Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12651
Total
850
Critical
3653
High
3967
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6311 | HIGH | 8.3 | Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform … | Apr 15, 2026 |
| CVE-2026-6310 | HIGH | 8.3 | Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 15, 2026 |
| CVE-2026-6309 | HIGH | 8.3 | Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 15, 2026 |
| CVE-2026-6308 | HIGH | 7.5 | Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI … | Apr 15, 2026 |
| CVE-2026-6307 | HIGH | 8.8 | Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Apr 15, 2026 |
| CVE-2026-6306 | HIGH | 8.8 | Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 15, 2026 |
| CVE-2026-6305 | HIGH | 8.8 | Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 15, 2026 |
| CVE-2026-6304 | HIGH | 8.3 | Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 15, 2026 |
| CVE-2026-6303 | HIGH | 8.8 | Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 15, 2026 |
| CVE-2026-6302 | HIGH | 8.8 | Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 15, 2026 |
| CVE-2026-6301 | HIGH | 8.8 | Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Apr 15, 2026 |
| CVE-2026-6300 | HIGH | 8.8 | Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 15, 2026 |
| CVE-2026-6299 | HIGH | 8.8 | Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium … | Apr 15, 2026 |
| CVE-2026-6298 | MEDIUM | 4.3 | Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a … | Apr 15, 2026 |
| CVE-2026-6297 | HIGH | 8.3 | Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape … | Apr 15, 2026 |
| CVE-2026-6296 | CRITICAL | 9.6 | Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML … | Apr 15, 2026 |
| CVE-2026-40919 | MEDIUM | 6.1 | A flaw was found in GIMP. This vulnerability, a buffer overflow in the `file-seattle-filmworks` plugin, can be exploited when a user opens a specially crafted … | Apr 15, 2026 |
| CVE-2026-40918 | MEDIUM | 5.5 | A flaw was found in GIMP. Processing a specially crafted PVR image file with large dimensions can lead to a denial of service (DoS). This … | Apr 15, 2026 |
| CVE-2026-40917 | MEDIUM | 5.0 | A flaw was found in GIMP. This vulnerability, a heap buffer over-read in the `icns_slurp()` function, occurs when processing specially crafted ICNS image files. An … | Apr 15, 2026 |
| CVE-2026-40916 | MEDIUM | 5.0 | A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause … | Apr 15, 2026 |
| CVE-2026-40915 | MEDIUM | 5.5 | A flaw was found in GIMP. A remote attacker could exploit an integer overflow vulnerability in the FITS image loader by providing a specially crafted … | Apr 15, 2026 |
| CVE-2026-39857 | MEDIUM | 5.3 | ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the choices and counts query parameters of … | Apr 15, 2026 |
| CVE-2026-35569 | HIGH | 8.7 | ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in SEO-related fields (SEO Title and Meta … | Apr 15, 2026 |
| CVE-2026-33889 | MEDIUM | 5.4 | ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain a stored cross-site scripting vulnerability in the @apostrophecms/color-field module, where color values … | Apr 15, 2026 |
| CVE-2026-33888 | MEDIUM | 5.3 | ApostropheCMS is an open-source Node.js content management system. Versions 4.28.0 and prior contain an authorization bypass vulnerability in the getRestQuery method of the @apostrophecms/piece-type module, … | Apr 15, 2026 |