Lucene search
K

124 matches found

CVE
CVE
added 2 days ago9 views

CVE-2026-48955

The CVE concerns Joomla! Core, specifically the com_workflow component. Affected: Joomla core workflows. Root cause: improper access check allows unauthorized users to access workflow stage and transition information. Impact: disclosure of workflow stage/transition details due to weak access cont...

6.4CVSS6AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago32 views

CVE-2026-48955 Joomla! Core - [20260709] - Incorrect Access Control in com_workflow

An improper access check allows unauthorized users to access workflow stage and transition information...

6.4CVSS0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 6:7 p.m.9 views

CVE-2026-11646

An use after free flaw was found in the ViewTransitions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517168239...

8.8CVSS5.4AI score0.00262EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/10 2:31 a.m.8 views

SUSE CVE-2026-11646

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00262EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 12:33 a.m.11 views

EUVD-2026-35246

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00262EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11646

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00262EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/09 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-11646

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.8 views

CVE-2026-11646

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00262EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/06/08 11:27 p.m.36 views

CVE-2026-11646

CVE-2026-11646 affects Google Chrome’s ViewTransitions; a use-after-free in that component allows remote code execution in a sandbox via a crafted HTML page. Impact is high (remote, no user interaction required). A fix is available in Chrome 149.0.7827.103 and newer. If exploiting status is unkno...

8.8CVSS6AI score0.00262EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/08 11:27 p.m.39 views

CVE-2026-11646

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.00262EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.23 views

PT-2026-47472

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in ViewTransitions, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free i...

9.6CVSS6.7AI score0.01654EPSS
Exploits4References85
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.11 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by the American company Google. Google Chrome has a resource management vulnerability, which stems from the reuse of resources after ViewTransitions is released...

8.8CVSS5.2AI score0.00262EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/06/05 12:0 a.m.19 views

Beyond Pass/Fail: Using Process Mining to Understand How LLMs Resist (And Fail) Red Team Attacks

Standard AI red teaming evaluations reduce adversarial campaigns to a single binary outcome, attack success rate ASR, not taking into account the sequential structure of how models resist or yield to attacks. We propose applying process mining, a discipline for discovering and analyzing process...

5.4AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.24 views

PT-2026-46890

Summary This is a vertical authorization bypass in the Admin API affecting order state transition features /api/ action/order/orderId/state/transition and similar transaction/delivery transition routes. The root cause is that the transition action routes do not declare required server-side ACL...

6.5CVSS5.9AI score0.00041EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44258

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvmet-tcp module between the handling of Initialization Connection Requests ICReq and queue teardown. The function nvmet tcp handle icreq updates the...

9.8CVSS5.7AI score0.00353EPSS
Exploits0
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.9 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the md/md-llbitmap to properly raise the barrier before state machine transitions,...

5.8AI score0.00121EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/16 12:20 a.m.12 views

Chromium: CVE-2026-8537 Insufficient policy enforcement in ViewTransitions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.8AI score0.0018EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/05/14 7:52 p.m.7 views

CVE-2026-8537

Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/14 7:52 p.m.10 views

EUVD-2026-30453

Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.0018EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.14 views

CVE-2026-8537

Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.8AI score0.0018EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder