CVE-2026-9969

An insufficient validation of untrusted input flaw was found in the ANGLE component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506550494...

CVE-2026-9903

An insufficient validation of untrusted input flaw was found in the Site Isolation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498783665...

CVE-2026-9885

An insufficient validation of untrusted input flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=508452241...

CVE-2026-9880

An insufficient validation of untrusted input flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503615025...

CVE-2026-10021

An insufficient validation of untrusted input flaw was found in the USB component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497327715...

CVE-2026-10020

An insufficient validation of untrusted input flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=496565479...

Avro 输入验证错误漏洞

Avro is a fast Go Avro decoder developed by hamba. Versions prior to Avro 2.33.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from multiple Avro decoder paths reading 64-bit values controlled by an attacker and truncating or using overflow signed intege...

JetBrains TeamCity 输入验证错误漏洞

JetBrains TeamCity is a set of distributed build management and continuous integration tools developed by the Czech company JetBrains. This tool offers features such as continuous unit testing, code quality analysis, and reporting on build issues. Prior to JetBrains TeamCity 2026.1, there was a...

CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

PT-2026-45053

Summary The fix for GHSA-9mqq-jqxf-grvw / CVE-2026-44336 is incomplete. The original advisory description named four vulnerable handlers in mcp server/adapters/cli tools.py: "registers four file-handling tools by default, praisonai.rules.create, praisonai.rules.show, praisonai.rules.delete, and...

RockyLinux 10 : edk2 (RLSA-2026:18465)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:18465 advisory. edk2: EDK2: Improper Input Validation allows arbitrary command execution CVE-2025-2296 Tenable has extracted the preceding description block directly from the...

WordPress plugin Simple Divi Shortcode 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Linux Distros Unpatched Vulnerability : CVE-2026-10021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTM...

CVE-2026-9980

Insufficient validation of untrusted input in Printing in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-9982

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-9985

Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-9979

Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-9979

Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-9986

Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-9985

Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...