Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4424 matches found

NVD
NVDadded 2 hours ago4 views

CVE-2026-13024

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS
Exploits0References2
CVE
CVEadded 3 hours ago5 views

CVE-2026-13024

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.8AI score
Exploits0References2
NVD
NVDadded 5 hours ago7 views

CVE-2026-50705

A Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the Form Dashboard headline renderer...

4.6CVSS
Exploits0References2
Github Security Blog
Github Security Blogadded yesterday6 views

jackson-databind has a @JsonView bypass for unwrapped creator parameters

Summary UnwrappedPropertyHandler.processUnwrappedCreatorProperties replays buffered JSON into creator parameters but never consults prop.visibleInViewactiveView. The normal property-based creator path gates creator properties on the active view, but this unwrapped-creator replay path bypasses tha...

6.5CVSS5.9AI score
Exploits0References6Affected Software2
Cvelist
Cvelistadded 2 days ago31 views

CVE-2026-54298 Astro: XSS via Unescaped Attribute Names in Spread Props

Astro is a web framework. Prior to 6.4.6, the spreadAttributes function in Astro's server-side rendering pipeline iterates over object keys and passes them directly to addAttribute, which interpolates the key into the HTML output without escaping. When a developer uses the spread syntax ...props ...

4.2CVSS0.0016EPSS
Exploits1References1
EUVD
EUVDadded 2 days ago6 views

EUVD-2026-38332

LangChain is a framework for building agents and LLM-powered applications. Prior to 1.3.9, several LangChain components that resolve filesystem paths or expand search patterns do not consistently confine the resolved path to the intended root directory. Affected behaviors include: a file-search...

5.1CVSS5.9AI score0.0017EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2 days ago7 views

CVE-2026-12034

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Linux Toolkit Theming. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=519258799...

8.3CVSS5.8AI score0.0018EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2 days ago5 views

CVE-2026-12025

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Network. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517153191...

5.8CVSS5.8AI score0.00227EPSS
Exploits0References5
Microsoft CVE
Microsoft CVEadded 5 days ago6 views

Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.3CVSS5.8AI score0.00242EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 5 days ago9 views

Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.2CVSS5.8AI score0.0018EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 5 days ago12 views

Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.2CVSS5.8AI score0.00137EPSS
Exploits0
AstraLinux
AstraLinuxadded 5 days ago4 views

Astra Linux – Vulnerability in jsoup

jsoup is a Java library for working with HTML. Users of jsoup versions prior to 1.14.2 who parse untrusted HTML or XML may be vulnerable to DOS attacks. If the parser is run on user-supplied input, an attacker may provide content that causes the parser to become stuck loop indefinitely until...

7.5CVSS6.4AI score0.06873EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago5 views

Astra Linux – Vulnerability in pyyaml

A vulnerability was discovered in the PyYAML library in versions prior to 5.4. In these versions, the library is susceptible to arbitrary code execution when it processes untrusted YAML files using the fullload method or the FullLoader loader. Applications that use this library to process untrust...

10CVSS8.3AI score0.05984EPSS
Exploits0References2
AstraLinux
AstraLinuxadded 5 days ago5 views

Astra Linux – Vulnerability in hsqldb

Those who use java.sql.Statement or java.sql.PreparedStatement in hsqldb HyperSQL Database to process untrusted input may be vulnerable to a remote code execution attack. By default, it is allowed to call any static method of any Java class in the classpath, resulting in code execution. This issu...

9.8CVSS8AI score0.03519EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 5 days ago8 views

CVE-2026-12017

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Extensions. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516797143...

8CVSS5.8AI score0.00208EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 5 days ago9 views

CVE-2026-12016

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input DevTools. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516482138...

8.3CVSS5.8AI score0.00229EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 5 days ago8 views

CVE-2026-12009

The following flaw was identified in the Chromium browser: Insufficient validation of untrusted input Accessibility. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517332006...

8.3CVSS5.8AI score0.00246EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 5 days ago7 views

CVE-2026-12465

An insufficient validation of untrusted input flaw was found in the Metrics component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520189702...

8.3CVSS5.8AI score0.00242EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 5 days ago7 views

CVE-2026-12453

An insufficient validation of untrusted input flaw was found in the Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516448843...

4.2CVSS5.8AI score0.0018EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 5 days ago7 views

CVE-2026-12456

An insufficient validation of untrusted input flaw was found in the Extensions component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517124587...

8.1CVSS5.8AI score0.00137EPSS
Exploits0References5
Rows per page
Query Builder