Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8206 matches found

NVD
NVDadded 2026/03/11 10:16 p.m.1 views

CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00032EPSS
Exploits0References2
OSV
OSVadded 2026/03/11 10:16 p.m.1 views

DEBIAN-CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.3AI score0.00032EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/11 10:4 p.m.22 views

CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

0.00032EPSS
Exploits0References2
AlpineLinux
AlpineLinuxadded 2026/03/11 10:4 p.m.2 views

CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00032EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/03/11 10:4 p.m.1 views

CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00032EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/03/11 10:4 p.m.9 views

CVE-2026-3934

CVE-2026-3934 affects ChromeDriver in Google Chrome prior to 146.0.7680.71. The connected sources describe an insufficient policy enforcement issue that lets a remote attacker bypass the same-origin policy via a crafted HTML page. The vulnerability impact is stated as part of the Chromium securit...

6.5CVSS5.8AI score0.00032EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/11 10:4 p.m.0 views

CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00032EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/03/11 10:4 p.m.2 views

CVE-2026-3934

Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.3AI score0.00032EPSS
Exploits0
NVD
NVDadded 2026/03/11 9:16 p.m.4 views

CVE-2026-32109

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

4.4CVSS0.0001EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/03/11 8:16 p.m.26 views

CVE-2026-32109 Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

3.7CVSS0.0001EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/03/11 8:16 p.m.3 views

CVE-2026-32109 Copyparty has unexpected JavaScript execution via crafted URL to folder with `.prologue.html`

Copyparty is a portable file server. Prior to 1.20.12, if an attacker has been given both read- and write-permissions to the server, they can upload a malicious file with the filename .prologue.html and then craft a link to potentially execute arbitrary JavaScript in the victim's context. Note th...

3.7CVSS5.9AI score0.0001EPSS
Exploits0References1
OSV
OSVadded 2026/03/11 6:0 p.m.0 views

UBUNTU-CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.8AI score0.0003EPSS
Exploits2References4
SUSE CVE
SUSE CVEadded 2026/03/11 4:18 p.m.1 views

SUSE CVE-2026-3846

Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...

6.5CVSS5.8AI score0.00021EPSS
Exploits0References3
Snyk
Snykadded 2026/03/11 12:43 p.m.1 views

Authentication Bypass by Primary Weakness

Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness in url.c, when negotiating an HTTP or HTTPS connection. An attacker can gain unauthorized access to resources or perform actions with the privileges of another user by forcing the reuse of an...

7.6CVSS5.9AI score0.00073EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/11 12:31 p.m.2 views

EUVD-2026-11135

libcurl can in some circumstances reuse the wrong connection when asked to do an Negotiate-authenticated HTTP or HTTPS request. libcurl features a pool of recent connections so that subsequent requests can reuse an existing connection to avoid overhead. When reusing a connection a range of...

6.5CVSS5.8AI score0.00073EPSS
Exploits0References3
EUVD
EUVDadded 2026/03/11 12:31 p.m.2 views

EUVD-2026-11141

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.8AI score0.0003EPSS
Exploits2References5
NVD
NVDadded 2026/03/11 11:16 a.m.2 views

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS0.0003EPSS
Exploits2References4
Cvelist
Cvelistadded 2026/03/11 10:9 a.m.23 views

CVE-2026-3805 use after free in SMB connection reuse

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

0.0003EPSS
Exploits2References3
AlpineLinux
AlpineLinuxadded 2026/03/11 10:9 a.m.5 views

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

7.5CVSS5.8AI score0.0003EPSS
Exploits2References4
RedHat Linux
RedHat Linuxadded 2026/03/11 5:56 a.m.3 views

firefox: thunderbird: Same-origin policy bypass in the Networking: JAR component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Same-origin policy bypass in the Networking: JAR component...

9.8CVSS5.7AI score0.00025EPSS
Exploits0References6
Rows per page
Query Builder