CVE-2026-10936

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-10936

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-10935

CVE-2026-10935: Type Confusion in Google Chrome’s V8 engine (Chromium) prior to 149.0.7827.53. A crafted HTML page enables a remote attacker to execute arbitrary code inside the sandbox. Affected product: Google Chrome/Chromium with V8. Root cause: type confusion in V8. Impact: remote code execut...

CVE-2026-10935

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-10921

Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10921

Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10910

CVE-2026-10910 refers to a Type Confusion in V8 that affected Google Chrome’s sandboxed JavaScript engine prior to Chrome 149.0.7827.53. The issue could allow a remote attacker to execute arbitrary code through a crafted HTML page, with exploitation possible without user privileges but requiring ...

CVE-2026-10910

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-10910

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-10904

Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

WordPress WP Travel Engine plugin <= 6.7.12 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin WP Travel Engine versions = 6.7.12...

RLSA-2026:21380 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component CVE-2026-8391 firefo...

firefox security update

An update is available for firefox. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Firefox is an open-source web browser, designed for standards...

Fake Sites Mimicking Open-Source Tools Rank High on Google to Deliver Malware via TDS

Cybersecurity researchers have flagged a large-scale operation that impersonates open-source and freeware projects to funnel unsuspecting users through a Traffic Distribution System TDS and deliver malware families like Remus Stealer, AnimateClipper, and the SessionGate framework. "The sites are...

SUSE CVE-2026-46263

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...

Linux Distros Unpatched Vulnerability : CVE-2026-46263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as ...

RockyLinux 10 : firefox (RLSA-2026:21380)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21380 advisory. firefox: Incorrect boundary conditions in the JavaScript Engine: JIT component CVE-2026-8388 firefox: Other issue in the JavaScript Engine component...

Moderate: mysql security update

MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon mysqld and many client programs and libraries. Security Fixes: mysql: InnoDB unspecified vulnerability CPU Apr 2026 CVE-2026-22004 mysql: Information Schema unspecified vulnerability CPU Apr 2026...

CVE-2026-46263

A flaw was found in the Linux kernel's drm/amd/display component. This vulnerability arises from an out-of-bounds array access when an invalid engid value is used to index the streamencregs array. A local attacker or a privileged process could exploit this memory corruption to potentially execute...

CVE-2026-46263

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds stream encoder index v3 engid can be negative and that streamencregs can be indexed out of bounds. engid is used directly as an index into streamencregs, which has only 5 entries. When engid is ...