31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 551–600 of 31,467 · page 12 of 630
| ID | Title | Summary |
|---|---|---|
| CVE-2026-8046 | CVE-2026-8046 CVSS 8.1 | The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerabil… |
| CVE-2026-8045 | CVE-2026-8045 | CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists that could cause information disclosure of server-side file contents when an… |
| CVE-2026-8043 | CVE-2026-8043 CVSS 9.6 | External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HT… |
| CVE-2026-8039 | CVE-2026-8039 CVSS 6.4 | The Fancy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'author' shortcode attribute in the 'testimonial' shortcode in… |
| CVE-2026-8037 | CVE-2026-8037 CVSS 9.6 | OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on t… |
| CVE-2026-8036 | CVE-2026-8036 CVSS 7.1ni | Improper input validation in NI-PAL may allow a local authenticated user to access arbitrary system memory, potentially leading to privilege escalation. This v… |
| CVE-2026-8035 | CVE-2026-8035 CVSS 7.1ni | Improper input validation in the NI-PAL kernel driver may allow a local authenticated user to cause a denial of service by triggering a crash due to a NULL poi… |
| CVE-2026-8034 | CVE-2026-8034 CVSS 9.8 | A server-side request forgery (SSRF) vulnerability was identified in the GitHub Enterprise Server notebook viewer that allowed an attacker to access internal s… |
| CVE-2026-8025 | CVE-2026-8025 CVSS 9.8 | Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in MOSK Information Technologies Ltd. CBS Platform allows SQ… |
| CVE-2026-8024 | CVE-2026-8024 CVSS 9.8 | A remote, unauthenticated attacker may exploit a deserialization of untrusted data vulnerability in ibaPDA or ibaDatCoordinator to gain full access to the affe… |
| CVE-2026-8018 | CVE-2026-8018 CVSS 8.1 | Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via malic… |
| CVE-2026-8016 | CVE-2026-8016 CVSS 8.8 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-8002 | CVE-2026-8002 CVSS 8.8 | Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … |
| CVE-2026-8001 | CVE-2026-8001 CVSS 8.3 | Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process t… |
| CVE-2026-8000 | CVE-2026-8000 CVSS 8.8 | Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary co… |
| CVE-2026-7995 | CVE-2026-7995 CVSS 8.8 | Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … |
| CVE-2026-7992 | CVE-2026-7992 CVSS 8.8 | Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to e… |
| CVE-2026-7991 | CVE-2026-7991 CVSS 8.8 | Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code insid… |
| CVE-2026-7988 | CVE-2026-7988 CVSS 8.8 | Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-7987 | CVE-2026-7987 CVSS 8.8 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-7985 | CVE-2026-7985 CVSS 8.3 | Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb… |
| CVE-2026-7984 | CVE-2026-7984 CVSS 8.8 | Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary c… |
| CVE-2026-7981 | CVE-2026-7981 CVSS 8.1 | Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory … |
| CVE-2026-7980 | CVE-2026-7980 CVSS 8.8 | Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page… |
| CVE-2026-7978 | CVE-2026-7978 CVSS 8.1 | Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via… |
| CVE-2026-7975 | CVE-2026-7975 CVSS 8.3 | Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a … |
| CVE-2026-7974 | CVE-2026-7974 CVSS 8.8 | Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (… |
| CVE-2026-7973 | CVE-2026-7973 CVSS 8.8 | Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTM… |
| CVE-2026-7970 | CVE-2026-7970 CVSS 8.3 | Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a… |
| CVE-2026-7967 | CVE-2026-7967 CVSS 8.3 | Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer pro… |
| CVE-2026-7963 | CVE-2026-7963 CVSS 8.3 | Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to pot… |
| CVE-2026-7957 | CVE-2026-7957 CVSS 8.8 | Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute … |
| CVE-2026-7956 | CVE-2026-7956 CVSS 8.3 | Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform … |
| CVE-2026-7951 | CVE-2026-7951 CVSS 8.8 | Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML p… |
| CVE-2026-7940 | CVE-2026-7940 CVSS 8.8 | Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary cod… |
| CVE-2026-7938 | CVE-2026-7938 CVSS 8.8 | Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… |
| CVE-2026-7930 | CVE-2026-7930 | Rejected reason: Is not a vulnerability, is a feature bug. |
| CVE-2026-7928 | CVE-2026-7928 CVSS 8.8 | Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … |
| CVE-2026-7927 | CVE-2026-7927 CVSS 8.8 | Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.… |
| CVE-2026-7926 | CVE-2026-7926 CVSS 8.8 | Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT… |
| CVE-2026-7923 | CVE-2026-7923 CVSS 8.3 | Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a… |
| CVE-2026-7922 | CVE-2026-7922 CVSS 8.3 | Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML pa… |
| CVE-2026-7921 | CVE-2026-7921 CVSS 8.8 | Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium secu… |
| CVE-2026-7920 | CVE-2026-7920 CVSS 8.3 | Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… |
| CVE-2026-7919 | CVE-2026-7919 CVSS 8.3 | Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… |
| CVE-2026-7918 | CVE-2026-7918 CVSS 8.3 | Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb… |
| CVE-2026-7917 | CVE-2026-7917 CVSS 8.3 | Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potential… |
| CVE-2026-7916 | CVE-2026-7916 CVSS 8.3 | Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to po… |
| CVE-2026-7914 | CVE-2026-7914 CVSS 8.3 | Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potent… |
| CVE-2026-7911 | CVE-2026-7911 CVSS 8.3 | Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially per… |