CVE-2026-10702

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

CVE-2026-10702

CVE-2026-10702 is a Firefox issue involving a JIT miscompilation in the JavaScript Engine (JIT component). The vulnerability was fixed in Firefox 151.0.3. The CVSS score is 4.3 (Medium) with network attack vector, user interaction required, and availability impact of Low. Affected product: Mozill...

CVE-2026-10702 JIT miscompilation in the JavaScript Engine: JIT component

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 151.0.3...

CVE-2026-46509

deepobj provides get, set, delete deep objects in javascript. Prior to 1.0.3, prototype pollution is possible when property paths contain proto/constructor/prototype. The property path must not be exposed as user input. This vulnerability is fixed in 1.0.3...

Security Bulletin: IBM Transformation Advisor is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Transformation Advisor. Vulnerability Details CVEID:CVE-2026-44664 DESCRIPTION: fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using...

Security Bulletin: IBM Application Modernization Accelerator is affected by multiple vulnerabilities found in Node.js

Summary There are multiple vulnerabilities in Node.js used by IBM Application Modernization Accelerator. Vulnerability Details CVEID:CVE-2026-41238 DESCRIPTION: DOMPurify is a DOM-only cross-site scripting sanitizer for HTML, MathML, and SVG. Versions 3.0.1 through 3.3.3 are vulnerable to a...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by a prototype pollution vulnerability due to immutable (CVE-2026-29063)

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses WebSphere Application Server Liberty was affected by prototype pollution vulnerability due to immutable CVE-2026-29063. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability...

CVE-2026-10510

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

EUVD-2026-33874

Cross-Site Scripting XSS in GeniexWebView component in Transsion AI Assistant Lifestyle application com.transsion.aiassistantlifestyle all versions on Android allows remote attacker to execute arbitrary JavaScript in the WebView context via crafted webactiondata URL parameter...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a buffer overflow vulnerability, which was caused by out-of-bound reading in the V8 engine. A remote attacker could obtain sensitive information from the process memory through a...

Transsion AI Assistant Lifestyle 安全漏洞

Transsion AI Assistant Lifestyle is a mobile AI assistant application developed by Transsion Corporation. It integrates intelligent question answering, content generation, lifestyle service recommendations, and personal assistant functions. There is a security vulnerability in Transsion AI...

PT-2026-46579

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory corruption flaw that...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper implementation of the V8 component. This vulnerability could allow remote attackers to exploit the heap corruption through...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by integer overflow in the V8 engine. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by a type confusion in the V8 component. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a speciall...

PT-2026-45823

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 151.0.3 Description A JIT miscompilation occurs within the JIT component of the JavaScript Engine. JIT Just-In-Time compilation is a method used to improve the execution speed of programs by compiling code during...

PT-2026-45967

These are all security issues fixed in the libmozjs-115-0-115.15.0-9.1 package on the GA media of openSUSE Tumbleweed...

PT-2026-46520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox. This is achieved by convincing a user to perform specific UI gestures while interacting...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by V8 integer overflow. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox through a specially crafted HTML pa...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open-source web browser developed by the Mozilla Foundation in the United States. Versions of Mozilla Firefox prior to 151.0.3 contained a security vulnerability, which was caused by a compilation error in the JavaScript Engine’s JIT component...