Lucene search
K

4631 matches found

OSV
OSV
added 10 hours ago2 views

DEBIAN-CVE-2026-14131

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.8AI score
Exploits0References1
OSV
OSV
added 10 hours ago3 views

DEBIAN-CVE-2026-14066

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score
Exploits0References1
Nuclei
Nuclei
added 14 hours ago78 views

Grafana <= 6.7.1 - Cross-Site Scripting

Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot...

5.4CVSS6.6AI score0.09619EPSS
Exploits0References5
EUVD
EUVD
added 17 hours ago2 views

EUVD-2026-40529

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score
Exploits0References3
NVD
NVD
added yesterday5 views

CVE-2026-14089

Insufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-14066

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS
Exploits0References2
Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-14022

Insufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0
CVE
CVE
added yesterday6 views

CVE-2026-13891

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.8AI score
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added yesterday3 views

CVE-2026-13847

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score
Exploits0
Cvelist
Cvelist
added yesterday13 views

CVE-2026-13843

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-13777

Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.8AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added 6 days ago27 views

CVE-2026-42387 Insufficient input validation in ZoneToCache

A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to a crash of the Recursor due to insuffcient input validation...

5.9CVSS0.004EPSS
Exploits0References1
Nuclei
Nuclei
added 6 days ago32 views

Grafana Post-Auth DuckDB - SQL Injection To File Read

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...

9.9CVSS6.6AI score0.97781EPSS
Exploits10References3
Cvelist
Cvelist
added last week29 views

CVE-2026-13024

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

0.00146EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/06/16 2:14 a.m.10 views

Chromium: CVE-2026-11691 Insufficient validation of untrusted input in New Tab Page

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.2AI score0.00179EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/16 2:14 a.m.11 views

Chromium: CVE-2026-11686 Insufficient validation of untrusted input in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.2AI score0.00203EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/06/16 2:14 a.m.13 views

Chromium: CVE-2026-11653 Insufficient validation of untrusted input in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

9.6CVSS5.2AI score0.00252EPSS
Exploits0
FreeBSD
FreeBSD
added 2026/06/11 12:0 a.m.7 views

chromium -- security fixes

Chrome Releases reports: This update includes 28 security fixes: 516731749 Critical CVE-2026-12007: Use after free Core. Reported by Google on 2026-05-26 516942828 Critical CVE-2026-12008: Use after free DigitalCredentials. Reported by Google on 2026-05-27 517332006 Critical CVE-2026-12009:...

9.6CVSS5.6AI score0.00287EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.6 views

CVE-2026-0414

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.4AI score0.00168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.6 views

CVE-2026-0415

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

6.8CVSS5.4AI score0.00229EPSS
Exploits0References1
Rows per page
Query Builder