Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23287
Total
1655
Critical
7324
High
7394
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-54782 | CRITICAL | 10.0 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML 1.1 and … | Jul 08, 2026 |
| CVE-2026-54781 | HIGH | 7.4 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token validation … | Jul 08, 2026 |
| CVE-2026-54780 | LOW | 3.7 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, the CoreWCF WS-Security 1.0 … | Jul 08, 2026 |
| CVE-2026-54779 | MEDIUM | 5.9 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF SAML token replay … | Jul 08, 2026 |
| CVE-2026-54778 | MEDIUM | 6.2 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF UnixDomainSocket POSIX peer … | Jul 08, 2026 |
| CVE-2026-54776 | MEDIUM | 4.4 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service hosted … | Jul 08, 2026 |
| CVE-2026-54775 | MEDIUM | 6.5 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, a CoreWCF service listening … | Jul 08, 2026 |
| CVE-2026-54774 | HIGH | 7.4 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, SamlSerializer skips final SignatureValue … | Jul 08, 2026 |
| CVE-2026-54773 | MEDIUM | 5.9 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, CoreWCF WS-Security signature verification … | Jul 08, 2026 |
| CVE-2026-54772 | HIGH | 7.5 | CoreWCF is a port of the service side of Windows Communication Foundation (WCF) to .NET Core. Prior to 1.8.1 and 1.9.1, an unauthenticated remote attacker … | Jul 08, 2026 |
| CVE-2026-54499 | HIGH | 7.5 | Stanza is a Stanford NLP Python library for tokenization, sentence segmentation, NER, and parsing of many human languages. Prior to 1.12.2, Stanza model loaders such … | Jul 08, 2026 |
| CVE-2026-15133 | HIGH | 8.8 | Use after free in InterestGroups in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15132 | HIGH | 8.8 | Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15131 | MEDIUM | 4.3 | Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security … | Jul 08, 2026 |
| CVE-2026-15130 | MEDIUM | 4.3 | Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium … | Jul 08, 2026 |
| CVE-2026-15129 | HIGH | 8.8 | Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … | Jul 08, 2026 |
| CVE-2026-15128 | MEDIUM | 6.1 | Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15127 | MEDIUM | 6.1 | Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15126 | HIGH | 8.8 | Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15125 | HIGH | 8.8 | Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15124 | MEDIUM | 4.3 | Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. … | Jul 08, 2026 |
| CVE-2026-15123 | HIGH | 8.8 | Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium … | Jul 08, 2026 |
| CVE-2026-15122 | HIGH | 8.3 | Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process … | Jul 08, 2026 |
| CVE-2026-15121 | HIGH | 8.8 | Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15120 | HIGH | 8.3 | Use after free in Core in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially … | Jul 08, 2026 |