Lucene search
K

17372 matches found

Nuclei
Nuclei
added 3 hours ago18 views

NocoBase - VM Sandbox Escape to Remote Code Execution

NocoBase Workflow Script Node executes user-supplied JavaScript inside a Node.js vm sandbox with a custom require allowlist controlled by WORKFLOWSCRIPTMODULES env var. The console object passed into the sandbox context exposes host-realm WritableWorkerStdio stream objects via console.stdout and...

9.9CVSS6.2AI score0.36503EPSS
Exploits7References3
Nuclei
Nuclei
added 3 hours ago27 views

WordPress Tutor LMS <2.0.10 - Cross Site Scripting

WordPress Tutor LMS plugin before 2.0.10 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape the resetkey and userid parameters before outputting then back in attributes. An attacker can inject arbitrary script in the browser of an unsuspecting user in the conte...

6.1CVSS6.4AI score0.01347EPSS
Exploits2References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41170

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-41199

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago3 views

EUVD-2026-41198

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41201

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41156

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS6.1AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41168

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-41175

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41181

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41187

Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-41200

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago3 views

EUVD-2026-41161

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago3 views

EUVD-2026-41164

Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago6 views

EUVD-2026-41167

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41173

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.9AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-41183

Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41186

Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago3 views

EUVD-2026-41196

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-41166

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score
Exploits0References3
Rows per page
Query Builder