PT-2026-41590

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

PT-2026-41514

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs sbi discovery option parse plmn list in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be...

Metasoft MetaCRM 访问控制错误漏洞

Metasoft MetaCRM is a customer relationship management system software developed by Metasoft, a Chinese company. Versions of Metasoft MetaCRM 6.4.0 Beta06 and earlier contained a access control error vulnerability. This vulnerability stemmed from an improper handling of the File parameter by an...

PT-2026-41544

Name of the Vulnerable Software and Affected Versions AstrBotDevs AstrBot versions prior to 4.23.6 Description A path traversal issue exists in the File Upload Handler component within the post file function of the astrbot/dashboard/routes/chat.py file. This occurs when the filename argument is...

SUSE CVE-2026-8582

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

OESA-2026-2332 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

ROS-20260515-73-0017

A vulnerability in the Media component of the Google Chrome browser is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

ROS-20260515-73-0050

A vulnerability in the WebView web page display component of Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to affect the confidentiality, integrity and availability of protected information using...

ROS-20260515-73-0036

A vulnerability in the TextEncoding component of Google Chrome and Microsoft Edge browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

ROS-20260515-73-0046

A vulnerability in the Navigation feature of Google Chrome browser is related to improper authorization. Exploitation of the vulnerability could allow an attacker acting remotely to bypass navigation restrictions using a specially crafted HTML page...

CVE-2026-8519

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Critical...

EUVD-2026-30391

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-8567

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-8560

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-8560

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-8552

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: High...

EUVD-2026-30451

Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

EUVD-2026-30447

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-8531

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-8531

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...