Lucene search
K

997 matches found

Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

5.4AI score0.00079EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.8 views

CVE-2026-11035

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. Chromium security severity: Medium...

7.3CVSS5.4AI score0.00079EPSS
Exploits0
CVE
CVE
added 2026/06/04 11:4 p.m.24 views

CVE-2026-11035

CVE-2026-11035 describes an inappropriate implementation in Google Chrome for Android’s Custom Tabs prior to version 149.0.7827.53, enabling a local attacker to escalate privileges via a crafted XML file. The underlying issue is in the Custom Tabs integration, leading to total impact on confident...

7.3CVSS5.8AI score0.00079EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.20 views

PT-2026-46564

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in Custom Tabs allows a local attacker to perform privilege escalation by using a crafted XML file. Recommendations Update to version...

9.6CVSS5.8AI score0.00985EPSS
Exploits0References436
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. There is a security vulnerability in Google Chrome, which stems from insufficient execution of the CustomTabs component’s strategy...

3.1CVSS5.5AI score0.00177EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.9 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions prior to 149.0.7827.53, there was a vulnerability related to input validation. This vulnerability stemmed from improper implementations in custom tabs, which could allow local attackers to escalate privileges through specially...

7.3CVSS5.8AI score0.00079EPSS
Exploits0References3
Snyk
Snyk
added 2026/05/29 5:22 p.m.9 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization in the browser debug and export routes. An attacker can access sensitive internal resources by reusing already-open blocked tabs to export or inspect content that...

6.5CVSS5.5AI score0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/05/29 4:16 p.m.22 views

CVE-2026-35673

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS0.00155EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/29 3:11 p.m.41 views

CVE-2026-35673 OpenClaw < 2026.4.29 - SSRF Policy Bypass via Browser Debug/Export Routes

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/29 3:11 p.m.17 views

EUVD-2026-33336

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/29 3:11 p.m.16 views

CVE-2026-35673 OpenClaw < 2026.4.29 - SSRF Policy Bypass via Browser Debug/Export Routes

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/05/29 3:11 p.m.30 views

CVE-2026-35673

OpenClaw prior to 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes. Attackers with access to these routes can reuse already-open blocked tabs to bypass private-network SSRF policies and export or inspect content that should remain protected. Affected softw...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/29 3:11 p.m.10 views

CVE-2026-35673

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.12 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.4.29 contained security vulnerabilities. These vulnerabilities stemmed from SSRF policy bypasses in browser debugging and route exports, allowing for the reuse of already opened...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.21 views

PT-2026-44897

OpenClaw before 2026.4.29 contains an SSRF policy bypass vulnerability in browser debug and export routes that allows reuse of already-open blocked tabs. Attackers with access to these routes can bypass private-network SSRF policies by reusing blocked tabs to export or inspect content that should...

6.5CVSS5.8AI score0.00155EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Firefox

GNOME was leaking browser tab titles into system logs. This could potentially expose users’ browsing habits when they are using private tabs. This vulnerability affects Firefox versions earlier than 121...

6.5CVSS6.7AI score0.00646EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Chromium

The use of after-free in Tabs in Google Chrome before version 127.0.6533.72 allowed a remote attacker who convinced a user to perform certain UI gestures to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.8AI score0.00517EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Firefox

By first using the AI chatbot in one tab and then activating it in another tab, the document title from the previous tab would be leaked into the chat prompt. This vulnerability was fixed in Firefox 137...

5.3CVSS7.5AI score0.00276EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 106.0.5249.119 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS6.2AI score0.0054EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/14 8:29 p.m.13 views

Electerm Local code through electerm's single-instance socket

Impact Local code execution without UI interaction: any same-user process can send a JSON payload to electerm's single-instance socket/pipe, causing the app to create tabs and potentially spawn attacker-controlled local processes. Affects electerm single-instance installs on the machine. Patches ...

9.3CVSS6.2AI score0.00114EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder