1827 matches found
CVE-2026-22174
OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the...
CVE-2026-22174 OpenClaw < 2026.2.22 - Gateway Token Disclosure via Chrome CDP Probe
OpenClaw versions prior to 2026.2.22 inject the x-OpenClaw-relay-token header into Chrome CDP probe traffic on loopback interfaces, allowing local processes to capture the Gateway authentication token. An attacker controlling a loopback port can intercept CDP reachability probes to the...
KLA90964 DoS vulnerabilities in Opera
Denial of service vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Out of bounds memory read vulnerability in Media can be exploited to cause denial of service. 2. Out of bounds memor...
Chromium: CVE-2026-3941 Insufficient policy enforcement in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-3940 Insufficient policy enforcement in DevTools
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
@afidos/nestjs-event-notifications (>=2.2.1 <=2.2.2), @mieweb/wikigdrive (>=2.15.0 <=2.17.1) +3 more potentially affected by CVE-2026-26954 via @nyariv/sandboxjs (>=0.5.3 <=0.8.25)
@nyariv/sandboxjs NPM version =0.5.3, =2.2.1, =2.15.0, =0.2.0, =11.0.0, =12.0.1 Source cves: CVE-2026-26954 Source advisory: SNYK:JS-NYARIVSANDBOXJS-15518695...
CVE-2026-3941
An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=474670215...
CVE-2026-3940
An insufficient policy enforcement flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=470574526...
KLA90935 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. Out of bounds read vulnerability in Web Speech can be exploited to...
SUSE CVE-2026-3940
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2026-3941
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
Incorrect Authorization
Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Incorrect Authorization via insufficient enforcement of navigation policies in the DevTools process. An attacker can access restricted resources or perform unauthorized navigation by...
@arikdpc/chrome-devtools-mcp (>=0.12.1 <=0.12.4), @bachstudio/chrome-devtools-mcp (=0.10.3) +5 more potentially affected by CVE-2026-3941 via chrome-devtools-frontend (>=1.0.1532884 <=1.0.1555430)
chrome-devtools-frontend NPM version =1.0.1532884, =0.12.1, =1.0.2, =0.12.2, =0.3.17, =0.3.17, =0.3.22 Source cves: CVE-2026-3941 Source advisory: SNYK:JS-CHROMEDEVTOOLSFRONTEND-15467463...
EUVD-2026-11470
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-11472
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-3940
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HT...
Linux Distros Unpatched Vulnerability : CVE-2026-3941
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HT...
CVE-2026-3940
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-3941
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-3941
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...