Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13240
Total
877
Critical
3855
High
4195
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-1092 | HIGH | 7.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 12.10 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2025-9484 | MEDIUM | 4.3 | GitLab has remediated an issue in GitLab EE affecting all versions from 16.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that under certain … | Apr 08, 2026 |
| CVE-2025-12664 | HIGH | 7.5 | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.0 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have … | Apr 08, 2026 |
| CVE-2026-5919 | MEDIUM | 6.5 | Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass … | Apr 08, 2026 |
| CVE-2026-5918 | MEDIUM | 4.3 | Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … | Apr 08, 2026 |
| CVE-2026-5915 | HIGH | 8.1 | Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write … | Apr 08, 2026 |
| CVE-2026-5914 | HIGH | 8.8 | Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit … | Apr 08, 2026 |
| CVE-2026-5913 | UNKNOWN | — | Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via … | Apr 08, 2026 |
| CVE-2026-5912 | HIGH | 8.8 | Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted … | Apr 08, 2026 |
| CVE-2026-5911 | MEDIUM | 4.3 | Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium … | Apr 08, 2026 |
| CVE-2026-5910 | HIGH | 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium … | Apr 08, 2026 |
| CVE-2026-5909 | HIGH | 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium … | Apr 08, 2026 |
| CVE-2026-5908 | HIGH | 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium … | Apr 08, 2026 |
| CVE-2026-5907 | HIGH | 8.1 | Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a … | Apr 08, 2026 |
| CVE-2026-5906 | MEDIUM | 4.3 | Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL … | Apr 08, 2026 |
| CVE-2026-5905 | MEDIUM | 6.5 | Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML … | Apr 08, 2026 |
| CVE-2026-5904 | UNKNOWN | — | Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially … | Apr 08, 2026 |
| CVE-2026-5903 | UNKNOWN | — | Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to … | Apr 08, 2026 |
| CVE-2026-5902 | UNKNOWN | — | Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream … | Apr 08, 2026 |
| CVE-2026-5901 | UNKNOWN | — | Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass … | Apr 08, 2026 |
| CVE-2026-5900 | UNKNOWN | — | Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. (Chromium … | Apr 08, 2026 |
| CVE-2026-5899 | UNKNOWN | — | Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI … | Apr 08, 2026 |
| CVE-2026-5898 | UNKNOWN | — | Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML … | Apr 08, 2026 |
| CVE-2026-5897 | UNKNOWN | — | Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures … | Apr 08, 2026 |
| CVE-2026-5896 | UNKNOWN | — | Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to … | Apr 08, 2026 |