Lucene search
K

1974 matches found

OSV
OSV
added 5 days ago3 views

ECHO-FF4F-EC7B-6024

Bulletin has no description...

4.3CVSS5.7AI score0.00245EPSS
Exploits0References2
OSV
OSV
added 5 days ago2 views

ECHO-7056-FB40-88E9

Bulletin has no description...

9.6CVSS5.7AI score0.00243EPSS
Exploits0References2
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-40746

Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00247EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

DEBIAN-CVE-2026-14059

Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References1
NVD
NVD
added 6 days ago5 views

CVE-2026-14059

Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00247EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago21 views

CVE-2026-14059

Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00247EPSS
Exploits0References2
CVE
CVE
added 6 days ago12 views

CVE-2026-14059

CVE-2026-14059 concerns Google Chrome (Chromium) and describes insufficient policy enforcement in the Related-Website-Sets mechanism. The vulnerability allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected software version: Chrome prior to 150.0.7871.47 (Chromium ba...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-14059

Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.8AI score0.00247EPSS
Exploits0
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-54334

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Related-Website-Sets allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Cross-origin data leakage occurs when ...

9.6CVSS6AI score0.00413EPSS
Exploits0References437
OSV
OSV
added 2026/06/24 5:17 p.m.2 views

DEBIAN-CVE-2026-53043

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...

9.1CVSS5.8AI score0.00521EPSS
Exploits0References1
CVE
CVE
added 2026/06/23 8:34 p.m.19 views

CVE-2026-47378

CVE-2026-47378 concerns NocoDB, where before 2026.04.1 public shared-view endpoints could expose hidden-column values through three paths: (1) groupBy could return raw values for any column named in the request, (2) filter and sort arrays operated on hidden columns allowed boolean-blind extractio...

6.9CVSS6AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/23 8:34 p.m.26 views

CVE-2026-47378 NocoDB: Hidden Column Exposure in Public Shared View Endpoints

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on...

6.9CVSS0.00239EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/23 8:34 p.m.6 views

CVE-2026-47378

NocoDB is software for building databases as spreadsheets. Prior to 2026.04.1, Public shared-view endpoints exposed values from columns that the view owner had hidden, via three independent paths: groupBy returned raw values for any column named in the request, filter and sort arrays operated on...

6.9CVSS6AI score0.00239EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/23 5:26 p.m.7 views

CVE-2026-57062

CVE-2026-57062: The CMS parsing in GnuPG’s gpgsm (up to version 2.5.20) mishandles AES-GCM when processing CMS structures, accepting an aes-ICVlen of 4 bytes instead of the required 12. This is a component/format handling flaw in GnuPG’s CMS implementation. The CVE record cites a related issue (C...

2.9CVSS5.8AI score0.0011EPSS
Exploits0References2
Circl
Circl
added 2026/06/21 4:28 p.m.8 views

CVE-2025-71357

creationtimestamp| type| source ---|---|--- 2026-06-21 16:28:41+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3moss4gcist27 2026-06-21 17:23:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mosv6sga2a2k...

8.1CVSS5.8AI score0.00276EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/19 7:35 p.m.13 views

EUVD-2026-36542

parse-server: Relation $relatedTo query bypasses protectedFields and owning-object ACL...

6.9CVSS5.8AI score0.00276EPSS
Exploits0References4
OSV
OSV
added 2026/06/18 2:53 p.m.5 views

MINI-59PF-6WXG-J9PX

Bulletin has no description...

9.1CVSS4.9AI score0.00469EPSS
Exploits0
CVE
CVE
added 2026/06/12 6:37 p.m.23 views

CVE-2026-53726

Parse Server contains a vulnerability in the relation query operator $relatedTo. Before versions 8.6.80 and 9.9.1-alpha.6, an unauthenticated client with public API credentials could read membership of a Relation field protected by protectedFields or object ACLs, potentially enumerating objects l...

6.9CVSS5.3AI score0.00276EPSS
Exploits0References3
NVD
NVD
added 2026/06/12 4:16 p.m.17 views

CVE-2026-5792

Authentication bypass by spoofing vulnerability in Hedef Media Promotion Interactive Media Marketing Inc. Related Marketing Cloud RMC allows Brute Force. This issue affects Related Marketing Cloud RMC: through 12052026...

6.5CVSS0.0021EPSS
Exploits0References1
NVD
NVD
added 2026/06/12 4:16 p.m.11 views

CVE-2026-50083

The Aqara IAM/SSO Gateway gw-builder.aqara.com used a hardcoded OAuth client credential, which is an instance of "CWE-798: Use of Hard-coded Credentials." This issue has an estimated CVSS of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 9.1 Critical. When combined with CVE-2026-50082, CVE-50084, a...

9.1CVSS0.00246EPSS
Exploits0References2
Rows per page
Query Builder