Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

34294 matches found

RedhatCVE
RedhatCVEadded 2026/04/01 5:3 p.m.5 views

CVE-2026-34595

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.70 and 9.7.0-alpha.18, an authenticated user with find class-level permission can bypass the protectedFields class-level permission setting on LiveQuery subscriptions. By...

5.3CVSS5.8AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/04/01 10:58 a.m.3 views

CVE-2026-4400

Insecure Direct Object Reference IDOR vulnerability in 1millionbot Millie chat that allows private conversations of other users being viewed by simply changing the conversation ID. The vulnerability is present in the endpoint 'api.1millionbot.com/api/public/conversations/' and, if exploited, coul...

7CVSS6AI score0.00209EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2026/04/01 9:40 a.m.5 views

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component...

10CVSS7.1AI score0.00676EPSS
Exploits0References6
OSV
OSVadded 2026/04/01 9:5 a.m.6 views

CLSA-2026-1775034352 squid: Fix of CVE-2025-59362

CVE-2025-59362: fix mishandling of ASN.1 encoding of long SNMP OIDs in lib/snmplib/asn1.c asnbuildobjid...

4CVSS5.8AI score0.00362EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/01 6:21 a.m.5 views

CVE-2026-5279

An object corruption flaw was found in the V8 component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490642836...

9.6CVSS5.8AI score0.0034EPSS
Exploits0References5
NVD
NVDadded 2026/04/01 5:16 a.m.8 views

CVE-2026-5279

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.0034EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/04/01 4:41 a.m.31 views

CVE-2026-5279

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.0034EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/04/01 4:41 a.m.9 views

CVE-2026-5279

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.3CVSS6.2AI score0.0034EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/04/01 4:41 a.m.2 views

CVE-2026-5279

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0034EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/04/01 4:41 a.m.4 views

CVE-2026-5279

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.0034EPSS
Exploits0References2
CVE
CVEadded 2026/04/01 4:41 a.m.34 views

CVE-2026-5279

CVE-2026-5279 affects Google Chrome (V8) with object corruption in V8 that allowed remote code execution via a crafted HTML page in a sandbox. The Chromium security note lists this as High severity; the Chrome stable update fixes include 146.0.7680.178 (and prior 177/178 variants on different cha...

8.8CVSS6.2AI score0.0034EPSS
Exploits0References2Affected Software1
AlpineLinux
AlpineLinuxadded 2026/04/01 4:41 a.m.7 views

CVE-2026-5279

Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.0034EPSS
Exploits0
AstraLinux
AstraLinuxadded 2026/04/01 3:55 a.m.7 views

Astra Linux – Vulnerability in Chromium

In DevTools in Google Chrome prior to version 145.0.7632.45, it was possible for a remote attacker to convince a user to perform certain UI gestures and install a malicious extension, thereby potentially exploiting object corruption through a malicious file. Chromium security severity: Medium...

7.5CVSS5.5AI score0.00204EPSS
Exploits0References3
AstraLinux
AstraLinuxadded 2026/04/01 3:55 a.m.3 views

Astra Linux – Vulnerability in Firefox

Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

10CVSS5.4AI score0.00487EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 2026/04/01 3:55 a.m.3 views

Astra Linux – Vulnerability in Firefox

DoS attacks in the DOM: Service Workers component. This vulnerability was fixed in Firefox 147 and Thunderbird 147...

7.5CVSS5.4AI score0.00537EPSS
Exploits1References3
AstraLinux
AstraLinuxadded 2026/04/01 3:55 a.m.5 views

Astra Linux – Vulnerability in Firefox

Use-after-free in the DOM: Core & HTML components. This vulnerability was fixed in Firefox 148 and Thunderbird 148...

8.8CVSS5.4AI score0.00238EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/01 3:31 a.m.3 views

EUVD-2026-17767

Addressed a potential insecure direct object reference IDOR vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially...

7.1CVSS5.9AI score0.00174EPSS
Exploits0References2
NVD
NVDadded 2026/04/01 2:16 a.m.4 views

CVE-2026-4947

Addressed a potential insecure direct object reference IDOR vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker to access or modify unauthorized resources by manipulating user-supplied object identifiers, potentially...

7.1CVSS0.00174EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/01 1:40 a.m.2 views

CVE-2026-3779

The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents to trigger a use-after-free when the calculation runs and can potentially lead to arbitrary code execution...

7.8CVSS6AI score0.00309EPSS
Exploits1References2Affected Software2
CVE
CVEadded 2026/04/01 1:40 a.m.12 views

CVE-2026-3779

The CVE-2026-3779 entry concerns Foxit Reader/Foxit PDF Editor: a use-after-free in the list box calculate array logic, where stale references to page/form objects after deletion/re-creation can be triggered by specially crafted PDFs, potentially enabling arbitrary code execution. Cisco Talos att...

7.8CVSS6AI score0.00309EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder