CVE-2026-30977

RenderBlocking is a MediaWiki extension that allows interface administrators to specify render-blocking CSS and JavaScript. Prior to 0.1.1, there is Stored XSS in renderblocking-css with Inline Assets mode. $wgRenderBlockingInlineAssets = true and editsitecss user rights are required. This...

CVE-2026-31873

Unhead is a document head and template manager. Prior to 2.1.11, The link.href check in makeTagSafe safe.ts uses String.includes, which is case-sensitive. Browsers treat URI schemes case-insensitively. DATA:text/css,... is the same as data:text/css,... to the browser, but 'DATA:...'.includes'data...

firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...

firefox: thunderbird: Use-after-free in the CSS Parsing and Computation component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...

PT-2026-28392

Name of the Vulnerable Software and Affected Versions staffwiki version 7.0.1.19219 Description A cross-site scripting XSS issue exists in staffwiki. This allows attackers to execute arbitrary Javascript in the context of a user's browser through a crafted HTTP request. The vulnerable API endpoin...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0097-1 Rating: important References: 1260376 Cross-References: CVE-2026-4673 CVE-2026-4674 CVE-2026-4675 CVE-2026-4676 CVE-2026-4677 CVE-2026-4678 CVE-2026-4679 CVE-2026-4680 Affected Products: openSUSE...

Fedora 44 : chromium (2026-4d42fffb2b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4d42fffb2b advisory. Update to 146.0.7680.164 High CVE-2026-4673: Heap buffer overflow in WebAudio High CVE-2026-4674: Out of bounds read in CSS High CVE-2026-4675: Heap...

CVE-2026-4691

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the CSS Parsing and Computation component...

SUSE CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

Linux Distros Unpatched Vulnerability : CVE-2026-4691

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149...

EUVD-2026-14806

Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox 149, Firefox ESR 115.34, and Firefox ESR 140.9...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

UBUNTU-CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691 Use-after-free in the CSS Parsing and Computation component

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability affects Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

CVE-2026-4691

The CVE-2026-4691 entry describes a use-after-free in Firefox’s CSS Parsing and Computation component. Affected products/versions, as documented across connected sources, include Firefox versions prior to 149 and Firefox ESR prior to 115.34 and 140.9. The root cause is a use-after-free in the CSS...

CVE-2026-4691 Use-after-free in the CSS Parsing and Computation component

Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...