Lucene search
K

248 matches found

ATTACKERKB
ATTACKERKB
added 2026/04/28 10:35 p.m.3 views

CVE-2026-7351

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

5.1AI score0.00093EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/04/28 10:35 p.m.137 views

CVE-2026-7351

CVE-2026-7351 describes a race in MHTML handling in Google Chrome prior to 147.0.7727.138. The vulnerability allows a user who is induced to install a crafted Chrome Extension to leak cross-origin data via MHTML processing. The root cause, per sources, is a race condition in MHTML handling; no ex...

3.1CVSS5.2AI score0.00093EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/04/28 10:35 p.m.7 views

EUVD-2026-26177

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

5.1AI score0.00093EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/28 10:35 p.m.37 views

CVE-2026-7351

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

0.00093EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/04/28 10:35 p.m.6 views

CVE-2026-7351

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

3.1CVSS5.2AI score0.00093EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2026/04/28 10:35 p.m.5 views

CVE-2026-7351

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

3.1CVSS5.2AI score0.00093EPSS
Exploits0
Kaspersky
Kaspersky
added 2026/04/28 12:0 a.m.13 views

KLA91010 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Canvas can be exploited remotely to execute arbitrar...

9.6CVSS6.8AI score0.00433EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.11 views

Google Chrome 竞争条件问题漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a vulnerability related to competition conditions in the MHTML component. This vulnerability could allow attackers to trick users into installing malicious extensions, thereby...

3.1CVSS5.8AI score0.00093EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-35851

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A race condition in MHTML MIME HTML, a web page archive format allows an attacker to leak cross-origin data. This occurs if an attacker convinces a user to install a crafted malicious...

9.6CVSS6AI score0.00433EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.5 views

Google Chrome < 4.9.385.33 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 4.9.385.33. It is, therefore, affected by multiple vulnerabilities as referenced in the 201603stable-channel-update24 advisory. - The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in...

9.3CVSS8.4AI score0.4811EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-0998

Malware in sbrugna...

3.5CVSS6.4AI score0.00759EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2017-9006

Malware in sbrugna...

6.1CVSS6.3AI score0.00942EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-2745

Malware in sbrugna...

9.3CVSS9.1AI score0.01199EPSS
Exploits0References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2012-5645

Malware in sbrugna...

3.5CVSS6.4AI score0.00759EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2017-5124

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect application of sandboxing in Blink in Google Chrome prior to 62.0.3202.62 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a...

6.1CVSS7.5AI score0.05245EPSS
Exploits5References2
BDU FSTEC
BDU FSTEC
added 2024/09/16 12:0 a.m.5 views

The vulnerability of the MHTML export function in the Spreadsheet module of the WPS Office office software for Windows operating systems allows a malicious individual to perform arbitrary commands.

The vulnerability of the MHTML export function in the Spreadsheet module of the WPS Office office software on Windows operating systems is related to the loading of malicious DLL libraries due to an incorrect limitation on the path to the ksoqing directory. Exploiting this vulnerability allows a...

7.8CVSS7.9AI score0.01773EPSS
Exploits0References7Affected Software1
The Hacker News
The Hacker News
added 2024/07/16 9:0 a.m.39 views

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer

An advanced persistent threat APT group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-Ma...

9.8CVSS9AI score0.99938EPSS
Exploits62
OSV
OSV
added 2023/03/29 5:15 p.m.3 views

CVE-2023-26292

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Cloud Security Gateway CSG Portal on Web Cloud Security Gateway, Email Security Cloud loginsubmit.mhtml modules, Forcepoint Web Security Portal on Hybrid loginsubmit.mhtml modules allows...

6.1CVSS6.4AI score0.00353EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/29 12:0 a.m.5 views

PT-2023-20589 · Forcepoint · Forcepoint Web Security +1

Name of the Vulnerable Software and Affected Versions: Forcepoint Cloud Security Gateway CSG versions before 03/29/2023 Forcepoint Web Security versions before 03/29/2023 Description: The issue is related to improper neutralization of input during web page generation, which allows reflected...

6.1CVSS6AI score0.00353EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:30 a.m.6 views

SUSE CVE-2014-1747

Cross-site scripting XSS vulnerability in the DocumentLoader::maybeCreateArchive function in core/loader/DocumentLoader.cpp in Blink, as used in Google Chrome before 35.0.1916.114, allows remote attackers to inject arbitrary web script or HTML via crafted MHTML content, aka "Universal XSS UXSS."...

4.3CVSS7.7AI score0.01832EPSS
Exploits0References2
Rows per page
Query Builder