Search
6,811 CVEs
CVEs (6,811, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 401–425 of 6,811 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-10972 | CRITICAL | Patched | 9.6 | 2026-06-04 | Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromiu… |
| CVE-2026-10974 | CRITICAL | Patched | 9.6 | 2026-06-04 | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted … |
| CVE-2026-10966 | CRITICAL | Patched | 9.6 | 2026-06-04 | Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (… |
| CVE-2026-10931 | CRITICAL | Patched | 9.6 | 2026-06-04 | Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium se… |
| CVE-2026-10886 | CRITICAL | Patched | 9.6 | 2026-06-04 | Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium se… |
| CVE-2026-10892 | CRITICAL | Patched | 9.6 | 2026-06-04 | Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-10881 | CRITICAL | Patched | 9.6 | 2026-06-04 | Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2024-27892 | CRITICAL | 9.6 | 2026-06-04 | Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configurati… | |
| CVE-2024-27890 | CRITICAL | 9.6 | 2026-06-04 | Affected platforms running Arista EOS with OpenConfig configured, a gNMI Set request can be run when it should have been rejected. This can result in unexpected configurati… | |
| CVE-2026-35906 | CRITICAL | 9.6 | 2026-06-04 | An undocumented debug CGI endpoint in T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03 allows unauthenticated attackers to execute arbitrary system commands as root… | |
| CVE-2026-8037 | CRITICAL | 9.6 | 2026-06-04 | OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster… | |
| CVE-2026-10840 | CRITICAL | 9.6 | 2026-06-04 | A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and ce… | |
| CVE-2026-5241 | CRITICAL | 9.6 | 2026-06-03 | A vulnerability in the LightGlue model loading path of huggingface/transformers version 5.2.0 allows an attacker-controlled model repository to execute arbitrary code durin… | |
| CVE-2026-32625 | CRITICAL | Patched | 9.6 | 2026-06-02 | LibreChat is an enhanced ChatGPT clone that supports multiple AI providers. In versions up to and including 0.8.3, the Model Context Protocol (MCP) server integration resol… |
| CVE-2026-44211 | CRITICAL | Patched | 9.6 | 2026-06-01 | Cline is an autonomous coding agent as an SDK, IDE extension, or CLI assistant. In versions 2.13.0 and prior, there is a cross-origin WebSocket hijack vulnerability in Clin… |
| CVE-2026-48866 | CRITICAL | 9.6 | 2026-06-01 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Rocketgenius Inc. Gravity Forms allows Path Traversal. This issue affects G… | |
| CVE-2026-45628 | CRITICAL | 9.6 | 2026-05-29 | Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them… | |
| CVE-2026-9967 | CRITICAL | Patched | 9.6 | 2026-05-28 | Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec… |
| CVE-2026-9918 | CRITICAL | Patched | 9.6 | 2026-05-28 | Inappropriate implementation in Tint in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-9886 | CRITICAL | Patched | 9.6 | 2026-05-28 | Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium … |
| CVE-2026-9872 | CRITICAL | Patched | 9.6 | 2026-05-28 | Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (C… |
| CVE-2026-9874 | CRITICAL | Patched | 9.6 | 2026-05-28 | Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit… |
| CVE-2026-9875 | CRITICAL | Patched | 9.6 | 2026-05-28 | Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (… |
| CVE-2026-9876 | CRITICAL | Patched | 9.6 | 2026-05-28 | Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chro… |
| CVE-2026-45311 | CRITICAL | Patched | 9.6 | 2026-05-28 | CodeWhale is a DeepSeek + MiMo coding agent in terminal. From 0.3.0 to 0.8.23, the run_tests tool executes cargo test in the workspace with ApprovalRequirement::Auto, meani… |