CVE-2026-8008

Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

CVE-2026-7965

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Google Chrome < 147.0.7727.116 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 147.0.7727.116. It is, therefore, affected by multiple vulnerabilities as referenced in the 202604stable-channel-update-for-desktop22 advisory. - Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.1...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0078-1 Rating: important References: 1259213 Cross-References: CVE-2026-3536 CVE-2026-3537 CVE-2026-3538 CVE-2026-3539 CVE-2026-3540 CVE-2026-3541 CVE-2026-3542 CVE-2026-3543 CVE-2026-3544 CVE-2026-3545...

Fedora 43 : cef (2026-b5f8adc627)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b5f8adc627 advisory. Bump to cef-145.0.28+g51162e8 + chromium 145.0.7632.159 rhbz2437035 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue i...

Chromium: CVE-2026-3539 Object lifecycle issue in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Fedora 44 : cef (2026-9834b25fc2)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9834b25fc2 advisory. Bump to cef-145.0.28+g51162e8 + chromium 145.0.7632.159 rhbz2437035 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue i...

Microsoft Edge (Chromium) < 145.0.3800.97 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 145.0.3800.97. It is, therefore, affected by multiple vulnerabilities as referenced in the March 6, 2026 advisory. - Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to...

CVE-2026-3539

An object lifecycle issue flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483853098...

CVE-2026-3539

Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20277-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20277-1 advisory. Changes in chromium: - Chromium 145.0.7632.116 boo1258733: CVE-2026-3061: Out of bounds read in Media CVE-2026-3062: Out of bounds read and writ...

Google Chrome < 145.0.7632.116 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 145.0.7632.116. It is, therefore, affected by multiple vulnerabilities as referenced in the 202602stable-channel-update-for-desktop23 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...

Stable Channel Update for Desktop

The Stable channel has been updated to 145.0.7632.116/117 for Windows/Mac and 145.0.7632.116 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 13 security fixes: 456547591 High CVE-2025-13630: Type Confusion in V8. Reported by Shreyas Penkar @streypaws on 2025-10-31 448113221 High CVE-2025-13631: Inappropriate implementation in Google Updater. Reported by Jota Domingos on 2025-09-29 43905824...

Linux Distros Unpatched Vulnerability : CVE-2025-12907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user acti...

EUVD-2022-52208

Malicious code in bioql PyPI...

PT-2025-26732

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 140 Description: The issue arises when a user saves a response from the Network tab in Devtools using the Save As context menu option. In this scenario, the saved file may not have the .download file extension,...

Firefox -- content injection attack

[email protected] reports: Previewing a response in Devtools ignored CSP headers, which could have allowed content injection attacks...

Fedora: Security Advisory (FEDORA-2025-eab322e215)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2025-0037)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...