Lucene search
K

532 matches found

EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34713

Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00175EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.4AI score0.00135EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.20 views

PT-2026-46590

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Extensions allows an attacker to inject scripts or HTML into a privileged page. This occurs when a user is convinced to install a crafted malicious...

9.6CVSS5.8AI score0.00411EPSS
Exploits0References437
HackRead
HackRead
added 2026/06/01 5:48 p.m.21 views

What One Predator Case Can Reveal About an Online Platform’s Safety Gaps

When a predator contacts a child through an online platform, the details of how it happened often expose…...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/06/01 12:0 a.m.9 views

Orca Energija Orca heat pump 安全漏洞

Orca Energija Orca heat pump is a series of air-to-water heat pump systems developed by Orca Energija. There are security vulnerabilities in Orca Energija Orca heat pumps. These vulnerabilities stem from the lack of authentication and plaintext data transmission. Combined with the absence of...

6.3CVSS5.3AI score0.00114EPSS
Exploits0References1
OSV
OSV
added 2026/05/29 10:30 p.m.14 views

GHSA-4MR5-G6F9-CFRH PraisonAI vulnerable to sandbox escape via `print.__self__` builtins module leak in `execute_code` (subprocess mode)

Summary executecode in praisonaiagents/tools/pythontools.py v1.6.37, subprocess sandbox mode can be fully bypassed using print.self to retrieve the real Python builtins module, from which import can be extracted via vars and runtime string construction. This achieves arbitrary OS command executio...

9.9CVSS6.3AI score0.0012EPSS
Exploits0References2
OSV
OSV
added 2026/05/29 3:45 p.m.15 views

GHSA-J6FM-9RFM-J5HX Froxlor has an incomplete fix for CVE-2026-30932

Summary The LOC record regex uses \s+ which matches newlines allowing embedded newlines to pass, TLSA matchingType=0 has no upper bound on hex data length, and all validators return raw input without zone-file escaping. Affected Package - Ecosystem: Other - Package: froxlor - Affected versions: a...

8.6CVSS5.9AI score0.00544EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/29 12:38 a.m.16 views

EUVD-2026-33128

Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00145EPSS
Exploits0References3
Packet Storm News
Packet Storm News
added 2026/05/29 12:0 a.m.41 views

Free-Riding in the AI Economy: Demystifying Logic Flaws in X402-Enabled Payment Systems

The agentic economy demands programmatic financial rails, positioning the x402 protocol as the de facto standard for machine-to-machine payments. However, bridging synchronous HTTP requests with asynchronous blockchain finality introduces profound state synchronization challenges. In this work, w...

5.7AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/28 11:30 a.m.30 views

New AI Usage Report: Enterprise AI Risk Is Heavily Concentrated Among a Small Group of AI "Power users"

State of AI Usage Report 2026 full report here by LayerX Security reveals the extent of the enterprise AI visibility gap and why most organizations still don't understand where their AI exposure is actually coming from. The research shows that enterprise AI risk is not distributed evenly across...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2026/05/28 3:55 a.m.10 views

SUSE CVE-2026-45934

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation I have been observing a number of systems aborting at insertdevextents in btrfscreatependingblockgroups. The following is a sample stack trace of such an abo...

5.8AI score0.00121EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/28 12:37 a.m.15 views

CVE-2026-45934

A flaw was found in the Linux kernel's btrfs filesystem. This issue occurs due to non-consecutive gaps in chunk allocation, leading to overlapping chunk maps. A local attacker could exploit this by triggering specific chunk allocation scenarios, potentially causing filesystem operations to abort...

7CVSS5.8AI score0.00121EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.13 views

EUVD-2026-32312

A flaw was found in Samba’s vfsworm module. The module is intended to provide write-once, read-many WORM protections by preventing modification of files after a configurable grace period. Due to insufficient validation during rename operations, an authenticated user with write access to a share...

6.5CVSS5.7AI score0.00939EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.15 views

CVE-2026-45934

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation I have been observing a number of systems aborting at insertdevextents in btrfscreatependingblockgroups. The following is a sample stack trace of such an abo...

5.5CVSS0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:17 p.m.42 views

CVE-2026-45934 btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation I have been observing a number of systems aborting at insertdevextents in btrfscreatependingblockgroups. The following is a sample stack trace of such an abo...

0.00121EPSS
Exploits0References3
CVE
CVE
added 2026/05/27 12:17 p.m.27 views

CVE-2026-45934

CVE-2026-45934 covers a Linux kernel btrfs issue where non-consecutive gaps in chunk allocation can create overlapping chunk maps, leading to aborts of filesystem operations (e.g., insert_dev_extents in btrfs_create_pending_block_groups) and a DoS-like effect. Public records describe the root cau...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added 2026/05/27 12:17 p.m.8 views

CVE-2026-45934

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation I have been observing a number of systems aborting at insertdevextents in btrfscreatependingblockgroups. The following is a sample stack trace of such an abo...

5.5CVSS5.7AI score0.00121EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.12 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from SMF failing to include the necessary inbound OAuth2 middleware when mounting UPI management routing groups. Th...

7.5CVSS5.8AI score0.00364EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.8 views

free5GC 安全漏洞

free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/bearer-token authorization when the NEF route group nnef-callback was mounted, whic...

7.3CVSS5.8AI score0.00241EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.9 views

CVE-2026-45934

btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation...

5.8AI score0.00121EPSS
Exploits0References2
Rows per page
Query Builder