Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23287
Total
1655
Critical
7324
High
7394
Medium
CVE ID Severity Score Description Published
CVE-2026-54782 CRITICAL 10.0 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and … Jul 08, 2026
CVE-2026-54781 HIGH 7.4 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token validation … Jul 08, 2026
CVE-2026-54780 LOW 3.7 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, the CoreWCF WS-Security 1.0 … Jul 08, 2026
CVE-2026-54779 MEDIUM 5.9 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay … Jul 08, 2026
CVE-2026-54778 MEDIUM 6.2 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF UnixDomainSocket POSIX peer … Jul 08, 2026
CVE-2026-54776 MEDIUM 4.4 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service hosted … Jul 08, 2026
CVE-2026-54775 MEDIUM 6.5 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service listening … Jul 08, 2026
CVE-2026-54774 HIGH 7.4 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, SamlSerializer skips final SignatureValue … Jul 08, 2026
CVE-2026-54773 MEDIUM 5.9 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF WS-Security signature verification … Jul 08, 2026
CVE-2026-54772 HIGH 7.5 CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, an unauthenticated remote attacker … Jul 08, 2026
CVE-2026-54499 HIGH 7.5 Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Prior to 1.12.2, Stanza model loaders such … Jul 08, 2026
CVE-2026-15133 HIGH 8.8 Use after free in InterestGroups in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … Jul 08, 2026
CVE-2026-15132 HIGH 8.8 Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … Jul 08, 2026
CVE-2026-15131 MEDIUM 4.3 Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security … Jul 08, 2026
CVE-2026-15130 MEDIUM 4.3 Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium … Jul 08, 2026
CVE-2026-15129 HIGH 8.8 Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … Jul 08, 2026
CVE-2026-15128 MEDIUM 6.1 Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … Jul 08, 2026
CVE-2026-15127 MEDIUM 6.1 Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … Jul 08, 2026
CVE-2026-15126 HIGH 8.8 Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … Jul 08, 2026
CVE-2026-15125 HIGH 8.8 Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … Jul 08, 2026
CVE-2026-15124 MEDIUM 4.3 Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. … Jul 08, 2026
CVE-2026-15123 HIGH 8.8 Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium … Jul 08, 2026
CVE-2026-15122 HIGH 8.3 Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process … Jul 08, 2026
CVE-2026-15121 HIGH 8.8 Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … Jul 08, 2026
CVE-2026-15120 HIGH 8.3 Use after free in Core in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially … Jul 08, 2026