CVEs from 2026
Total
14,786
critical
critical 1,335
high
high 5,004
medium
medium 4,828
low
low 503
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-23455 | critical | 9.1 | 9.1 | 2mo ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In DecodeQ931(), the UserUserIE code path reads a 16-bit leng… | |||
| CVE-2026-32211 | critical | 9.1 | 9.1 | 2mo ago | Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2026-34873 | critical | 9.1 | 9.1 | 2mo ago | An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. | |||
| CVE-2026-27071 | critical | 9.1 | 9.1 | 2mo ago | Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through <= 3.0.7. | |||
| CVE-2026-4753 | critical | 9.1 | 9.1 | 3mo ago | Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72. | |||
| CVE-2026-4750 | critical | 9.1 | 9.1 | 3mo ago | Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0. | |||
| CVE-2026-4601 | critical | 9.1 | 9.1 | 3mo ago | jsrsasign: Missing cryptographic validation during DSA signing enables private key extraction | |||
| CVE-2026-4600 | critical | 9.1 | 9.1 | 3mo ago | jsrsasign: DSA signatures or X.509 certificates can be forged via DSA domain-parameter validation in KJUR.crypto.DSA.setPublic | |||
| CVE-2026-2369 | critical | 9.1 | 9.1 | 3mo ago | A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially acc… | |||
| CVE-2026-21671 | critical | 9.1 | 9.1 | 3mo ago | A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | |||
| CVE-2026-28395 | critical | 9.1 | 9.1 | 3mo ago | OpenClaw's Chrome extension relay binds publicly due to wildcard treated as loopback | |||
| CVE-2026-2880 | critical | 9.1 | 9.1 | 3mo ago | @fastify/middie has Improper Path Normalization when Using Path-Scoped Middleware | |||
| CVE-2026-2953 | critical | 9.1 | 9.1 | 3mo ago | A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulatio… | |||
| CVE-2026-45750 | critical | 9.0 | 9.0 | 1d ago | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/file_manager/ssh/resolvePath endpoint in the Termix … | |||
| CVE-2026-45746 | critical | 9.0 | 9.0 | 1d ago | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the File Manager functionality in Termix contains a critical Brok… | |||
| CVE-2026-28318 | high | 7.5 | 9.0 | 2d ago | SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure custo… | |||
| CVE-2026-36748 | critical | 9.0 | 9.0 | 3d ago | RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile. | |||
| CVE-2026-9319 | critical | 9.0 | 9.0 | 5d ago | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security. | |||
| CVE-2026-9311 | critical | 9.0 | 9.0 | 5d ago | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls. | |||
| CVE-2026-45630 | critical | 9.0 | 9.0 | 8d ago | Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users … | |||
| CVE-2026-9891 | critical | 9.0 | 9.0 | 9d ago | Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome E… | |||
| CVE-2026-9881 | critical | 9.0 | 9.0 | 9d ago | Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a cra… | |||
| CVE-2026-46833 | critical | 9.0 | 9.0 | 9d ago | Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with… | |||
| CVE-2026-4408 | critical | 9.0 | 9.0 | 10d ago | Important: samba security update | |||
| CVE-2026-32999 | critical | 9.0 | 9.0 | 10d ago | Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the aff… | |||
| CVE-2026-48150 | critical | 9.0 | 9.0 | 10d ago | Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-… | |||
| CVE-2026-45721 | critical | 9.0 | 9.0 | 11d ago | Algernon: handler.lua discovery walks parent directories above the server root | |||
| CVE-2026-4480 | critical | 9.0 | 9.0 | 11d ago | Important: samba security update | |||
| CVE-2026-2651 | critical | 9.0 | 9.0 | 13d ago | A vulnerability in MLflow versions <=3.10.1.dev0 allows unauthorized access to multipart upload (MPU) endpoints when the `--serve-artifacts` mode is enabled. The authorization logic does not enforce … | |||
| CVE-2026-22314 | critical | 9.0 | 9.0 | 17d ago | Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This… | |||
| CVE-2026-46522 | high | — | 9.0 | 19d ago | ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion | |||
| CVE-2026-45375 | critical | 9.0 | 9.0 | 23d ago | SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution | |||
| CVE-2026-42457 | critical | 9.0 | 9.0 | 23d ago | vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulner… | |||
| CVE-2026-41901 | critical | 9.0 | 9.0 | 25d ago | Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns | |||
| CVE-2026-44221 | critical | 9.0 | 9.0 | 25d ago | ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases | |||
| CVE-2026-42556 | critical | 9.0 | 9.0 | 29d ago | Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their ow… | |||
| CVE-2026-33844 | critical | 9.0 | 9.0 | 1mo ago | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network. | |||
| CVE-2026-7372 | critical | 9.0 | 9.0 | 1mo ago | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker ca… | |||
| CVE-2026-42523 | critical | 9.0 | 9.0 | 1mo ago | Jenkins GitHub Plugin has an XSS vulnerability | |||
| CVE-2026-5652 | critical | 9.0 | 9.0 | 2mo ago | An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permiss… | |||
| CVE-2026-26149 | critical | 9.0 | 9.0 | 2mo ago | Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network. | |||
| CVE-2026-34989 | critical | 9.0 | 9.0 | 2mo ago | CI4MS: Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS | |||
| CVE-2026-27540 | critical | 9.0 | 9.0 | 3mo ago | Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Using Malicious Files.This issue a… | |||
| CVE-2026-32635 | critical | 9.0 | 9.0 | 3mo ago | Angular vulnerable to XSS in i18n attribute bindings | |||
| CVE-2026-43984 | high | 8.9 | 8.9 | 2d ago | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `log_js_errors` to any authenticated user, including guest users when guest access is en… | |||
| CVE-2026-42611 | high | 8.9 | 8.9 | 1mo ago | Grav is Vulnerable to Stored XSS via Tag Injection | |||
| CVE-2026-38949 | high | 8.9 | 8.9 | 1mo ago | Cross-Site Scripting (XSS) vulnerability exists in HTMLy version 3.1.1 in the content creation functionality at the /add/content?type=image endpoint. The application fails to properly sanitize user i… | |||
| CVE-2026-5921 | high | 8.9 | 8.9 | 2mo ago | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing si… | |||
| CVE-2026-11413 | high | 8.8 | 8.8 | 9h ago | A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stac… | |||
| CVE-2026-7654 | high | 8.8 | 8.8 | 22h ago | The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without… | |||
| CVE-2026-5415 | high | 8.8 | 8.8 | 1d ago | The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and includ… | |||
| CVE-2026-5411 | high | 8.8 | 8.8 | 1d ago | The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and includ… | |||
| CVE-2026-50733 | high | 8.8 | 8.8 | 1d ago | Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScript execution. The flaw affects every render path - th… | |||
| CVE-2026-49493 | high | 8.8 | 8.8 | 1d ago | Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which evaluates the block content as code via vm.runInNewContext(), allowing arbitrary code execution. A… | |||
| CVE-2026-49492 | high | 8.8 | 8.8 | 1d ago | Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename … | |||
| CVE-2026-48095 | high | 8.8 | 8.8 | 1d ago | 7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCu… | |||
| CVE-2026-11307 | high | 8.8 | 8.8 | 2d ago | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) | |||
| CVE-2026-11306 | high | 8.8 | 8.8 | 2d ago | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) | |||
| CVE-2026-11305 | high | 8.8 | 8.8 | 2d ago | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) | |||
| CVE-2026-11304 | high | 8.8 | 8.8 | 2d ago | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Low) | |||
| CVE-2026-11303 | high | 8.8 | 8.8 | 2d ago | Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low) | |||
| CVE-2026-11301 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicious network traffic. (Chromi… | |||
| CVE-2026-11295 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severi… | |||
| CVE-2026-11279 | high | 8.8 | 8.8 | 2d ago | Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-11272 | high | 8.8 | 8.8 | 2d ago | Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p… | |||
| CVE-2026-11262 | high | 8.8 | 8.8 | 2d ago | Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-11248 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: L… | |||
| CVE-2026-11235 | high | 8.8 | 8.8 | 2d ago | Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox vi… | |||
| CVE-2026-11230 | high | 8.8 | 8.8 | 2d ago | Use after free in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2026-11211 | high | 8.8 | 8.8 | 2d ago | Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11202 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium secu… | |||
| CVE-2026-11201 | high | 8.8 | 8.8 | 2d ago | Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extens… | |||
| CVE-2026-11191 | high | 8.8 | 8.8 | 2d ago | Out of bounds memory access in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security s… | |||
| CVE-2026-11188 | high | 8.8 | 8.8 | 2d ago | Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11179 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in ORB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11177 | high | 8.8 | 8.8 | 2d ago | Use after free in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted… | |||
| CVE-2026-11175 | high | 8.8 | 8.8 | 2d ago | Incorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11173 | high | 8.8 | 8.8 | 2d ago | Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page… | |||
| CVE-2026-11172 | high | 8.8 | 8.8 | 2d ago | Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Mediu… | |||
| CVE-2026-11171 | high | 8.8 | 8.8 | 2d ago | Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11164 | high | 8.8 | 8.8 | 2d ago | Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11147 | high | 8.8 | 8.8 | 2d ago | Use after free in WebML in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: M… | |||
| CVE-2026-11144 | high | 8.8 | 8.8 | 2d ago | Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: Medium) | |||
| CVE-2026-11136 | high | 8.8 | 8.8 | 2d ago | Use after free in Canvas in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11130 | high | 8.8 | 8.8 | 2d ago | Use after free in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11125 | high | 8.8 | 8.8 | 2d ago | Use after free in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11118 | high | 8.8 | 8.8 | 2d ago | Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11117 | high | 8.8 | 8.8 | 2d ago | Use after free in Views in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11116 | high | 8.8 | 8.8 | 2d ago | Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium) | |||
| CVE-2026-11108 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in NFC in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-11102 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security… | |||
| CVE-2026-11092 | high | 8.8 | 8.8 | 2d ago | Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a cra… | |||
| CVE-2026-11091 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security s… | |||
| CVE-2026-11086 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafte… | |||
| CVE-2026-11085 | high | 8.8 | 8.8 | 2d ago | Integer overflow in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev… | |||
| CVE-2026-11080 | high | 8.8 | 8.8 | 2d ago | Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Med… | |||
| CVE-2026-11079 | high | 8.8 | 8.8 | 2d ago | Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. (Chromium sec… | |||
| CVE-2026-11077 | high | 8.8 | 8.8 | 2d ago | Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11076 | high | 8.8 | 8.8 | 2d ago | Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11074 | high | 8.8 | 8.8 | 2d ago | Use after free in WebRTC in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium) |