CVEs from 2026
Total
14,122
critical
critical 1,246
high
high 4,695
medium
medium 4,475
low
low 488
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.8%
Top vendors
Top products
- chrome 522
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 247
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-31431 | high | 7.8 | 10.0 | 1mo ago | Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation. | |||
| CVE-2026-43284 | high | 8.8 | 9.8 | 23d ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks… | |||
| CVE-2026-23918 | high | 8.8 | 9.8 | 1mo ago | Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which f… | |||
| CVE-2026-42897 | high | 8.1 | 9.6 | 21d ago | Microsoft Exchange Server contains a cross-site scripting vulnerability during web page generation in Outlook Web Access and when certain interaction conditions are met, arbitrary JavaScript can be e… | |||
| CVE-2026-41091 | high | 7.8 | 9.3 | 15d ago | Microsoft Defender contains a link following vulnerability that allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-33825 | high | 7.8 | 9.3 | 1mo ago | Microsoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally. | |||
| CVE-2026-42471 | high | 8.1 | 9.1 | 1mo ago | Unsafe deserialization vulnerability in MixPHP Framework 2.x thru 2.2.17. The sync-invoke client (Connection.php:76) calls unserialize() on data received from the server response, enabling client-sid… | |||
| CVE-2026-46522 | high | — | 9.0 | 16d ago | ImageMagick: Infinite Loop in the MIFF decoder can lead to CPU exhaustion | |||
| CVE-2026-42611 | high | 8.9 | 8.9 | 29d ago | Grav is Vulnerable to Stored XSS via Tag Injection | |||
| CVE-2026-38949 | high | 8.9 | 8.9 | 1mo ago | Cross-Site Scripting (XSS) vulnerability exists in HTMLy version 3.1.1 in the content creation functionality at the /add/content?type=image endpoint. The application fails to properly sanitize user i… | |||
| CVE-2026-5921 | high | 8.9 | 8.9 | 1mo ago | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variables from the instance through a timing si… | |||
| CVE-2026-41860 | high | 8.8 | 8.8 | 4h ago | CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-co… | |||
| CVE-2026-35085 | high | 8.8 | 8.8 | 18h ago | A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root. | |||
| CVE-2026-35084 | high | 8.8 | 8.8 | 18h ago | A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root. | |||
| CVE-2026-35083 | high | 8.8 | 8.8 | 18h ago | A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root. | |||
| CVE-2026-35082 | high | 8.8 | 8.8 | 18h ago | The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input. | |||
| CVE-2026-36608 | high | 8.8 | 8.8 | 1d ago | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP (192.168.1.1) or local… | |||
| CVE-2026-36607 | high | 8.8 | 8.8 | 1d ago | Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint (code=10), which lacks the rate limiting applied to th… | |||
| CVE-2026-49443 | high | 8.8 | 8.8 | 1d ago | authentik is an open-source identity provider. Prior to versions 2025.12.6, 2026.2.4, and 2026.5.1, an attacker with the ability to change a source connection, and an account in one of the configured… | |||
| CVE-2026-49143 | high | 8.8 | 8.8 | 1d ago | browserstack-runner vulnerable to Remote Code Execution via vm sandbox escape in _log HTTP handler | |||
| CVE-2026-1829 | high | 8.8 | 8.8 | 1d ago | The Content Visibility for Divi Builder plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.02 via the 'et_pb_text' shortcode 'cvdb_content_visibility_… | |||
| CVE-2026-30652 | high | 8.8 | 8.8 | 2d ago | A remote buffer overflow vulnerability exists in the /cgi-bin/dido/setdo.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-0300a. This flaw allows an … | |||
| CVE-2026-30650 | high | 8.8 | 8.8 | 2d ago | A post-authentication remote buffer overflow vulnerability exists in the /cgi-bin/admin/eventtask.cgi endpoint of the admin interface of Vivotek FD8136 cameras running firmware version FD8136-VVTK-03… | |||
| CVE-2026-10591 | high | 8.8 | 8.8 | 2d ago | Insufficient access control restrictions in the file write tool in Amazon Kiro IDE before version 0.11 might allow remote unauthenticated actors to execute arbitrary commands via crafted instructions… | |||
| CVE-2026-7201 | high | 8.8 | 8.8 | 2d ago | CWE-639: Authorization Bypass Through User-Controlled Key in web services in Progress Sitefinity 15.2.x before 15.2.8441, 15.3.x before 15.3.8531, and 15.4.x before 15.4.8630 allows a remote authenti… | |||
| CVE-2026-7195 | high | 8.8 | 8.8 | 2d ago | CWE-20: Improper Input Validation in web services in Progress Sitefinity 14.1.x through 14.3.x, 14.4.x before 14.4.8152, 15.0.x before 15.0.8234, 15.1.x before 15.1.8335, 15.2.x before 15.2.8441, 15.… | |||
| CVE-2026-1784 | high | 8.8 | 8.8 | 2d ago | The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was… | |||
| CVE-2026-25277 | high | 8.8 | 8.8 | 2d ago | Memory corruption while using Strongbox due to buffer overflow. | |||
| CVE-2026-25276 | high | 8.8 | 8.8 | 2d ago | Memory corruption while using Strongbox due to missing bounds check. | |||
| CVE-2026-24782 | high | 8.8 | 8.8 | 2d ago | Kiteworks is a private data network (PDN). Prior to version 9.3.0,ultiple SQL Injection vulnerabilities in Kiteworks Secure Data Forms could be exploited by an authenticated attacker with the FormBui… | |||
| CVE-2026-10293 | high | 8.8 | 8.8 | 2d ago | A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the argument Profile causes stack-based buffer ov… | |||
| CVE-2026-10292 | high | 8.8 | 8.8 | 2d ago | A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The at… | |||
| CVE-2026-9614 | high | 8.8 | 8.8 | 3d ago | An Improper Access Control vulnerability in Ivanti Neurons for ITSM (cloud and on-premises) allows a remote authenticated attacker to gain administrative access. | |||
| CVE-2026-7770 | high | 8.8 | 8.8 | 3d ago | IBM i Access Family 1.1.5.0 through 1.1.9.12 IBM i Access Client Solutions (ACS) is vulnerable to remote code execution when configured to listen for requests from IBM i Navigator. | |||
| CVE-2026-45284 | high | 8.8 | 8.8 | 3d ago | Nextcloud is an open source content collaboration platform. From version 1.3.6 to before version 8.4.0, an improper check allowed users that where provided by LDAP to still authenticate towards user … | |||
| CVE-2026-43623 | high | 8.8 | 8.8 | 3d ago | microtar through 0.1.0 contains a stack-based buffer overflow vulnerability in the raw_to_header() function in src/microtar.c that allows attackers to corrupt adjacent stack memory by supplying a cra… | |||
| CVE-2026-10259 | high | 8.8 | 8.8 | 3d ago | A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param… | |||
| CVE-2026-49298 | high | 8.8 | 8.8 | 3d ago | A bug in Apache Airflow's KubernetesExecutor caused JWT tokens used by worker pods to authenticate against the Execution API to be passed to the worker container as command-line arguments visible in … | |||
| CVE-2026-49157 | high | 8.8 | 8.8 | 3d ago | Incorrect Default Permissions vulnerability in Apache ActiveMQ. This issue affects Apache ActiveMQ: before 5.19.7, from 6.0.0 before 6.2.6. The default Jolokia authorization settings granted non-ad… | |||
| CVE-2026-45505 | high | 8.8 | 8.8 | 3d ago | Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrapp… | |||
| CVE-2026-42359 | high | 8.8 | 8.8 | 3d ago | A bug in Apache Airflow's XCom PATCH endpoint `PATCH /api/v2/xcomEntries/{key}` allowed an authenticated UI/API user with XCom write permission on a Dag to set XCom entries under reserved key names (… | |||
| CVE-2026-10206 | high | 8.8 | 8.8 | 3d ago | A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer o… | |||
| CVE-2026-10191 | high | 8.8 | 8.8 | 4d ago | A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This manipulation of the argument wifiMacFilterSet.macList.mac causes s… | |||
| CVE-2026-10192 | high | 8.8 | 8.8 | 4d ago | A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based bu… | |||
| CVE-2026-10188 | high | 8.8 | 8.8 | 4d ago | A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overfl… | |||
| CVE-2026-10189 | high | 8.8 | 8.8 | 4d ago | A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based … | |||
| CVE-2026-10181 | high | 8.8 | 8.8 | 4d ago | A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results … | |||
| CVE-2026-10183 | high | 8.8 | 8.8 | 4d ago | A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-base… | |||
| CVE-2026-10179 | high | 8.8 | 8.8 | 4d ago | A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack… | |||
| CVE-2026-10165 | high | 8.8 | 8.8 | 4d ago | A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manip… | |||
| CVE-2026-10164 | high | 8.8 | 8.8 | 4d ago | A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument Sh… | |||
| CVE-2026-10163 | high | 8.8 | 8.8 | 4d ago | A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of t… | |||
| CVE-2026-10162 | high | 8.8 | 8.8 | 4d ago | A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can… | |||
| CVE-2026-10161 | high | 8.8 | 8.8 | 4d ago | A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_stat… | |||
| CVE-2026-10160 | high | 8.8 | 8.8 | 4d ago | A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the… | |||
| CVE-2026-10159 | high | 8.8 | 8.8 | 4d ago | A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page… | |||
| CVE-2026-10158 | high | 8.8 | 8.8 | 4d ago | A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-b… | |||
| CVE-2026-10126 | high | 8.8 | 8.8 | 5d ago | A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the… | |||
| CVE-2026-10125 | high | 8.8 | 8.8 | 5d ago | A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The ma… | |||
| CVE-2026-10124 | high | 8.8 | 8.8 | 5d ago | A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead t… | |||
| CVE-2026-10123 | high | 8.8 | 8.8 | 5d ago | A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_doma… | |||
| CVE-2026-10120 | high | 8.8 | 8.8 | 5d ago | A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewal… | |||
| CVE-2026-10122 | high | 8.8 | 8.8 | 5d ago | A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_na… | |||
| CVE-2026-10121 | high | 8.8 | 8.8 | 5d ago | A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keywor… | |||
| CVE-2026-10119 | high | 8.8 | 8.8 | 5d ago | A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filter_name… | |||
| CVE-2026-7465 | high | 8.8 | 8.8 | 5d ago | The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible f… | |||
| CVE-2026-48557 | high | 8.8 | 8.8 | 5d ago | Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The sanitizer checks only the final filename suffix, allowing double-ex… | |||
| CVE-2026-44421 | high | 8.8 | 8.8 | 5d ago | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs.… | |||
| CVE-2026-44420 | high | 8.8 | 8.8 | 5d ago | FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel … | |||
| CVE-2026-49373 | high | 8.8 | 8.8 | 6d ago | In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings | |||
| CVE-2026-49367 | high | 8.8 | 8.8 | 6d ago | In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account | |||
| CVE-2026-5768 | high | 8.8 | 8.8 | 6d ago | The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range … | |||
| CVE-2026-45662 | high | 8.8 | 8.8 | 6d ago | Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.0 and earlier, the deleteRegistry function in Dokploy (packages/server/src/services/registry.ts) executes docker logout ${respon… | |||
| CVE-2026-35674 | high | 8.8 | 8.8 | 6d ago | OpenClaw before 2026.5.18 contains a scope bypass vulnerability in the Gateway chat.send route that allows scoped clients to execute privileged commands. Attackers with operator.write scope can deliv… | |||
| CVE-2026-10067 | high | 8.8 | 8.8 | 6d ago | A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub_90F0 of the file multimon.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched rem… | |||
| CVE-2026-10066 | high | 8.8 | 8.8 | 6d ago | A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub_9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stac… | |||
| CVE-2026-10065 | high | 8.8 | 8.8 | 6d ago | A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function get_ups_field of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack… | |||
| CVE-2026-44239 | high | 8.8 | 8.8 | 6d ago | FreePBX is an open source IP PBX. Prior to 16.0.22 and 17.0.5, the Dashboard module's getcontent AJAX handler includes PHP files based on user-supplied input without path sanitization. The $_REQUEST[… | |||
| CVE-2026-44238 | high | 8.8 | 8.8 | 6d ago | FreePBX is an open source IP PBX. Prior to 16.0.50 and 17.0.11, the CDR Reports module page allows SQL injection through the order and sort POST parameters. Authentication with a FreePBX Administrati… | |||
| CVE-2026-9999 | high | 8.8 | 8.8 | 6d ago | Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security … | |||
| CVE-2026-9995 | high | 8.8 | 8.8 | 6d ago | Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9992 | high | 8.8 | 8.8 | 6d ago | Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9984 | high | 8.8 | 8.8 | 6d ago | Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9983 | high | 8.8 | 8.8 | 6d ago | Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9978 | high | 8.8 | 8.8 | 6d ago | Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9976 | high | 8.8 | 8.8 | 6d ago | Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9973 | high | 8.8 | 8.8 | 6d ago | Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9969 | high | 8.8 | 8.8 | 6d ago | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-9968 | high | 8.8 | 8.8 | 6d ago | Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9965 | high | 8.8 | 8.8 | 6d ago | Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9962 | high | 8.8 | 8.8 | 6d ago | Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9961 | high | 8.8 | 8.8 | 6d ago | Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9958 | high | 8.8 | 8.8 | 6d ago | Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | |||
| CVE-2026-9957 | high | 8.8 | 8.8 | 6d ago | Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) | |||
| CVE-2026-9952 | high | 8.8 | 8.8 | 6d ago | Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9947 | high | 8.8 | 8.8 | 6d ago | Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9945 | high | 8.8 | 8.8 | 6d ago | Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: … | |||
| CVE-2026-9941 | high | 8.8 | 8.8 | 6d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9940 | high | 8.8 | 8.8 | 6d ago | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9939 | high | 8.8 | 8.8 | 6d ago | Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… |