Lucene search
K

752 matches found

EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42726

Hermes WebUI before 0.51.307 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to circumvent local-origin IP restrictions on onboarding endpoints by supplying a spoofed X-Forwarded-For header with a loopback address. Attackers can exploit this bypass to...

9.3CVSS6AI score0.00293EPSS
Exploits0References5
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42453

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6AI score0.00168EPSS
Exploits0References3
NVD
NVD
added 6 days ago7 views

CVE-2026-15124

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00168EPSS
Exploits0References2
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-15115

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

3.3CVSS6AI score0.00089EPSS
Exploits0
OSV
OSV
added 6 days ago4 views

CVE-2026-55438 Coder's workspace app CORS origin check can be bypassed via UUID-based subdomain spoofing

Coder allows organizations to provision remote development environments via Terraform. Prior to versions 2.29.17, 2.32.7, 2.33.8, and 2.34.2, Coder's subdomain-based workspace app proxy allowed the same-owner CORS check to be bypassed. When a workspace-name subdomain segment parsed as a UUID, the...

5.8CVSS6AI score0.00222EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-56643

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description Insufficient policy enforcement in the Passwords component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

8.8CVSS6AI score0.0026EPSS
Exploits0References36
RedHat Linux
RedHat Linux
added 2026/07/07 6:39 a.m.4 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40726

Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00155EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40711

Insufficient validation of untrusted input in SanitizerAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00319EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40607

Insufficient validation of untrusted input in DeviceBoundSessionCredentials in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00319EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40610

Insufficient validation of untrusted input in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00319EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-13839

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS6.2AI score0.00218EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/07/01 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-13838

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS6.2AI score0.00218EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14105

Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

9.6CVSS0.00167EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.2 views

DEBIAN-CVE-2026-14079

Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14046

Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.8 views

CVE-2026-14046

Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00181EPSS
Exploits0References2
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-14039

Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00155EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14023

Insufficient validation of untrusted input in SanitizerAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References1
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-13959

Insufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References1
Rows per page
Query Builder