Search

Search Results (363701 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-13821 1 Google 1 Chrome 2026-07-06 8.8 High
Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13827 1 Google 1 Chrome 2026-07-06 7.8 High
Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-25268 2026-07-06 8.8 High
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
CVE-2026-21383 2026-07-06 7.1 High
Cryptographic Issue when using a static initialization vector for AES-GCM key wrapping, which requires a unique value for each call to ensure security.
CVE-2025-59616 2026-07-06 6.6 Medium
Memory Corruption when processing multiple IOCTL calls with the same buffer file descriptor input due to accessing already freed memory.
CVE-2026-14471 1 Aws 1 Mcp Gateway Registry 2026-07-06 8.1 High
Improper Neutralization of Special Elements in the metrics-service retention policy management component in Amazon mcp-gateway-registry before 1.0.13 might allow an authenticated remote user to execute arbitrary SQL queries via a crafted table_name value that is interpolated into SQL statements in identifier position. To remediate this issue, users should upgrade to version 1.0.13 or later.
CVE-2026-54709 2026-07-06 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-54637. Reason: This candidate is a duplicate of CVE-2026-54637. Notes: All CVE users should reference CVE-2026-54637 instead of this candidate.
CVE-2026-13833 1 Google 1 Chrome 2026-07-06 6.5 Medium
Uninitialized Use in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13838 1 Google 1 Chrome 2026-07-06 6.5 Medium
Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13839 1 Google 1 Chrome 2026-07-06 6.5 Medium
Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13844 1 Google 1 Chrome 2026-07-06 7.8 High
Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-13848 1 Google 1 Chrome 2026-07-06 8.8 High
Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13850 1 Google 1 Chrome 2026-07-06 8.8 High
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High)
CVE-2026-13853 1 Google 1 Chrome 2026-07-06 9.6 Critical
Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13854 1 Google 1 Chrome 2026-07-06 9.6 Critical
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13864 1 Google 1 Chrome 2026-07-06 8.1 High
Insufficient policy enforcement in WebHID in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2026-13870 1 Google 1 Chrome 2026-07-06 8.8 High
Use after free in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13884 1 Google 1 Chrome 2026-07-06 8.8 High
Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-13885 1 Google 1 Chrome 2026-07-06 8.8 High
Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13886 1 Google 1 Chrome 2026-07-06 6.5 Medium
Insufficient policy enforcement in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)