6 matches found
CVE-2026-45303
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can be injected and executed. The frontend provides a function to visualize the HTML content of a current chat. The content is embedded in an...
CVE-2026-8563
An insufficient policy enforcement flaw was found in the IFrame Sandbox component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=40061220...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability due to an bypass of the IFrameSandbox policy. This vulnerability could allow remote attackers to bypass navigation restrictions through specially crafted HTM...
EUVD-2025-205677
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment...
EUVD-2025-34719
Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment...
RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape
Impact RestrictedPython does not check access to stack frames and their attributes. Stack frames are accessible within at least generators and generator expressions, which are allowed inside RestrictedPython. An attacker with access to a RestrictedPython environment can write code that gets the...