Chromium: CVE-2026-11686 Insufficient validation of untrusted input in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11682 Insufficient validation of untrusted input in Views

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11666 Insufficient validation of untrusted input in Input

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11659 Insufficient validation of untrusted input in UI

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11658 Insufficient validation of untrusted input in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11653 Insufficient validation of untrusted input in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-12162

Improper host validation in the social login autofill feature in Devolutions Remote Desktop Manager 2026.2.8 allows an attacker to disclose stored social login credentials via a crafted web entry pointing to a provider lookalike domain...

CVE-2026-12161

Improper input validation in the SSH Elevate Shell feature in Devolutions Remote Desktop Manager 2026.2.7 allows an authenticated user with permission to create or modify a shared SSH entry to execute arbitrary commands on a remote SSH host using stored elevation credentials via a crafted alterna...

EUVD-2026-37019

Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

EUVD-2026-37018

Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9258

Improper validation of SSH host keys in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

CVE-2026-9259

Improper validation of server certificates in Canon EOS Network Setting Tool Version 1.5.0 or earlier...

PT-2026-49764

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description Insufficient scope validation in the Active Memory write scope allows Gateway operators with operator.write access to modify global configuration. This privilege escalation enables users to apply...

PT-2026-49780

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.4.25 Description An input validation issue exists in tool group policy callers that accept unvalidated group IDs. An attacker capable of supplying a group ID to the policy resolver could trigger incorrect...

PT-2026-49740

Name of the Vulnerable Software and Affected Versions Astro versions prior to 6.4.6 Description Astro SSR applications using prerendered error pages, such as '/404' or '/500' with export const prerender = true, fetch these pages over HTTP at runtime during an error. The fetch URL is derived from...

PT-2026-49766

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.7 Description The allowFrom feature improperly validates Discord account identity by using mutable display names instead of immutable user IDs. This allows an attacker to change their display or global name...

Linux Distros Unpatched Vulnerability : CVE-2026-46331

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: fix pedit partial COW leading to page cache corruption tcfpeditact computes the COW range for skbensurewritable once before the key loop using...

PT-2026-49609

Nokia SR Linux is vulnerable to local privilege escalation vulnerability due to unsanitized format validation. Successful exploitation of this vulnerability may allow an authenticated user to execute arbitrary commands with superuser privileges...