VYPR

CVEs

345,124 total · page 65 of 6,903

  • CVE-2026-12466Jun 17, 2026
    risk 0.00cvss epss 0.00

    Heap buffer overflow in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12465Jun 17, 2026
    risk 0.00cvss epss 0.00

    Object lifecycle issue in Metrics in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12464Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Browser in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12463Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12462Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12461Jun 17, 2026
    risk 0.00cvss epss 0.00

    Out of bounds read in WebRTC in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12460Jun 17, 2026
    risk 0.00cvss epss 0.00

    Insufficient policy enforcement in File System Access in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted PDF file. (Chromium security severity: High)

  • CVE-2026-12459Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12458Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12457Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12456Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2026-12455Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Tab Strip in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12454Jun 17, 2026
    risk 0.00cvss epss 0.00

    Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12453Jun 17, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12452Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12451Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12450Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12449Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)

  • CVE-2026-12448Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12447Jun 17, 2026
    risk 0.00cvss epss 0.00

    Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12446Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-12445Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)

  • CVE-2026-12444Jun 17, 2026
    risk 0.00cvss epss 0.00

    Out of bounds read in Chromoting in Google Chrome on Windows prior to 149.0.7827.155 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: High)

  • CVE-2026-12443Jun 17, 2026
    risk 0.00cvss epss 0.01

    Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-12442Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-12441Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-12440Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-12439Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-12438Jun 17, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-12437Jun 17, 2026
    risk 0.00cvss epss 0.00

    Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2025-15641Jun 17, 2026
    risk 0.00cvss epss 0.00

    Netskope was notified about a potential gap in its Netskope Client for Windows systems where a malicious insider with administrative privileges can potentially tamper with the customer IOCTL by sending crafted IOCTL requests to the driver. A successful exploit can result in the…

  • CVE-2026-55706Jun 17, 2026
    risk 0.00cvss epss 0.00

    sppp_pap_input in sys/net/if_spppsubr.c in OpenBSD before 076e2b1 allows authentication bypass via certain zero values for lengths.

  • CVE-2025-26240Jun 17, 2026
    risk 0.00cvss epss 0.00

    In JazzCore python-pdfkit 1.0.0, the from_string method enables the execution of JavaScript code within the context of the server application and the exfiltration of local files.

  • CVE-2025-66391Jun 17, 2026
    risk 0.00cvss epss 0.00

    In Citrix Cloud through 2025-11-10, an account with read-only access can trigger the beginning of a workflow for write operations, e.g., the system will send a one-time password to an attacker-controlled email address when the attacker attempts to reset the password of a user…

  • CVE-2026-36418Jun 17, 2026
    risk 0.00cvss epss 0.00

    JimuReport versions 2.3.4 and below are vulnerable to remote code execution due to improper handling of Aviator expressions. The /jmreport/executeSelectApi endpoint passes user-supplied input directly to the Aviator expression engine without adequate validation allowing…

  • CVE-2026-39199Jun 17, 2026
    risk 0.00cvss epss 0.00

    snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file.

  • CVE-2026-50559impJun 17, 2026
    risk 0.49cvss 7.5epss 0.00

    io.quarkus/quarkus-vertx-http: Quarkus: Authorization bypass in HTTP path-based policies via encoded characters

  • CVE-2026-55225impJun 17, 2026
    risk 0.45cvss 8.0epss

    strimzi-cluster-operator: Cross-namespace privilege escalation via Kafka.spec.entityOperator.watchedNamespace in Strimzi

  • CVE-2026-54326lowJun 16, 2026
    risk 0.00cvss epss 0.00

    # Potential XSS in HTML session exports via Markdown URL handling Pi HTML exports render session Markdown into a static HTML file. Affected versions did not consistently reject unsafe Markdown link and image URL schemes. In versions with scheme filtering, C0 control characters…

  • CVE-2026-20706Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary PR #37698 added checkDownloadTokenScope to /raw/*, /media/*, and attachment download web endpoints. The /archive/* endpoint (repo.Download in routers/web/repo/repo.go:372) was not included in the fix. This endpoint accepts OAuth2 tokens via webAuth.AllowOAuth2…

  • CVE-2026-27783Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary Three Gitea API endpoints — `GET /repos/{owner}/{repo}/issue_templates`, `GET /repos/{owner}/{repo}/issue_config` and `GET /repos/{owner}/{repo}/issue_config/validate` — read files from the repository's **Code** default branch (`.gitea/ISSUE_TEMPLATE/*` and…

  • CVE-2026-25714Jun 16, 2026
    risk 0.00cvss epss 0.00

    ## Summary Two related issues in the token public-only scope enforcement introduced by PR #32204 (CVE-2025-68941 fix). A public-only scoped API token can access private organization data. ## Issue 1: /user/orgs missing checkTokenPublicOnly() `routers/api/v1/api.go` line 1599:…

  • CVE-2026-26231higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Summary Any authenticated low-privilege user with read access to a repository can push arbitrary commits directly to that repository, bypassing all write-access checks. ## Vulnerability Gitea's "Allow edits from maintainers" PR option can be abused via reverse-fork PRs: …

  • CVE-2026-28699higJun 16, 2026
    risk 0.38cvss epss 0.01

    ### Summary Gitea fails to enforce OAuth2 access token scopes when the token is submitted via HTTP Basic authentication instead of a Bearer token. An OAuth2 application granted only `read:user` can use the same token as `Authorization: Basic base64(:x-oauth-basic)` and…

  • CVE-2026-52797higJun 16, 2026
    risk 0.38cvss epss 0.00

    **Vulnerability type:** Path Traversal **Impact:** DoS **Exploitation prerequisite:** authorized user **Description:** As an authorized user, an intruder can dictate the value which is passed to the `git diff` command which, together with bypassing the filtering of the passed…

  • CVE-2026-49980criJun 16, 2026
    risk 0.52cvss epss 0.01

    ## Summary `rclone rcd --rc-serve` accepts unauthenticated `GET` and `HEAD` requests to paths of the form: ```text /[remote:path]/object ``` The `remote` value is parsed from the URL and passed to normal backend initialization. Inline remote configuration can set backend…

  • CVE-2026-49468criJun 16, 2026
    risk 0.52cvss epss 0.01

    ### Impact A Host-header parsing flaw in the LiteLLM proxy could, under specific conditions, allow unauthenticated access to protected management routes. The auth layer derived the effective route from `request.url.path` in `litellm/proxy/auth/auth_utils.py::get_request_route()…

  • CVE-2026-28744higJun 16, 2026
    risk 0.38cvss epss 0.00

    ### Summary Gitea v1.26.1 enforces repository-scoped access-token permissions on repository operations. In the Git Smart HTTP path, however, this check runs only when the token is presented via HTTP Basic authentication — `CheckRepoScopedToken()` returns early unless…

  • CVE-2026-48797Jun 16, 2026
    risk 0.00cvss epss 0.00

    Backpropagate is a Python library for fine-tuning large language models on a single GPU. In versions 1.1.0 and 1.1.1, the optional Reflex web UI exposes a training control plane without authentication: dataset upload, model load, training start/stop, multi-run orchestration,…

  • CVE-2026-54304higJun 16, 2026
    risk 0.38cvss epss 0.00

    ## Impact An authenticated user with permission to create or modify workflows and access to a SecurityScorecard credential with limited allowed domains could configure the SecurityScorecard node's report download operation to target an attacker-controlled URL. The node attached…