CVE-2026-12008

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12008

CVE-2026-12008 : In Google Chrome, a Use-after-free in DigitalCredentials (pre-149.0.7827.115) could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The Chrome Stable update (149.0.7827.114/115 for Windows/Mac; 149.0.7827...

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12008

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12007

CVE-2026-12007 is a use-after-free in Chrome's Core on Windows, caused by a vulnerability in the handling of crafted HTML pages. The issue affects Chrome prior to version 149.0.7827.115 and could allow a remote attacker to execute arbitrary code. Google’s June 2026 stable-channel update (149.0.78...

Wordfence Intelligence Weekly WordPress Vulnerability Report (June 1, 2026 to June 7, 2026)

Last week, there were 159 vulnerabilities disclosed in 142 WordPress Plugins and 2 WordPress Themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 96 Vulnerability Researchers that contributed to WordPress Security last week. Review those vulnerabilities...

Exploit for Use After Free in Linux Linux_Kernel

CVE-2026-23111 nftables LPE: exposure check and safe lab Def...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing maliciously crafted...

SUSE-SU-2026:2378-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: - CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. - CVE-2026-28883: processing maliciously...

Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: Security fixes: CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. CVE-2026-28883: processing...

SUSE-SU-2026:2376-1 Security update for webkit2gtk3

This update for webkit2gtk3 fixes the following issues Update to version 2.52.4: Security fixes: - CVE-2026-28847: processing maliciously crafted web content may lead to an unexpected process crash or arbitrary code execution due to a heap buffer overflow bsc1267506. - CVE-2026-28883: processing...

Exploit for Use After Free in Redis

CVE-2026-23479 Scanner Redis Use-After-Free vulnerability CV...

Security Bulletin: Vulnarability in grub2 library (CVE-2025-61662) affects Power HMC.

Summary The grub2 library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2025-61662 DESCRIPTION: A Use-After-Free vulnerability has been discovered in GRUB's gettext module. This flaw stems from a programming error where the...

CVE-2026-52757

Ghidra before 12.1 contains a heap-use-after-free vulnerability in the decompiler's HighVariable::merge function during the variable merging pass. Attackers can trigger this vulnerability by crafting a binary that causes stale pointers in the HighIntersectTest::highedgemap cache to be dereference...

CVE-2026-49496

Ghidra before 12.1 contains a heap-use-after-free vulnerability in SleighBuilder::generatePointerAdd caused by iterator invalidation when PcodeCacher::allocateInstruction reallocates the issued vector. Attackers can trigger memory corruption by decompiling malicious binaries through the public...

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

A flaw was found in OpenSSL. When processing a specially crafted PKCS7 or S/MIME Secure/Multipurpose Internet Mail Extensions signed message, a heap use-after-free vulnerability in the PKCS7verify function can be triggered. This occurs if the SignedData digestAlgorithms field is present as an emp...

Security update for strongswan

This update for strongswan fixes the following issues CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. CVE-2026-35330: integer underflow when handling EAP-SIM/AKA attribut...

SUSE-SU-2026:2368-1 Security update for strongswan

This update for strongswan fixes the following issues - CVE-2026-35328: infinite loop when handling supported versions TLS extension bsc1261712. - CVE-2026-35329: null pointer dereference when processing padding in PKCS7 bsc1261717. - CVE-2026-35330: integer underflow when handling EAP-SIM/AKA...