Search
31,026 CVEs · Critical severity
CVEs (31,026, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 1–25 of 31,026 (capped at 500)
| CVE ID ↓ | Severity | Patch | CVSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2026-9967 | CRITICAL | Patched | 9.6 | 2026-05-28 | Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec… |
| CVE-2026-9918 | CRITICAL | Patched | 9.6 | 2026-05-28 | Inappropriate implementation in Tint in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-9891 | CRITICAL | Patched | 9.0 | 2026-05-28 | Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es… |
| CVE-2026-9886 | CRITICAL | Patched | 9.6 | 2026-05-28 | Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium … |
| CVE-2026-9881 | CRITICAL | Patched | 9.0 | 2026-05-28 | Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform… |
| CVE-2026-9876 | CRITICAL | Patched | 9.6 | 2026-05-28 | Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chro… |
| CVE-2026-9875 | CRITICAL | Patched | 9.6 | 2026-05-28 | Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (… |
| CVE-2026-9874 | CRITICAL | Patched | 9.6 | 2026-05-28 | Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit… |
| CVE-2026-9872 | CRITICAL | Patched | 9.6 | 2026-05-28 | Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (C… |
| CVE-2026-9813 | CRITICAL | Patched | 9.9 | 2026-05-28 | FlowIntel up to version 3.3.0 contains a server-side request forgery (SSRF) vulnerability in the external reference URL probe functionality in app/case/task.py. An attacker… |
| CVE-2026-9645 | CRITICAL | 9.9 | 2026-05-28 | Exposed methods allow authenticated users to create and execute arbitrary JavaScript code on the server. The scripts execute with full access, enabling complete system comp… | |
| CVE-2026-9559 | CRITICAL | 9.9 | 2026-05-29 | A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign imports, a flaw in the validation logic… | |
| CVE-2026-9558 | CRITICAL | 9.9 | 2026-05-29 | A Server-Side Template Injection (SSTI) vulnerability exists in Mautic's theme engine. The platform renders uploaded Twig templates without a sandbox or strict function res… | |
| CVE-2026-9543 | CRITICAL | 9.8 | 2026-05-26 | A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Managem… | |
| CVE-2026-9478 | CRITICAL | 9.8 | 2026-05-25 | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Mana… | |
| CVE-2026-9477 | CRITICAL | 9.8 | 2026-05-25 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the comp… | |
| CVE-2026-9476 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the compo… | |
| CVE-2026-9475 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Manage… | |
| CVE-2026-9458 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web… | |
| CVE-2026-9457 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the comp… | |
| CVE-2026-9456 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management I… | |
| CVE-2026-9455 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component … | |
| CVE-2026-9454 | CRITICAL | 9.8 | 2026-05-25 | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the c… | |
| CVE-2026-9436 | CRITICAL | 9.8 | 2026-05-25 | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web M… | |
| CVE-2026-9435 | CRITICAL | 9.8 | 2026-05-25 | A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web M… |