Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20470
Total
1466
Critical
6212
High
6509
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-13790 | MEDIUM | 6.5 | Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium … | Jun 30, 2026 |
| CVE-2026-13789 | CRITICAL | 9.6 | Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Jun 30, 2026 |
| CVE-2026-13788 | HIGH | 8.8 | Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML … | Jun 30, 2026 |
| CVE-2026-13787 | HIGH | 8.1 | Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. … | Jun 30, 2026 |
| CVE-2026-13786 | HIGH | 8.8 | Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium … | Jun 30, 2026 |
| CVE-2026-13785 | CRITICAL | 9.6 | Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific … | Jun 30, 2026 |
| CVE-2026-13784 | HIGH | 8.8 | Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures … | Jun 30, 2026 |
| CVE-2026-13783 | HIGH | 8.8 | Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures … | Jun 30, 2026 |
| CVE-2026-13782 | CRITICAL | 10.0 | Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Jun 30, 2026 |
| CVE-2026-13781 | CRITICAL | 9.6 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially … | Jun 30, 2026 |
| CVE-2026-13780 | CRITICAL | 9.6 | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially … | Jun 30, 2026 |
| CVE-2026-13779 | HIGH | 8.1 | Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. … | Jun 30, 2026 |
| CVE-2026-13778 | HIGH | 7.8 | Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. … | Jun 30, 2026 |
| CVE-2026-13777 | HIGH | 8.8 | Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via … | Jun 30, 2026 |
| CVE-2026-13776 | CRITICAL | 9.8 | Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox … | Jun 30, 2026 |
| CVE-2026-13775 | CRITICAL | 9.8 | Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Jun 30, 2026 |
| CVE-2026-13774 | HIGH | 8.1 | Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute … | Jun 30, 2026 |
| CVE-2025-71381 | MEDIUM | 6.5 | Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its CORS middleware: when the origin is not set to "*", the middleware copies the … | Jun 30, 2026 |
| CVE-2025-71374 | HIGH | 8.1 | picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers … | Jun 30, 2026 |
| CVE-2025-71371 | HIGH | 8.1 | picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute … | Jun 30, 2026 |
| CVE-2025-71368 | HIGH | 8.1 | picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle … | Jun 30, 2026 |
| CVE-2025-71363 | HIGH | 8.1 | picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle … | Jun 30, 2026 |
| CVE-2025-71355 | UNKNOWN | — | Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. … | Jun 30, 2026 |
| CVE-2025-71352 | HIGH | 8.1 | picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote … | Jun 30, 2026 |
| CVE-2025-71350 | HIGH | 8.1 | picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in reduce methods. Attackers can embed undetected code in pickle files that executes … | Jun 30, 2026 |