EUVD-2026-3258

Malicious code in react-native-webview-forked npm...

Malicious code in react-native-webview-forked (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48574c96ad66df5527d36dccb8f8c425b244bb90c2ac49491618968865ccd7da The package react-native-webview-forked was found to contain malicious code. Source: ghsa-malware...

Malicious Package

Overview react-native-webview-forked is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

MAL-2026-348 Malicious code in react-native-webview-forked (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48574c96ad66df5527d36dccb8f8c425b244bb90c2ac49491618968865ccd7da The package react-native-webview-forked was found to contain malicious code. Source: ghsa-malware...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20020-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20020-1 advisory. Changes in chromium: - Chromium 143.0.7499.192 boo1256067: CVE-2026-0628: Insufficient policy enforcement in WebView tag - Chromium 143.0.7499.169 stabl...

Fedora: Security Advisory (FEDORA-2026-66162d01ae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2026:20020-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 143.0.7499.192 boo1256067: CVE-2026-0628: Insufficient policy enforcement in WebView tag - Chromium 143.0.7499.169 stable released 2025-12-18 no cve listed yet...

Chromium: CVE-2026-0628 Insufficient policy enforcement in WebView tag

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2023-43955

The com.phlox.tvwebbrowser TV Bro application through 2.0.0 for Android mishandles external intents through WebView. This allows attackers to execute arbitrary code, create arbitrary files. and perform arbitrary downloads via JavaScript that uses takeBlobDownloadData...

CVE-2021-41038

In versions of the @theia/plugin-ext component of Eclipse Theia prior to 1.18.0, Webview contents can be hijacked via postMessage...

Security update for chromium, noopenh264 (important)

openSUSE Security Update: Security update for chromium, noopenh264 Announcement ID: openSUSE-SU-2026:0004-1 Rating: important References: 1256067 Cross-References: CVE-2026-0628 Affected Products: openSUSE Backports SLE-15-SP7 An update that fixes one vulnerability is now available. Description:...

Security update for chromium, noopenh264 (important)

openSUSE Security Update: Security update for chromium, noopenh264 Announcement ID: openSUSE-SU-2026:0006-1 Rating: important References: 1256067 Cross-References: CVE-2026-0628 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes one vulnerability is now available. Description:...

Microsoft Edge (Chromium) < 143.0.3650.139 (CVE-2026-0628)

The version of Microsoft Edge installed on the remote Windows host is prior to 143.0.3650.139. It is, therefore, affected by a vulnerability as referenced in the January 9, 2026 advisory. - Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker...

Fedora 44 : cef (2026-94d266def6)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-94d266def6 advisory. Automatic update for cef-143.0.13^chromium143.0.7499.192-1.fc44. Changelog Fri Jan 9 2026 Than Ngo - 143.0.13^chromium143.0.7499.192-1 - Update to...

SUSE CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

Fedora 44 : chromium (2026-5551bc920f)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5551bc920f advisory. Automatic update for chromium-143.0.7499.192-1.fc44. Changelog Wed Jan 7 2026 Than Ngo - 143.0.7499.192-1 - Update tp 143.0.7499.192 High CVE-2026-0628:...

Exploit for CVE-2026-0628

CVE-2026-0628-POC Prueba de concepto PoC para CVE-2026-0628,...

CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

DEBIAN-CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

CVE-2026-0628

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...