Astra Linux – Vulnerability in Chromium

Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0885

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0885 Use-after-free in the JavaScript: GC component

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0885 Use-after-free in the JavaScript: GC component

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0885

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0884

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0884 Use-after-free in the JavaScript Engine component

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0884 Use-after-free in the JavaScript Engine component

Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0884

CVE-2026-0884 is a use-after-free in the JavaScript Engine component. Affected products include Firefox (versions before 147 and ESR before 140.7) and Thunderbird (versions before 147 and ESR before 140.7). The issue is confirmed in multiple security advisories and Debian/Distro records. Remediat...

CVE-2026-0885

CVE-2026-0885 is a use-after-free in Firefox/Thunderbird’s JavaScript: GC component. Affected: Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, Thunderbird

CVE-2026-0885

Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

Sensitive Information Disclosure

Sentry-Javascript is vulnerable to Sensitive Information Disclosure. The vulnerability is due to over-collection of sensitive HTTP headers when sendDefaultPii is enabled, where headers such as Cookie can be sent to and stored in Sentry traces, allowing users with access to the Sentry organization...

Mozilla -- multiple vulnerabilities

Memory safety bugs present in firefox-esr 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. Clickjacking issue and information disclosure in the PDF Viewer component. Use-after-free in the JavaScript: GC component...

YouPHPTube 跨站脚本漏洞

YouPHPTube is a PHP-based video website system. A cross-site scripting vulnerability exists in YouPHPTube 7.8 and earlier versions, which stems from a cross-site scripting vulnerability in the redirectUri parameter in the signup page, which could lead to the execution of arbitrary JavaScript...

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation.Mozilla Thunderbird is a suite of e-mail client software from the Mozilla Foundation that is separate from the Mozilla...

KLA90833 Multiple vulnerabilities in Mozilla Firefox ESR

Multiple vulnerabilities were found in Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, execute arbitrary code, cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1...

PT-2026-2646

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Firefox ESR versions prior to 140.7 Description A use-after-free issue exists in the JavaScript Engine component. This can potentially allow for unexpected behavior or code execution. Recommendations Update Firefo...

PT-2026-2647

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 147 Firefox ESR versions prior to 140.7 Description A use-after-free issue exists in the JavaScript: GC component. This condition may lead to unexpected behavior or potentially allow for arbitrary code execution...

Node.js 20.x < 20.20.0 / 22.x < 22.22.0 / 24.x < 24.13.0 / 24.x < 24.13.0 / 25.x < 25.3.0 Multiple Vulnerabilities (Tuesday, January 13, 2026 Security Releases).

"The version of Node.js installed on the remote host is prior to 20.20.0, 22.22.0, 24.13.0, 24.13.0, 25.3.0. It is, therefore, affected by multiple vulnerabilities as referenced in the Tuesday, January 13, 2026 Security Releases advisory. - A flaw in Node.js's permission model allows a file's...