Lucene search
K

4425 matches found

EUVD
EUVD
added yesterday7 views

EUVD-2026-42460

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00187EPSS
Exploits0References3
EUVD
EUVD
added yesterday6 views

EUVD-2026-42458

Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00187EPSS
Exploits0References3
NVD
NVD
added 2 days ago5 views

CVE-2026-15130

Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00187EPSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-15131

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-15131

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00187EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago5 views

CVE-2026-15131

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00187EPSS
Exploits0
CVE
CVE
added 2 days ago35 views

CVE-2026-15131

CVE-2026-15131 affects Google Chrome in the Navigation path where an inappropriate implementation could allow a remote attacker to bypass site isolation via a crafted HTML page. The issue is tied to Chromium security in the Navigation component and is classified as Medium severity. Affected versi...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-15130

Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

0.00187EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago4 views

CVE-2026-15130

Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00187EPSS
Exploits0
CVE
CVE
added 2 days ago31 views

CVE-2026-15130

CVE-2026-15130 affects Google Chrome navigation policy enforcement. The vulnerability arises from insufficient policy enforcement in Navigation, enabling a remote attacker to bypass site isolation via a crafted HTML page. A fix is available in the Stable channel: Windows/Mac 150.0.7871.114/115 an...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2 days ago6 views

CVE-2026-59896

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...

6.5CVSS0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago3 views

EUVD-2026-42326

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3
CVE
CVE
added 2 days ago7 views

CVE-2026-59896

Hono/jsx in the Hono web framework exposes a cross-request data disclosure during server-side rendering. From version 4.11.8 up to, but not including, 4.12.27, context values created via createContext, useContext, jsxRenderer, or useRequestContext were not isolated per request and could be reused...

6.5CVSS5.9AI score0.00191EPSS
Exploits0References3
Cvelist
Cvelist
added 2 days ago30 views

CVE-2026-59896 hono/jsx does not isolate context per request, leading to cross-request data disclosure

Hono is a Web application framework that provides support for any JavaScript runtime. From 4.11.8 before 4.12.27, hono/jsx did not isolate context values per request during server-side rendering, allowing createContext, useContext, jsxRenderer, or useRequestContext data from a different in-flight...

6.5CVSS0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2 days ago4 views

EUVD-2026-42109

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS5.9AI score0.00145EPSS
Exploits0References2
NVD
NVD
added 3 days ago6 views

CVE-2026-55418

FastGPT is an open source AI knowledge base platform. Prior to v4.15.0-beta5, two FastGPT file handlers authorize an unrelated resource and then sign or read an S3 object using a key taken directly from the request, without checking that the key belongs to the caller's team. Because S3 object key...

8.6CVSS0.00299EPSS
Exploits0References4
NVD
NVD
added 3 days ago6 views

CVE-2026-28378

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS0.00145EPSS
Exploits0References1
Cvelist
Cvelist
added 3 days ago24 views

CVE-2026-28378 Cross-Organization Public Dashboard Deletion via Missing Org Isolation

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS0.00145EPSS
Exploits0References1
CVE
CVE
added 3 days ago55 views

CVE-2026-28378

The CVE-2026-28378 entry describes a vulnerability in Grafana where the public dashboard deletion endpoint does not enforce organization isolation. An Org Admin in one organization can delete public dashboards belonging to another organization by supplying the target dashboard identifiers. Impact...

3.1CVSS5.9AI score0.00145EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago45 views

CVE-2026-28378

The public dashboard deletion endpoint does not enforce organization isolation, allowing an Org Admin in one organization to delete public dashboards belonging to a different organization by supplying the target dashboard's identifiers...

3.1CVSS5.9AI score0.00145EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder