Lucene search
K

417576 matches found

EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40867

An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub44af70 component...

7.5CVSS5.8AI score0.00409EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40864

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub447CAC component...

7.5CVSS5.8AI score0.00423EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40428

Capgo before 12.128.2 contains a path traversal vulnerability in the builder upload proxy that allows authenticated users with build permissions to bypass upload restrictions. Attackers can append traversal sequences to the upload path, which are normalized by the WHATWG URL parser, enabling acce...

8.7CVSS5.8AI score0.00451EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40846

Storage Concentrator SC & SCVM contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services,...

9.3CVSS5.8AI score0.00128EPSS
Exploits0References4
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40429

Capgo before 12.128.2 allows org admins to assign org-scoped RBAC roles at app scope without validating role scope compatibility, including to pending invitees. Attackers can pre-seed malformed high-privilege bindings that survive invite acceptance, enabling accepted low-privilege users to perfor...

8.8CVSS5.8AI score0.00303EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40426

Capgo console.capgo.app/login before 12.128.2 accepts accesstoken and refreshtoken in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious links to force victims into attacker-controlled sessions, exposing tokens in browser history and logs...

5.4CVSS5.8AI score0.00194EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40868

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub425994 component...

7.5CVSS5.8AI score0.00423EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40865

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub472f08 component...

7.5CVSS5.8AI score0.00452EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40458

Storage Concentrator SC & SCVM is vulnerable to reflected cross-site scripting due to unsanitized content being echoed back in 404 error pages. An attacker can craft a malicious URL that, when visited by an authenticated user, causes arbitrary script content to execute within the victim's browser...

6.1CVSS5.8AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40427

Capgo before 12.128.2 contains a broken object level authorization vulnerability in middlewareKey that accepts the client-controlled x-limited-key-id header without validating ownership, allowing authenticated users to adopt cross-tenant limited keys. Attackers can supply another tenant's limited...

8.8CVSS5.8AI score0.00322EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40627

Capgo before 12.128.2 contains a NULL-auth bypass vulnerability in the public.getorguseraccessrbac function that allows unauthenticated attackers to retrieve RBAC role bindings and member email addresses. Attackers can exploit improper NULL comparison in the authorization gate to disclose...

8.7CVSS5.7AI score0.00341EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40459

Storage Concentrator SC & SCVM is vulnerable to SQL injection through cookie values processed by the login.pl and debug.pl scripts. The cookie value is incorporated directly into database queries without adequate sanitization, allowing an unauthenticated remote attacker to manipulate those querie...

9.3CVSS5.9AI score0.00406EPSS
Exploits0References4
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40839

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0023EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40790

Use after free in SSL in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00247EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40803

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00214EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40801

Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Low...

5.8AI score0.00158EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40793

Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40810

Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00179EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40813

Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40814

Inappropriate implementation in Printing in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40811

Inappropriate implementation in CredentialProvider in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: Low...

5.8AI score0.00082EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40795

Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

6.2AI score0.00259EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40820

Race in History Embeddings in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00149EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40789

Use after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40788

Insufficient policy enforcement in Sandbox in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00243EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40808

Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Low...

6.2AI score0.00339EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40818

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0018EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•8 views

EUVD-2026-40819

Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0018EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40797

Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00195EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40800

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00244EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•4 views

EUVD-2026-40823

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00179EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•9 views

EUVD-2026-40809

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Low...

6AI score0.00239EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40796

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40799

Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00218EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40805

Insufficient data validation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00251EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40812

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00265EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40791

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score0.00383EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40806

Type Confusion in Bluetooth in Google Chrome on Windows prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Low...

5.8AI score0.00116EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40804

Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security...

5.8AI score0.00232EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40816

Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00154EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40825

Inappropriate implementation in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00163EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40792

Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00167EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40817

Incorrect security UI in Omnibox in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40807

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00276EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•4 views

EUVD-2026-40815

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00179EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40821

Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00168EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•5 views

EUVD-2026-40824

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•6 views

EUVD-2026-40802

Insufficient validation of untrusted input in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00241EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•8 views

EUVD-2026-40798

Use after free in WebProtect in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

6.1AI score0.00306EPSS
Exploits0References3
EUVD
EUVD
•added 4 days ago•7 views

EUVD-2026-40794

Use after free in Scheduling in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

6.2AI score0.0028EPSS
Exploits0References3
Total number of security vulnerabilities417576