VIR Vulnerability Intelligence Relay

Search

Found 4,663 results in 687ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-4704 high 8.0 FIX rocky rheldebian debian 2mo ago Denial-of-service in the WebRTC: Signaling component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4702 high 8.0 FIX rocky rheldebian debian 2mo ago JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4701 high 8.0 FIX rocky rheldebian debian 2mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4700 high 8.0 FIX rocky rheldebian debian 2mo ago Mitigation bypass in the Networking: HTTP component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4699 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4697 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4696 high 8.0 FIX rocky rheldebian debian 2mo ago Use-after-free in the Layout: Text and Fonts component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4695 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4694 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions, integer overflow in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4693 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4692 high 8.0 FIX rocky rheldebian debian 2mo ago Sandbox escape in the Responsive Design Mode component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4691 high 8.0 FIX rocky rheldebian debian 2mo ago Use-after-free in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4690 high 8.0 FIX rocky rheldebian debian 2mo ago Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and …
CVE-2026-4689 high 8.0 FIX rocky rheldebian debian 2mo ago Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and …
CVE-2026-4688 high 8.0 FIX rocky rheldebian debian 2mo ago Sandbox escape due to use-after-free in the Disability Access APIs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4687 high 8.0 FIX rocky rheldebian debian 2mo ago Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 14…
CVE-2026-4686 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4685 high 8.0 FIX rocky rheldebian debian 2mo ago Incorrect boundary conditions in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4684 high 8.0 FIX rocky rheldebian debian 2mo ago Race condition, use-after-free in the Graphics: WebRender component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2025-61731 high 8.0 FIX rocky rheldebian debian google 2mo ago RHSA-2026:6949: go-toolset:rhel8 security update (Important)
CVE-2026-1940 high 7.5 7.5 FIX debian debian sles rhel freedesktopgstreamer 2mo ago An incomplete fix for CVE-2024-47778 allows an out-of-bounds read in gst_wavparse_adtl_chunk() function. The patch added a size validation check lsize + 8 > size, but it does not account for the GST_…
CVE-2026-4427 high 8.0 sles rhel 3mo ago RHSA-2026:22714: osbuild-composer security update (Important)
CVE-2026-4424 high 7.5 7.5 FIX rheldebian debian sles libarchiveredhat 3mo ago Important: libarchive security update
CVE-2026-4111 high 7.5 7.5 FIX rheldebian debian rocky 3mo ago Important: libarchive security update
CVE-2026-33210 high 8.0 FIX rheldebian debianalmalinux almalinux google 3mo ago Important: ruby:4.0 security update
CVE-2026-32286 high 7.5 7.5 FIX debian debian sles rhel jackc 3mo ago The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out …
CVE-2025-68114 high 8.0 FIX rheldebian debian sles 3mo ago Important: capstone security update
CVE-2025-67873 high 8.0 FIX rheldebian debian sles 3mo ago Important: capstone security update
CVE-2026-4271 high 7.5 7.5 debian debian sles rhel gnome 3mo ago A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sen…
CVE-2025-61662 high 7.8 7.8 FIX rheldebian debian sles gnu 3mo ago RHSA-2026:4648: grub2 security update (Moderate)
CVE-2026-32597 high 7.5 7.5 FIX rhel sles rocky pyjwt_project 3mo ago RHSA-2026:12176: fence-agents security update (Important)
CVE-2026-26130 high 8.0 FIX rocky rhelalmalinux almalinux 3mo ago RHSA-2026:4458: .NET 10.0 security update (Important)
CVE-2026-26127 high 8.0 FIX rocky rhelalmalinux almalinux 3mo ago RHSA-2026:4458: .NET 10.0 security update (Important)
CVE-2026-2048 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:5113: gimp:2.8 security update (Important)
CVE-2026-2047 high 8.0 FIX rheldebian debian sles 3mo ago Important: gimp security update
CVE-2026-2045 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:5113: gimp:2.8 security update (Important)
CVE-2026-2044 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:5113: gimp:2.8 security update (Important)
CVE-2026-0797 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:5113: gimp:2.8 security update (Important)
CVE-2025-68800 high 8.0 FIX rhel sles rocky 3mo ago In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats Cited commit added a dedicated mutex (instead of RTNL)…
CVE-2025-69534 high 8.0 FIX rhel slesdebian debian 3mo ago Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-M…
CVE-2026-2006 high 8.0 FIX rocky rhel sles 3mo ago RHSA-2026:4064: postgresql:12 security update (Important)
CVE-2026-2005 high 8.0 FIX rocky rhel sles 3mo ago RHSA-2026:4064: postgresql:12 security update (Important)
CVE-2026-2004 high 8.0 FIX rocky rhel sles 3mo ago RHSA-2026:4064: postgresql:12 security update (Important)
CVE-2026-2003 high 8.0 FIX rocky rhel sles 3mo ago RHSA-2026:4063: postgresql:16 security update (Important)
CVE-2026-21863 high 8.0 FIX rhel sles rocky 3mo ago Important: valkey security update
CVE-2025-67733 high 8.0 FIX rhel sles rocky 3mo ago Important: valkey security update
CVE-2026-22801 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:4728: libpng security update (Important)
CVE-2026-22695 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:4728: libpng security update (Important)
CVE-2026-2793 high 8.0 FIX rocky rheldebian debian 3mo ago Memory safety bugs present in Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume tha…
CVE-2026-2792 high 8.0 FIX rocky rheldebian debian 3mo ago Memory safety bugs present in Firefox ESR 140.7, Thunderbird ESR 140.7, Firefox 147 and Thunderbird 147. Some of these bugs showed evidence of memory corruption and we presume that with enough effort…
CVE-2026-2791 high 8.0 FIX rocky rheldebian debian 3mo ago Mitigation bypass in the Networking: Cache component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2790 high 8.0 FIX rocky rheldebian debian 3mo ago Same-origin policy bypass in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2789 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2788 high 8.0 FIX rocky rheldebian debian 3mo ago Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2787 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the DOM: Window and Location component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2785 high 8.0 FIX rocky rheldebian debian 3mo ago Invalid pointer in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2784 high 8.0 FIX rocky rheldebian debian 3mo ago Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2783 high 8.0 FIX rocky rheldebian debian 3mo ago Information disclosure due to JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2782 high 8.0 FIX rocky rheldebian debian 3mo ago Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2781 high 8.0 FIX rocky rheldebian debian 3mo ago Integer overflow in the Libraries component in NSS. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, Thunderbird 140.8, and Firefox ESR 115.35.
CVE-2026-2780 high 8.0 FIX rocky rheldebian debian 3mo ago Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2779 high 8.0 FIX rocky rheldebian debian 3mo ago Incorrect boundary conditions in the Networking: JAR component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2778 high 8.0 FIX rocky rheldebian debian 3mo ago Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunder…
CVE-2026-2777 high 8.0 FIX rocky rheldebian debian 3mo ago Privilege escalation in the Messaging System component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2776 high 8.0 FIX rocky rheldebian debian 3mo ago Sandbox escape due to incorrect boundary conditions in the Telemetry component in External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 14…
CVE-2026-2775 high 8.0 FIX rocky rheldebian debian 3mo ago Mitigation bypass in the DOM: HTML Parser component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2774 high 8.0 FIX rocky rheldebian debian 3mo ago Integer overflow in the Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2773 high 8.0 FIX rocky rheldebian debian 3mo ago Incorrect boundary conditions in the Web Audio component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2772 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the Audio/Video: Playback component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2771 high 8.0 FIX rocky rheldebian debian 3mo ago Undefined behavior in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2770 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the DOM: Bindings (WebIDL) component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2769 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2768 high 8.0 FIX rocky rheldebian debian 3mo ago Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2767 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2766 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2765 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2764 high 8.0 FIX rocky rheldebian debian 3mo ago JIT miscompilation, use-after-free in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2763 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the JavaScript Engine component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2762 high 8.0 FIX rocky rheldebian debian 3mo ago Integer overflow in the JavaScript: Standard Library component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2761 high 8.0 FIX rocky rheldebian debian 3mo ago Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2760 high 8.0 FIX rocky rheldebian debian 3mo ago Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thun…
CVE-2026-2759 high 8.0 FIX rocky rheldebian debian 3mo ago Incorrect boundary conditions in the Graphics: ImageLib component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2758 high 8.0 FIX rocky rheldebian debian 3mo ago Use-after-free in the JavaScript: GC component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2757 high 8.0 FIX rocky rheldebian debian 3mo ago Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8.
CVE-2026-2447 high 8.0 FIX rocky rheldebian debian 3mo ago Heap buffer overflow in libvpx. This vulnerability was fixed in Firefox 147.0.4, Firefox ESR 140.7.1, Firefox ESR 115.32.1, Thunderbird 140.7.2, and Thunderbird 147.0.2.
CVE-2026-25646 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:9686: java-17-openjdk security update (Important)
CVE-2026-25506 high 8.0 FIX rocky rhel sles 3mo ago RHSA-2026:3032: munge security update (Important)
CVE-2026-23074 high 8.0 FIX slesdebian debianalmalinux almalinux 3mo ago In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design intent of teql is that it is only supposed to be used as root …
CVE-2026-22859 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:3334: freerdp security update (Important)
CVE-2026-22858 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:3334: freerdp security update (Important)
CVE-2026-22855 high 8.0 FIX rocky rheldebian debian 3mo ago RHSA-2026:3334: freerdp security update (Important)
CVE-2025-38248 high 8.0 FIX slesdebian debianalmalinux almalinux 3mo ago In the Linux kernel, the following vulnerability has been resolved: bridge: mcast: Fix use-after-free during router port configuration The bridge maintains a global list of ports behind which a mul…
CVE-2025-38129 high 8.0 FIX rhel slesdebian debian 3mo ago In the Linux kernel, the following vulnerability has been resolved: page_pool: Fix use-after-free in page_pool_recycle_in_ring syzbot reported a uaf in page_pool_recycle_in_ring: BUG: KASAN: slab-…
CVE-2026-21721 high 8.0 rhel sles rocky 4mo ago Important: grafana security update
CVE-2026-21637 high 8.0 FIX rocky rhel sles 4mo ago RHSA-2026:7670: nodejs:24 security update (Important)
CVE-2025-59466 high 8.0 FIX rocky rhel sles 4mo ago RHSA-2026:2422: nodejs:20 security update (Important)
CVE-2025-59465 high 8.0 FIX rocky rhel sles 4mo ago RHSA-2026:2422: nodejs:20 security update (Important)
CVE-2025-55132 high 8.0 FIX rocky rhel sles 4mo ago RHSA-2026:2422: nodejs:20 security update (Important)
CVE-2025-55131 high 8.0 FIX rocky rhel sles 4mo ago RHSA-2026:2422: nodejs:20 security update (Important)
CVE-2025-55130 high 8.0 FIX rocky rhel sles 4mo ago RHSA-2026:2422: nodejs:20 security update (Important)