CVE-2026-4439

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-4439

The CVE-2026-4439 entry describes an out-of-bounds memory access in WebGL affecting Google Chrome on Android prior to version 146.0.7680.153, with potential sandbox escape via a crafted HTML page (critical). Connected advisories confirm Chromium-based builds (Chromium/Chrome) across distributions...

CVE-2026-4439

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-4439

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-4439

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-4451

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

QNAP Systems QHora 安全漏洞

QNAP Systems QHora is a router product of QNAP Systems, a company based in Taiwan, China. There is a security vulnerability in QNAP Systems QHora, which stems from improper handling of escape characters, meta-characters, or control sequences. This vulnerability may allow local attackers to obtain...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability. This vulnerability stemmed from the Digital Credentials API allowing for reusing of resources after release, which could enable remote attackers to execute...

CVE-2026-4439

Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability. This vulnerability stemmed from insufficient validation of untrusted inputs during navigation, which could allow remote attackers to execute a sandbox esca...

CVE-2026-4456

Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

PT-2026-26635

Name of the Vulnerable Software and Affected Versions QHora versions prior to 2.6.3.009 Description An improper neutralization of escape, meta, or control sequences vulnerability exists in QHora. A local attacker with administrator privileges can exploit this issue to cause unexpected behavior...

PT-2026-26762

Name of the Vulnerable Software and Affected Versions Kysely versions prior to 0.28.14 Description Kysely's DefaultQueryCompiler.sanitizeStringLiteral function inadequately escapes backslashes when handling string literals. Specifically, it only doubles single quotes but does not address...

Linux Distros Unpatched Vulnerability : CVE-2026-4451

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer...

Linux Distros Unpatched Vulnerability : CVE-2026-4439

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially perform a sandbox escape via a...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability caused by excessive memory access through WebGL in the Android system, which could lead to sandbox escape...

Linux Distros Unpatched Vulnerability : CVE-2026-4456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised the renderer process to...

CVE-2026-32013

OpenClaw versions prior to 2026.2.25 contain a symlink traversal vulnerability in the agents.files.get and agents.files.set methods that allows reading and writing files outside the agent workspace. Attackers can exploit symlinked allowlisted files to access arbitrary host files within gateway...

CVE-2026-4006

The Simple Draft List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'displayname' post meta Custom Field in all versions up to and including 2.6.2. This is due to insufficient input sanitization and output escaping on the author display name when no author URL is...

CVE-2026-31990

OpenClaw versions prior to 2026.3.2 contain a vulnerability in the stageSandboxMedia function in which it fails to validate destination symlinks during media staging, allowing writes to follow symlinks outside the sandbox workspace. Attackers can exploit this by placing symlinks in the...