Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23813
Total
1705
Critical
7468
High
7599
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-14399 | MEDIUM | 6.5 | Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted … | Jul 01, 2026 |
| CVE-2026-14398 | CRITICAL | 9.6 | Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML … | Jul 01, 2026 |
| CVE-2026-14397 | CRITICAL | 9.6 | Out of bounds write in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via … | Jul 01, 2026 |
| CVE-2026-14396 | MEDIUM | 6.5 | Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. … | Jul 01, 2026 |
| CVE-2026-14395 | HIGH | 8.8 | Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a … | Jul 01, 2026 |
| CVE-2026-14394 | HIGH | 8.8 | Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … | Jul 01, 2026 |
| CVE-2026-14393 | HIGH | 8.8 | Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 01, 2026 |
| CVE-2026-14392 | CRITICAL | 9.6 | Out of bounds write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted … | Jul 01, 2026 |
| CVE-2026-14391 | MEDIUM | 5.3 | Integer overflow in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially … | Jul 01, 2026 |
| CVE-2026-14390 | CRITICAL | 9.6 | Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML … | Jul 01, 2026 |
| CVE-2026-14389 | HIGH | 8.3 | Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox … | Jul 01, 2026 |
| CVE-2026-14388 | MEDIUM | 6.5 | Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via … | Jul 01, 2026 |
| CVE-2026-14387 | CRITICAL | 9.6 | Integer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. … | Jul 01, 2026 |
| CVE-2026-14386 | MEDIUM | 6.5 | Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via … | Jul 01, 2026 |
| CVE-2026-14385 | HIGH | 8.8 | Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to perform out of bounds memory access via … | Jul 01, 2026 |
| CVE-2026-14384 | MEDIUM | 6.5 | Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted … | Jul 01, 2026 |
| CVE-2026-14383 | HIGH | 8.8 | Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Jul 01, 2026 |
| CVE-2026-14382 | CRITICAL | 9.6 | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a … | Jul 01, 2026 |
| CVE-2026-14381 | MEDIUM | 6.5 | Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium … | Jul 01, 2026 |
| CVE-2026-11950 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Jul 01, 2026 |
| CVE-2026-55793 | UNKNOWN | — | Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in … | Jul 01, 2026 |
| CVE-2026-54712 | MEDIUM | 5.3 | OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.27.0, the RMI context propagation payload reader limits the number … | Jul 01, 2026 |
| CVE-2026-54704 | MEDIUM | 6.5 | OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.28.0, the JDBC auto-instrumentation may fail to sanitize passwords in … | Jul 01, 2026 |
| CVE-2026-54263 | HIGH | 7.3 | Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, reflected cross-site scripting (XSS) vulnerability exists … | Jul 01, 2026 |
| CVE-2026-54262 | MEDIUM | 4.3 | Wagtail is an open source content management system built on Django. In versions prior to 7.0.8, 7.3.3 and 7.4.2, a low-level user with the "Can … | Jul 01, 2026 |