Lucene search
K

1792 matches found

NVD
NVD
added yesterday4 views

CVE-2026-8879

Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...

Exploits0References1
EUVD
EUVD
added yesterday3 views

EUVD-2026-34165

Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...

5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday7 views

CVE-2026-8879 CVE-2026-8879

Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...

Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday2 views

CVE-2026-8879

Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday2 views

CVE-2026-8879

CVE-2026-8879 affects the Securly Chrome Extension (v3.0.7). It dynamically registers content13.min.js as a content script at runtime via chrome.scripting.registerContentScripts(), bypassing manifest.json and the Chrome Web Store review. The script runs on all URLs, hides page content, displays a...

5.8AI score
Exploits0References1
RedhatCVE
RedhatCVE
added yesterday2 views

CVE-2026-0036

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00005EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added yesterday3 views

PT-2026-46051

Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts at runtime. This script is NOT declared in manifest.json and bypasses Chrome Web Store static security review. It runs on all URLs and immediately...

5.8AI score
Exploits0References2
RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-0048

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.8CVSS5.9AI score0.00006EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2 days ago8 views

CVE-2026-0046

In InputInterceptor of Letterbox.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.2CVSS5.9AI score0.00005EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-33786

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00005EPSS
Exploits0References2
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-33778

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00006EPSS
Exploits0References2
NVD
NVD
added 3 days ago5 views

CVE-2026-28577

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00005EPSS
Exploits0References1
NVD
NVD
added 3 days ago6 views

CVE-2026-0048

In hide of WindowState.java, there is a possible way to trick the user into approving permissions due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.8CVSS0.00006EPSS
Exploits0References1
NVD
NVD
added 3 days ago3 views

CVE-2026-0036

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS0.00005EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago6 views

CVE-2026-28577

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00005EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-28577

In addWindow of WindowManagerService.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.9AI score0.00005EPSS
Exploits0References2Affected Software1
CVE
CVE
added 3 days ago11 views

CVE-2026-28577

CVE-2026-28577 corresponds to a tapjacking/overlay flaw in Android’s WindowManagerService.addWindow. The issue could permit local elevation of privilege with no extra execution privileges and without user action. CVSS 3.1 base metrics indicate Local, Low attack complexity and Low privileges requi...

7.8CVSS5.9AI score0.00005EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 3 days ago4 views

CVE-2026-0061

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00005EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 3 days ago23 views

CVE-2026-0061

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00005EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 3 days ago2 views

CVE-2026-0061

In multiple functions of WindowState.java, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00005EPSS
Exploits0References1
Rows per page
Query Builder