CVEs from 2026
Total
14,775
critical
critical 1,334
high
high 4,999
medium
medium 4,821
low
low 502
% Critical
9.0%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 723
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32211 | critical | 9.1 | 9.1 | 2mo ago | Missing authentication for critical function in Azure MCP Server allows an unauthorized attacker to disclose information over a network. | |||
| CVE-2026-34873 | critical | 9.1 | 9.1 | 2mo ago | An issue was discovered in Mbed TLS 3.5.0 through 4.0.0. Client impersonation can occur while resuming a TLS 1.3 session. | |||
| CVE-2026-27071 | critical | 9.1 | 9.1 | 2mo ago | Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through <= 3.0.7. | |||
| CVE-2026-4753 | critical | 9.1 | 9.1 | 2mo ago | Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects RetroDebugger: before v0.64.72. | |||
| CVE-2026-4750 | critical | 9.1 | 9.1 | 2mo ago | Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof: before woof_15.3.0. | |||
| CVE-2026-4601 | critical | 9.1 | 9.1 | 3mo ago | jsrsasign: Missing cryptographic validation during DSA signing enables private key extraction | |||
| CVE-2026-4600 | critical | 9.1 | 9.1 | 3mo ago | jsrsasign: DSA signatures or X.509 certificates can be forged via DSA domain-parameter validation in KJUR.crypto.DSA.setPublic | |||
| CVE-2026-2369 | critical | 9.1 | 9.1 | 3mo ago | A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overread. This can allow an attacker to potentially acc… | |||
| CVE-2026-21671 | critical | 9.1 | 9.1 | 3mo ago | A vulnerability allowing an authenticated user with the Backup Administrator role to perform remote code execution (RCE) in high availability (HA) deployments of Veeam Backup & Replication. | |||
| CVE-2026-28395 | critical | 9.1 | 9.1 | 3mo ago | OpenClaw's Chrome extension relay binds publicly due to wildcard treated as loopback | |||
| CVE-2026-2880 | critical | 9.1 | 9.1 | 3mo ago | @fastify/middie has Improper Path Normalization when Using Path-Scoped Middleware | |||
| CVE-2026-2953 | critical | 9.1 | 9.1 | 3mo ago | A vulnerability has been found in Dromara UJCMS 101.2. This issue affects the function deleteDirectory of the file WebFileTemplateController.delete of the component Template Handler. Such manipulatio… | |||
| CVE-2026-45750 | critical | 9.0 | 9.0 | 20h ago | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/file_manager/ssh/resolvePath endpoint in the Termix … | |||
| CVE-2026-45746 | critical | 9.0 | 9.0 | 20h ago | Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the File Manager functionality in Termix contains a critical Brok… | |||
| CVE-2026-28318 | high | 7.5 | 9.0 | 2d ago | SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure custo… | |||
| CVE-2026-36748 | critical | 9.0 | 9.0 | 3d ago | RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting (XSS) via Social Media links in user profile. | |||
| CVE-2026-9319 | critical | 9.0 | 9.0 | 5d ago | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security. | |||
| CVE-2026-9311 | critical | 9.0 | 9.0 | 5d ago | IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls. | |||
| CVE-2026-45630 | critical | 9.0 | 9.0 | 8d ago | Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users … | |||
| CVE-2026-9891 | critical | 9.0 | 9.0 | 9d ago | Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome E… | |||
| CVE-2026-9881 | critical | 9.0 | 9.0 | 9d ago | Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a cra… | |||
| CVE-2026-46833 | critical | 9.0 | 9.0 | 9d ago | Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Difficult to exploit vulnerability allows unauthenticated attacker with… | |||
| CVE-2026-4408 | critical | 9.0 | 9.0 | 9d ago | Important: samba security update | |||
| CVE-2026-32999 | critical | 9.0 | 9.0 | 9d ago | Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the aff… | |||
| CVE-2026-48150 | critical | 9.0 | 9.0 | 10d ago | Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-… | |||
| CVE-2026-45721 | critical | 9.0 | 9.0 | 11d ago | Algernon: handler.lua discovery walks parent directories above the server root | |||
| CVE-2026-4480 | critical | 9.0 | 9.0 | 11d ago | Important: samba security update | |||
| CVE-2026-2651 | critical | 9.0 | 9.0 | 12d ago | A vulnerability in MLflow versions <=3.10.1.dev0 allows unauthorized access to multipart upload (MPU) endpoints when the `--serve-artifacts` mode is enabled. The authorization logic does not enforce … | |||
| CVE-2026-22314 | critical | 9.0 | 9.0 | 17d ago | Improper Control of Generation of Code ('Code Injection') vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables code execution on other users' systems. This… | |||
| CVE-2026-46522 | high | — | 9.0 | 19d ago | ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion | |||
| CVE-2026-45375 | critical | 9.0 | 9.0 | 23d ago | SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution | |||
| CVE-2026-42457 | critical | 9.0 | 9.0 | 23d ago | vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulner… | |||
| CVE-2026-41901 | critical | 9.0 | 9.0 | 25d ago | Sandboxed Thymeleaf expressions vulnerable to improper recognition of unauthorized syntax patterns | |||
| CVE-2026-44221 | critical | 9.0 | 9.0 | 25d ago | ArcadeDB vulnerable to cross-database authorization bypass and unsecured newly-created databases | |||
| CVE-2026-42556 | critical | 9.0 | 9.0 | 29d ago | Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their ow… | |||
| CVE-2026-33844 | critical | 9.0 | 9.0 | 1mo ago | Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network. | |||
| CVE-2026-7372 | critical | 9.0 | 9.0 | 1mo ago | A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker ca… | |||
| CVE-2026-42523 | critical | 9.0 | 9.0 | 1mo ago | Jenkins GitHub Plugin has an XSS vulnerability | |||
| CVE-2026-5652 | critical | 9.0 | 9.0 | 2mo ago | An insecure direct object reference vulnerability in the Users API component of Crafty Controller allows a remote, authenticated attacker to perform user modification actions via improper API permiss… | |||
| CVE-2026-26149 | critical | 9.0 | 9.0 | 2mo ago | Improper neutralization of escape, meta, or control sequences in Microsoft Power Apps allows an authorized attacker to perform spoofing over a network. | |||
| CVE-2026-34989 | critical | 9.0 | 9.0 | 2mo ago | CI4MS: Profile & User Management Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS | |||
| CVE-2026-27540 | critical | 9.0 | 9.0 | 3mo ago | Unrestricted Upload of File with Dangerous Type vulnerability in Rymera Web Co Pty Ltd. Woocommerce Wholesale Lead Capture woocommerce-wholesale-lead-capture allows Using Malicious Files.This issue a… | |||
| CVE-2026-32635 | critical | 9.0 | 9.0 | 3mo ago | Angular vulnerable to XSS in i18n attribute bindings | |||
| CVE-2026-43984 | high | 8.9 | 8.9 | 2d ago | Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `log_js_errors` to any authenticated user, including guest users when guest access is en… | |||
| CVE-2026-42611 | high | 8.9 | 8.9 | 1mo ago | Grav is Vulnerable to Stored XSS via Tag Injection | |||
| CVE-2026-38949 | high | 8.9 | 8.9 | 1mo ago | Cross-Site Scripting (XSS) vulnerability exists in HTMLy version 3.1.1 in the content creation functionality at the /add/content?type=image endpoint. The application fails to properly sanitize user i… | |||
| CVE-2026-5921 | high | 8.9 | 8.9 | 2mo ago | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing si… | |||
| CVE-2026-7654 | high | 8.8 | 8.8 | 15h ago | The Admin Columns plugin for WordPress is vulnerable to PHP Object Injection leading to Remote Code Execution in versions up to and including 7.0.18. This is due to the use of `unserialize()` without… | |||
| CVE-2026-5415 | high | 8.8 | 8.8 | 19h ago | The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and includ… | |||
| CVE-2026-5411 | high | 8.8 | 8.8 | 19h ago | The WP Captcha PRO (the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug) plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and includ… | |||
| CVE-2026-50733 | high | 8.8 | 8.8 | 20h ago | Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval(), allowing arbitrary JavaScript execution. The flaw affects every render path - th… | |||
| CVE-2026-49493 | high | 8.8 | 8.8 | 20h ago | Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS(), which evaluates the block content as code via vm.runInNewContext(), allowing arbitrary code execution. A… | |||
| CVE-2026-49492 | high | 8.8 | 8.8 | 20h ago | Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename … | |||
| CVE-2026-48095 | high | 8.8 | 8.8 | 23h ago | 7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCu… | |||
| CVE-2026-11307 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11306 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11305 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11304 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11303 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11301 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11295 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severi… | |||
| CVE-2026-11279 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11272 | high | 8.8 | 8.8 | 2d ago | Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p… | |||
| CVE-2026-11262 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11248 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11235 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11230 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11211 | high | 8.8 | 8.8 | 2d ago | Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11202 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium secu… | |||
| CVE-2026-11201 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11191 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11188 | high | 8.8 | 8.8 | 2d ago | Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11179 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11177 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11175 | high | 8.8 | 8.8 | 2d ago | Incorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11173 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11172 | high | 8.8 | 8.8 | 2d ago | Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Mediu… | |||
| CVE-2026-11171 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11164 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11147 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11144 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11136 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11130 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11125 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11118 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11117 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11116 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11108 | high | 8.8 | 8.8 | 2d ago | Inappropriate implementation in NFC in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-11102 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11092 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11091 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11086 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11085 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11080 | high | 8.8 | 8.8 | 2d ago | Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Med… | |||
| CVE-2026-11079 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11077 | high | 8.8 | 8.8 | 2d ago | Bad cast in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2026-11076 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11074 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11071 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> | |||
| CVE-2026-11068 | high | 8.8 | 8.8 | 2d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.</p> |