been updated to 145.0.7632.75/76 for Windows/Mac and 145.0.7632.75 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept restricted...

VulnCheck KEV: CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Google Chrome < 145.0.7632.75 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 145.0.7632.75. It is, therefore, affected by a vulnerability as referenced in the 202602stable-channel-update-for-desktop13 advisory. - Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote...

Google Chrome < 145.0.7632.75 Vulnerability

The version of Google Chrome installed on the remote macOS host is prior to 145.0.7632.75. It is, therefore, affected by a vulnerability as referenced in the 202602stable-channel-update-for-desktop13 advisory. - Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attack...

Google Chrome < 144.0.7559.177 Vulnerability

The version of Google Chrome installed on the remote Windows host is prior to 144.0.7559.177. It is, therefore, affected by a vulnerability as referenced in the 202602extended-stable-updates-for-desktop13 advisory. - Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote...