Lucene search
K

367897 matches found

CVE
CVE
•added 13 minutes ago•2 views

CVE-2026-50284 Craft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows deletion of other users' assets

Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder only requires the deleteAssets: permission for the target folder. It never enforces deletePeerAssets:, even though Assets::deleteFoldersByIds...

7.1CVSS
Exploits0References2
CVE
CVE
•added 16 minutes ago•1 views

CVE-2026-14440 Cloudflare Universal SSL automatically managed CAA RRset supersedes customer-configured CAA records

Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design e.g. 'issue "letsencrypt.org"' without parameters. On Universal SSL zones,...

7.6CVSS
Exploits0References4
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14426

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14394

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14432

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14403

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14393

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14417

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14419

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14425

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14424

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14390

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14405

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14398

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14399

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14408

Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14421

Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14413

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14402

Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14431

Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14423

Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14395

Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14392

Out of bounds write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14400

Out of bounds write in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14397

Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•0 views

CVE-2026-14416

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14406

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14388

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14386

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14396

Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14422

Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14384

Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14430

Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14420

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14387

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14389

Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14391

Integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14429

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14414

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14412

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14428

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14382

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14411

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14401

Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14381

Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14415

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14409

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14407

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
•added 29 minutes ago•1 views

CVE-2026-14383

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
Total number of security vulnerabilities367897