44 matches found
CVE-2026-12453
An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516448843...
CVE-2026-12441
An use after free flaw was found in the File Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520157118...
CVE-2026-11666
An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=514009323...
CVE-2026-11293
An use after free flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502362260...
CVE-2026-11216
An incorrect security ui flaw was found in the File Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=474583539...
CVE-2026-11160
An out of bounds read flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501862016...
CVE-2026-10959
An use after free flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=507258648...
CVE-2026-10938
An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502681591...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the File Input component after it was released, potentially allowing a remote attacker to exploit a...
CVE-2026-9997
An use after free flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513324041...
CVE-2026-9979
An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511742228...
CVE-2026-9933
An use after free flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501575979...
CVE-2026-10010
An inappropriate implementation flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513995565...
CVE-2026-9124
An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496375695...
Chromium: CVE-2026-9124 Insufficient validation of untrusted input in Input
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-8513
An use after free flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495939973...
CVE-2026-32732
Lean 4 VS Code Extension is a Visual Studio Code extension for the Lean 4 proof assistant. Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as...
lean4monaco (>=1.1.0 <=1.1.7) potentially affected by CVE-2026-32732 via @leanprover/unicode-input-component (=0.1.9)
@leanprover/unicode-input-component NPM version =0.1.9 is affected by a known vulnerability. The following packages have a transitive dependency on @leanprover/unicode-input-component and may be impacted: - lean4monaco =1.1.0, =1.1.7 Source cves: CVE-2026-32732 Source advisory:...
EUVD-2026-12181
XSS in @leanprover/unicode-input-component...
GHSA-6GGM-PWR9-R5H2 XSS in @leanprover/unicode-input-component
Impact Projects that use @leanprover/unicode-input-component are vulnerable to an XSS exploit in 0.1.9 of the package and lower. The component re-inserted text in the input element back into the input element as unescaped HTML. Patches The issue has been resolved in 0.2.0. Workarounds Replace the...