CVE-2026-34296

Vulnerability in the Oracle Agile Product Lifecycle Management for Process product of Oracle Supply Chain component: Product Quality Management. The supported version that is affected is 6.2.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2026-5942

Flaws in page lifecycle management allow document structure changes to desynchronize internal component states, causing subsequent operations to access invalidated objects and crash the program...

CVE-2026-35244

Vulnerability in the Oracle Hyperion Infrastructure Technology product of Oracle Hyperion component: Lifecycle Management. The supported version that is affected is 11.2.24.0.000. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle...

CVE-2026-3603

IBM Engineering Lifecycle Management 7.0.3 Interim Fix 001 through Interim Fix 021, 7.1.0 Interim Fix 001 through Interim Fix 009, and 7.2.0 and 7.2.0 Interim Fix 001 is vulnerable to an XML external entity injection XXE attack when processing XML data. An authenticated attacker could exploit thi...

Chromium: CVE-2026-11152 Object lifecycle issue in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-34613

Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

DEBIAN-CVE-2026-11152

Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11152

Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11152

The CVE refers to an object lifecycle issue in Dawn within Google Chrome, exploitable before version 149.0.7827.53. A remote attacker could potentially perform a sandbox escape via a crafted HTML page. The Chromium note marks the security severity as Medium. Affected component: Dawn in Google Chr...

CVE-2026-11152

Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11152

Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-11152

Object lifecycle issue in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2025-62338

HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure...

CVE-2025-62338

Technical details are not publicly available in the provided documents. Monitor for updates.

CVE-2025-62338 HCL BigFix Cloud Lifecycle Management is affected by lack of input validation

HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure...

CVE-2025-62338 HCL BigFix Cloud Lifecycle Management is affected by lack of input validation

HCL BigFix Cloud Lifecycle Management is affected by lack of input validation. This low-level flaw allows unauthorized access and may lead to information exposure...

PT-2026-46218

Name of the Vulnerable Software and Affected Versions HCL BigFix Cloud Lifecycle Management affected versions not specified Description Lack of input validation in HCL BigFix Cloud Lifecycle Management may lead to information exposure. This flaw allows unauthorized access to sensitive data...

WebMCP Tool Surface Poisoning: Runtime Manipulation Attacks on LLM Agents

WebMCP is a newly emerging protocol that enables websites to expose tools directly to AI agents, bypassing traditional user interfaces and introducing new security risks. The dynamic exposure of agent-accessible tools in WebMCP expands the attack surface of web sessions, especially when third-par...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.21 CNF vRAN extras topology aware lifecycle manager update

An update for topology-aware-lifecycle manager is available for Red Hat OpenShift Container Platform 4.21. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the...

Microsoft Build 2026: Securing code, agents, and models across the development lifecycle

In this article 1. Secure your code 2. Secure your agents 3. Trust agents with your data 4. Secure your models 5. Trust starts with security Today, developers and security teams are caught in growing tension. AI is accelerating development and introducing new issues around insecure code, opaque...