Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23596
Total
1679
Critical
7415
High
7509
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-15128 | MEDIUM | 6.1 | Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15127 | MEDIUM | 6.1 | Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15126 | HIGH | 8.8 | Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15125 | HIGH | 8.8 | Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Jul 08, 2026 |
| CVE-2026-15124 | MEDIUM | 4.3 | Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. … | Jul 08, 2026 |
| CVE-2026-15123 | HIGH | 8.8 | Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium … | Jul 08, 2026 |
| CVE-2026-15122 | HIGH | 8.3 | Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process … | Jul 08, 2026 |
| CVE-2026-15121 | HIGH | 8.8 | Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15120 | HIGH | 8.3 | Use after free in Core in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially … | Jul 08, 2026 |
| CVE-2026-15119 | HIGH | 8.3 | Race in GetUserMedia in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape … | Jul 08, 2026 |
| CVE-2026-15118 | HIGH | 8.8 | Use after free in Input in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15117 | HIGH | 7.5 | Use after free in Payments in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures … | Jul 08, 2026 |
| CVE-2026-15116 | HIGH | 8.8 | Use after free in Actor in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15115 | LOW | 3.3 | Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.115 allowed a local attacker to bypass same origin policy via … | Jul 08, 2026 |
| CVE-2026-15114 | HIGH | 8.8 | Out of bounds read and write in Codecs in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a … | Jul 08, 2026 |
| CVE-2026-15113 | CRITICAL | 9.6 | Use after free in Autofill in Google Chrome on Android prior to 150.0.7871.115 allowed a remote attacker to potentially perform a sandbox escape via a … | Jul 08, 2026 |
| CVE-2026-15112 | HIGH | 8.8 | Use after free in Ozone in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … | Jul 08, 2026 |
| CVE-2026-15111 | HIGH | 7.5 | Use after free in Views in Google Chrome prior to 150.0.7871.115 allowed a remote attacker who convinced a user to engage in specific UI gestures … | Jul 08, 2026 |
| CVE-2026-15110 | HIGH | 8.8 | Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially … | Jul 08, 2026 |
| CVE-2026-15109 | MEDIUM | 6.5 | Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted … | Jul 08, 2026 |
| CVE-2026-15108 | MEDIUM | 4.3 | Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform … | Jul 08, 2026 |
| CVE-2026-15107 | HIGH | 8.8 | Use after free in IndexedDB in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jul 08, 2026 |
| CVE-2026-15105 | MEDIUM | 6.3 | A flaw has been found in davenardella snap7 up to 1.4.3. This affects the function TS7Worker::PerformFunctionRead of the file src/core/s7_server.cpp of the component ReadVar Request … | Jul 08, 2026 |
| CVE-2026-5923 | UNKNOWN | — | Malicious use of a stolen cookie might allow modifications to the contents of the IP phone’s webpage. | Jul 08, 2026 |
| CVE-2026-5922 | UNKNOWN | — | The IP phone might use malicious input stored in configuration parameters and render it as content for the WebUI’s webpage. | Jul 08, 2026 |