ROS-20260610-73-0021

The vulnerability of the JavaScript Engine component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to access to resources through incompatible types. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility ...

EulerOS 2.0 SP13 : docker-engine (EulerOS-SA-2026-2327)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to...

minimatch: Minimatch: Denial of Service via catastrophic backtracking in glob expressions

A flaw was found in minimatch. A remote attacker could exploit this vulnerability by providing a specially crafted glob expression with nested unbounded quantifiers. This could lead to catastrophic backtracking in the V8 JavaScript engine, causing the application to become unresponsive and...

EUVD-2026-35249

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

EUVD-2026-35245

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

EUVD-2026-35250

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2026-2239)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to...

PT-2026-49756

Name of the Vulnerable Software and Affected Versions Microsoft Defender affected versions not specified Windows 10 affected versions not specified Windows 11 affected versions not specified Description An elevation of privilege flaw, publicly referred to as RoguePlanet, exists in the Microsoft...

Linux Distros Unpatched Vulnerability : CVE-2026-11650

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2026-2201)

According to the versions of the docker-engine package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework. Prior to version 29.3.1, a security vulnerability has been detected that allows attackers to...

CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11650

CVE-2026-11650 : Use after free in V8 (Google Chrome) prior to 149.0.7827.103 enables remote code execution inside a sandbox via a crafted HTML page. Affected software is Google Chrome’s V8 engine; impact is high as per Chromium advisory. The connected sources indicate the vulnerability arises fr...

CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11649

CVE-2026-11649: Use-after-free in V8 affects Google Chrome before version 149.0.7827.103. Exploitation could allow a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page. Root cause is a use-after-free in V8 handling of certain objects (as described). Impact i...

CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...