PT-2026-24888

CVE-2026-3941 Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.… https://t.co/9gTnqXNedp...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a security bypass vulnerability caused by insufficient policy enforcement in DevTools, which can be exploited by an attacker to bypass navigation restrictions via specially crafted HTML pages...

PT-2026-24887

🚨 CVE-2026-3940 Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low 🎖@cveNotify...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome due to insufficient policy enforcement in DevTools, which can be exploited by attackers to bypass security restrictions...

Google Chrome DevTools Heap Corruption Vulnerability

Google Chrome is a free web browser developed by Google Inc. A heap corruption vulnerability exists in Google Chrome DevTools, which stems from improper object destructuring and can be exploited by remote attackers to execute arbitrary code...

openSUSE 16 Security Update : gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer (openSUSE-SU-2026:20329-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20329-1 advisory. Changes in gstreamer-rtsp-server: - Update to version 1.26.7: - Fix issues with GDISABLECHECKS & GDISABLEASSERT. - rtsp-server: tests: Switch to fixture...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0078-1 Rating: important References: 1259213 Cross-References: CVE-2026-3536 CVE-2026-3537 CVE-2026-3538 CVE-2026-3539 CVE-2026-3540 CVE-2026-3541 CVE-2026-3542 CVE-2026-3543 CVE-2026-3544 CVE-2026-3545...

Fedora 43 : cef (2026-b5f8adc627)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-b5f8adc627 advisory. Bump to cef-145.0.28+g51162e8 + chromium 145.0.7632.159 rhbz2437035 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue i...

Chromium: CVE-2026-3539 Object lifecycle issue in DevTools

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Fedora 44 : cef (2026-9834b25fc2)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9834b25fc2 advisory. Bump to cef-145.0.28+g51162e8 + chromium 145.0.7632.159 rhbz2437035 CVE-2026-3536: Integer overflow in ANGLE CVE-2026-3537: Object lifecycle issue i...

Security update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer (moderate)

openSUSE security update: security update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer...

Microsoft Edge (Chromium) < 145.0.3800.97 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 145.0.3800.97. It is, therefore, affected by multiple vulnerabilities as referenced in the March 6, 2026 advisory. - Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to...

Fedora 44 : cef (2026-376794abc1)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-376794abc1 advisory. Update to cef-145.0.25 + chromium 145.0.7632.75 CVE-2026-1861: Heap buffer overflow in libvpx CVE-2026-1862: Type Confusion in V8 CVE-2026-2313: Use...

Microsoft Edge (Chromium) < 144.0.3719.162 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 144.0.3719.162. It is, therefore, affected by multiple vulnerabilities as referenced in the March 6, 2026 advisory. - Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to...

CVE-2026-3539

An object lifecycle issue flaw was found in the DevTools component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483853098...

Cross-site Scripting (XSS)

Nuxt DevTools is vulnerable to Cross Site Scripting XSS. The vulnerability is due to a lack of proper input validation, where an attacker can inject malicious code and extract Nuxt auth tokens under certain configurations...

KLA90909 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Integer overflow vulnerability in ANGLE can be exploited to cause execute arbitrary code...

Linux Distros Unpatched Vulnerability : CVE-2026-3539

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to...

CVE-2026-28458

Summary: OpenClaw’s Browser Relay /cdp WebSocket endpoint did not require an authentication token, allowing loopback connections to access sensitive data. Affected versions are OpenClaw 2026.1.20 up to 2026.2.0; the endpoint is at ws://127.0.0.1:18792/cdp. An attacker could steal session cookies ...

OPENSUSE-SU-2026:20329-1 Security update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer

This update for gstreamer-rtsp-server, gstreamer-plugins-ugly, gstreamer-plugins-rs, gstreamer-plugins-libav, gstreamer-plugins-good, gstreamer-plugins-base, gstreamer-plugins-bad, gstreamer-docs, gstreamer-devtools, gstreamer fixes the following issues: Changes in gstreamer-rtsp-server: - Update...