Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12604
Total
849
Critical
3630
High
3947
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-5286 | HIGH | 8.8 | Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium … | Apr 01, 2026 |
| CVE-2026-5285 | HIGH | 8.8 | Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 01, 2026 |
| CVE-2026-5284 | HIGH | 7.5 | Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code … | Apr 01, 2026 |
| CVE-2026-5283 | MEDIUM | 6.5 | Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security … | Apr 01, 2026 |
| CVE-2026-5282 | HIGH | 8.1 | Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via … | Apr 01, 2026 |
| CVE-2026-5281 | HIGH | 8.8 | Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code … | Apr 01, 2026 |
| CVE-2026-5280 | HIGH | 8.8 | Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 01, 2026 |
| CVE-2026-5279 | HIGH | 8.8 | Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Apr 01, 2026 |
| CVE-2026-5278 | HIGH | 8.8 | Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted … | Apr 01, 2026 |
| CVE-2026-5277 | HIGH | 7.5 | Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an … | Apr 01, 2026 |
| CVE-2026-5276 | MEDIUM | 6.5 | Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a … | Apr 01, 2026 |
| CVE-2026-5275 | HIGH | 8.8 | Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML … | Apr 01, 2026 |
| CVE-2026-5274 | HIGH | 8.8 | Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security … | Apr 01, 2026 |
| CVE-2026-5273 | MEDIUM | 6.3 | Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 01, 2026 |
| CVE-2026-5272 | HIGH | 8.8 | Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium … | Apr 01, 2026 |
| CVE-2026-5254 | LOW | 3.5 | A security vulnerability has been detected in welovemedia FFmate up to 2.0.15. Affected by this issue is some unknown functionality of the file /ui/app/components/AppJsonTreeView.vue of … | Apr 01, 2026 |
| CVE-2026-5253 | LOW | 3.5 | A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component editNotice … | Apr 01, 2026 |
| CVE-2026-5252 | LOW | 3.5 | A security flaw has been discovered in z-9527 admin 1.0/2.0. Affected is an unknown function of the file /server/routes/message.js of the component Message Create Endpoint. … | Apr 01, 2026 |
| CVE-2026-5251 | MEDIUM | 6.3 | A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation … | Apr 01, 2026 |
| CVE-2026-5249 | LOW | 3.5 | A vulnerability was found in gougucms 4.08.18. This impacts an unknown function of the file \gougucms-master\app\admin\view\user\record.html of the component Record Endpoint. Performing a manipulation of … | Apr 01, 2026 |
| CVE-2026-4947 | HIGH | 7.1 | Addressed a potential insecure direct object reference (IDOR) vulnerability in the signing invitation acceptance process. Under certain conditions, this issue could have allowed an attacker … | Apr 01, 2026 |
| CVE-2026-4374 | UNKNOWN | — | Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data … | Apr 01, 2026 |
| CVE-2026-3831 | MEDIUM | 4.3 | The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check … | Apr 01, 2026 |
| CVE-2026-3780 | HIGH | 7.3 | The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local … | Apr 01, 2026 |
| CVE-2026-3779 | HIGH | 7.8 | The application's list box calculate array logic keeps stale references to page or form objects after they are deleted or re-created, which allows crafted documents … | Apr 01, 2026 |