1592 matches found
EUVD-2026-30914
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8963 Spoofing issue in the Web Speech component
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8963 Spoofing issue in the Web Speech component
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8963
CVE-2026-8963 is a Web Speech-related spoofing issue affecting Firefox (and Thunderbird) languages/feature usage. The entry notes an upgrade patch: Firefox 151 and Thunderbird 151 mitigate the vulnerability. The CVSSv3.1 vector in the record indicates a Network-exposed, low-attack-complexity flaw...
CVE-2026-8963
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8963
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
CVE-2026-8963
Spoofing issue in the Web Speech component. This vulnerability was fixed in Firefox 151 and Thunderbird 151...
Mozilla Firefox和Mozilla Thunderbird 安全漏洞
Mozilla Firefox and Mozilla Thunderbird are both products of the American Mozilla Foundation. Mozilla Firefox is an open-source web browser. Mozilla Thunderbird is an email client software that emerged independently from the Mozilla Application Suite. This software supports IMAP and POP email...
PT-2026-41917
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 151 Thunderbird versions prior to 151 Description A spoofing issue exists within the Web Speech component...
Bert-VITS2 路径遍历漏洞
Bert-VITS2 is a core text-to-speech model developed by Fish Audio. Bert-VITS2 has a path traversal vulnerability. This vulnerability stems from the improper handling of the datadir parameter in the generateconfig function of the Gratuit Interface component, resulting in path traversal. Attackers...
ROS-20260515-73-0033
A vulnerability in the Web Speech component of Google Chrome and Microsoft Edge browser is related to reading beyond buffer boundaries. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information using a...
PT-2026-41168
Name of the Vulnerable Software and Affected Versions Open WebUI versions prior to 0.9.3 Description An issue exists where the audio transcription upload endpoint uses the file extension from a user-supplied filename to save files. The '/cache/path' route serves these files via FileResponse, whic...
CVE-2026-42456
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLLM returns the text-to-speech audio for another user's chat response within the same workspace...
EUVD-2026-28865
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.12.1, GET /api/workspace/:slug/tts/:chatId in AnythingLLM returns the text-to-speech audio for another user's chat response within the same workspace...
CVE-2026-42456
AnythingLLM vulnerable prior to v1.12.1: GET /api/workspace/:slug/tts/:chatId exposes another user’s private chat response as TTS audio due to ownership check not being enforced, enabling IDOR. Authenticated users can access audio content by guessing known chatId. Issue patched in v1.12.1; remedi...
CVE-2026-7960
A race flaw was found in the Speech component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497007825...
CVE-2026-7935
An inappropriate implementation flaw was found in the Speech component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=489624550...
SUSE CVE-2026-7935
Inappropriate implementation in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7960
Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
Chromium: CVE-2026-7935 Inappropriate implementation in Speech
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...