72512 matches found
CVE-2026-9914
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-9914
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-9914
CVE-2026-9914 concerns an ANGLE input-validation flaw in Google Chrome prior to 148.0.7778.216. The renderer process, if compromised, could be forced to escape the sandbox via a crafted HTML page. The issue is described as a high-severity, remote threat with impact on confidentiality, integrity, ...
CVE-2026-9903
Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted MHTML page. Chromium security severity: High...
CVE-2026-9903
Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted MHTML page. Chromium security severity: High...
CVE-2026-9903
Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted MHTML page. Chromium security severity: High...
CVE-2026-9903
CVE-2026-9903 : Insufficient validation of untrusted input in the Site Isolation component of Google Chrome (Chromium) prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to bypass site isolation via a crafted MHTML page. The impact is to weaken the b...
CVE-2026-9903
Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted MHTML page. Chromium security severity: High...
CVE-2026-9898
Insufficient validation of untrusted input in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-9885
CVE-2026-9885 concerns an upstream Chrome UI integrity issue: insufficient validation of untrusted input in the Mac UI could allow a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. Affected product: Google Chrome on macOS (before 148.0.7778.216). Root cause: in...
CVE-2026-9880
Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9880
CVE-2026-9880 affects Google Chrome WebGL in the Chromium WebGL stack. The root cause is insufficient validation of untrusted input in WebGL, enabling a remote attacker who has compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page. Affected software is ...
CVE-2026-9880
Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-49095
Improper Input Validation CWE-20 in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into a configuration override mechanism that is not adequatel...
CVE-2026-49095 Improper Input Validation in Kibana Fleet Leading to Privilege Escalation
Improper Input Validation CWE-20 in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into a configuration override mechanism that is not adequatel...
CVE-2026-49095
Kibana Fleet policy management feature is affected by CVE-2026-49095 due to improper input validation (CWE-20). An authenticated user with Fleet management privileges can inject values into a configuration override mechanism, causing Elastic Agents to be issued API keys with elevated Elasticsearc...
CVE-2026-49095 Improper Input Validation in Kibana Fleet Leading to Privilege Escalation
Improper Input Validation CWE-20 in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into a configuration override mechanism that is not adequatel...
EUVD-2026-33033
Improper Input Validation CWE-20 in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into a configuration override mechanism that is not adequatel...
Kibana Fleet 8.19.16, 9.3.5, and 9.4.2 Security Update (ESA-2026-38)
Improper Input Validation in Kibana Fleet Leading to Privilege Escalation Improper Input Validation CWE-20 in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by...
CVE-2026-48688
A flaw was found in FastNetMon Community Edition. Multiple out-of-bounds read vulnerabilities exist within the BGP MPREACHNLRI IPv6 attribute decoder. A remote attacker could exploit these flaws by sending specially crafted BGP messages, which could lead to information disclosure or a denial of...