Lucene search
K

744 matches found

CVE
CVE
added 2 days ago15 views

CVE-2026-57963

The CVE-2026-57963 issue affects chat UI in Thunderbird where an attacker able to send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the chat UI. Underlying risk is manipulation of the chat interface and potential phishing wi...

6.5CVSS5.9AI score0.00193EPSS
Exploits0References3
EUVD
EUVD
added 4 days ago5 views

EUVD-2026-40066

A flaw was found in Yelp due to an overly permissive Content Security Policy CSP implementation provided by yelp-xsl. A malicious Flatpak application can open crafted help content through the OpenURI portal. By embedding an untrusted CSS stylesheet within a structured SVG document,...

7.1CVSS5.9AI score0.00137EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/06/25 3:16 p.m.6 views

libxslt: use-after-free with key data stored cross-RVT

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2026/06/25 9:36 a.m.7 views

libxslt: use-after-free with key data stored cross-RVT

A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers and application crash...

5.5CVSS6.1AI score0.00161EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 6:0 a.m.8 views

EUVD-2026-38697

The Cornerstone WordPress plugin before 7.8.8 does not enforce capability checks on one of its CSS-preview request handlers, and exposes the nonce needed to call it to every logged-in user on any wp-admin page, allowing any authenticated user to evaluate dynamic content tokens against arbitrary...

7.7CVSS6AI score0.00219EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.7 views

PT-2026-52108

Name of the Vulnerable Software and Affected Versions SiYuan versions prior to 3.7.0 Description A flaw exists where a CSS snippet body containing can break out of its surrounding tag during interpolation by the renderSnippet function via insertAdjacentHTML. This allows the execution of arbitrary...

9.9CVSS6.4AI score0.00307EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox and Thunderbird

An attacker could exploit XSLT error handling mechanisms to associate content controlled by the attacker with another origin that is displayed in the address bar. This could be used to trick users into submitting data intended for the spoofed origin. This vulnerability affects Thunderbird 102.2,...

6.5CVSS7AI score0.00361EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.12 views

Astra Linux – Vulnerability in Firefox

Removing an XSLT parameter during processing could lead to an exploitable use-after-free vulnerability. There have been reports of attacks exploiting this flaw in the wild. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...

8.8CVSS8.2AI score0.14261EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Firefox

By using XSL Transforms, a malicious webserver could serve a user an XSL document that would continue to execute JavaScript within the bounds of the same-origin policy even after the tab was closed. This vulnerability affects Firefox versions earlier than 97...

8.8CVSS7.3AI score0.00586EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in openjdk-11, bcel

The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 o...

7.5CVSS7.6AI score0.17673EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/06/13 2:29 a.m.7 views

CVE-2026-12089 WS Optimize – All-in-One Speed Booster & Cache Tools <= 3.3.19 - Authenticated (Editor+) Arbitrary File Read

The LWS Optimize – All-in-One Speed Booster & Cache Tools plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 3.3.19. This is due to the combinecurrentcss function trusting values harvested from page HTML and converting same-site URLs to absolute filesystem...

4.9CVSS5.5AI score0.00336EPSS
Exploits0References3
OSV
OSV
added 2026/06/08 1:15 p.m.11 views

JLSEC-2026-581

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.9AI score0.21623EPSS
Exploits0References10
Amazon
Amazon
added 2026/06/08 12:0 a.m.10 views

Medium: yelp

Issue Overview: A sandbox escape vulnerability was found in yelp, the GNOME help viewer. Bypassing the fix for CVE-2025-3155, a malicious help document can use a CSS stylesheet embedded in an SVG image to exfiltrate the contents of local files such as files under /proc to an external server witho...

7.4CVSS6.8AI score0.10598EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.8 views

EulerOS Virtualization 2.10.1 : libxslt (EulerOS-SA-2026-2029)

According to the versions of the libxslt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free vulnerability was found in libxslt while parsing xsl nodes that may lead to the dereference of expired pointers an...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.11 views

CVE-2026-6403

The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckplyziptheme function, which appends a user-controlled 'stylesheet' parameter directly to the theme root directory path without...

7.5CVSS5.5AI score0.00811EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34749

Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00197EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.5 views

CVE-2026-11162

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00187EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/29 1:53 p.m.7 views

CVE-2026-41159

Mermaid is a JavaScript tool that uses Markdown-inspired text to create and modify diagrams and charts. Prior to 10.9.6 and 11.15.0, Mermaid's default configuration allows injecting CSS that applies outside of the Mermaid diagram via the fontFamily, themeCSS, and altFontFamily configuration...

5.3CVSS5.8AI score0.00398EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2026/05/25 8:16 p.m.15 views

CVE-2026-48843

Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. The issue stems from an insufficient fix fo...

7.2CVSS0.00301EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/05/25 7:11 p.m.9 views

CVE-2026-48843

Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts. The issue stems from an insufficient fix fo...

7.2CVSS5.8AI score0.00301EPSS
Exploits0
Rows per page
Query Builder