Lucene search
K

7048 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS6AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS6AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS6AI score0.00189EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS6AI score0.00189EPSS
Exploits0References6
NVD
NVD
added 5 days ago6 views

CVE-2026-59214

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

9CVSS0.00285EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 5 days ago6 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
CVE
CVE
added 5 days ago8 views

CVE-2026-59214

Open WebUI (self-hosted AI platform) is affected by a vulnerability described as a stored web worker XSS via Pyodide. Prior to version 0.10.0, the platform runs client-side Python with Pyodide inside a same-origin web worker, which could allow stored chat payloads using pyodide.http.pyfetch or th...

9CVSS6.1AI score0.00285EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 5 days ago7 views

CVE-2026-59214

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

7.3CVSS6.1AI score0.00285EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago32 views

CVE-2026-59214 Open WebUI: Stored web worker XSS via Pyodide

Open WebUI is an extensible, feature-rich, and user-friendly self-hosted AI platform. Prior to 0.10.0, Open WebUI runs client-side Python with Pyodide in a same-origin web worker, allowing stored chat payloads that use pyodide.http.pyfetch or the js module fetch and XMLHttpRequest APIs to issue...

7.3CVSS0.00285EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 5 days ago5 views

firefox: thunderbird: Same-origin policy bypass in the Networking: Cookies component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: Cookies component...

9.1CVSS5.9AI score0.00189EPSS
Exploits0References6
EUVD
EUVD
added 5 days ago7 views

EUVD-2026-42453

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6AI score0.00168EPSS
Exploits0References3
NVD
NVD
added 6 days ago7 views

CVE-2026-15124

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00168EPSS
Exploits0References2
NVD
NVD
added 6 days ago6 views

CVE-2026-15115

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

3.3CVSS0.00089EPSS
Exploits0References2
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-15124

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

4.3CVSS6AI score0.00168EPSS
Exploits0
Cvelist
Cvelist
added 6 days ago41 views

CVE-2026-15124

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00168EPSS
Exploits0References2
CVE
CVE
added 6 days ago73 views

CVE-2026-15124

CVE-2026-15124 affects Google Chrome; vulnerability in the Passwords component due to insufficient policy enforcement allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Impact is a cross-origin bypass as described in the public advisories. Remediation: update to Ch...

4.3CVSS6AI score0.00168EPSS
Exploits0References2Affected Software1
CVE
CVE
added 6 days ago69 views

CVE-2026-15115

CVE-2026-15115 affects Google Chrome on Android prior to 150.0.7871.115, where insufficient validation of untrusted input in WebAppInstalls could allow a local attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability stems from untrusted input handling within WebAppIns...

3.3CVSS6AI score0.00089EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-15115

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6AI score0.00089EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-15115

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00089EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-56643

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description Insufficient policy enforcement in the Passwords component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

8.8CVSS6AI score0.0026EPSS
Exploits0References36
Rows per page
Query Builder