Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

20470
Total
1466
Critical
6212
High
6509
Medium
CVE ID Severity Score Description Published
CVE-2026-13790 MEDIUM 6.5 Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium … Jun 30, 2026
CVE-2026-13789 CRITICAL 9.6 Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a … Jun 30, 2026
CVE-2026-13788 HIGH 8.8 Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML … Jun 30, 2026
CVE-2026-13787 HIGH 8.1 Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. … Jun 30, 2026
CVE-2026-13786 HIGH 8.8 Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium … Jun 30, 2026
CVE-2026-13785 CRITICAL 9.6 Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific … Jun 30, 2026
CVE-2026-13784 HIGH 8.8 Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures … Jun 30, 2026
CVE-2026-13783 HIGH 8.8 Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures … Jun 30, 2026
CVE-2026-13782 CRITICAL 10.0 Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a … Jun 30, 2026
CVE-2026-13781 CRITICAL 9.6 Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially … Jun 30, 2026
CVE-2026-13780 CRITICAL 9.6 Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially … Jun 30, 2026
CVE-2026-13779 HIGH 8.1 Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. … Jun 30, 2026
CVE-2026-13778 HIGH 7.8 Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. … Jun 30, 2026
CVE-2026-13777 HIGH 8.8 Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via … Jun 30, 2026
CVE-2026-13776 CRITICAL 9.8 Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox … Jun 30, 2026
CVE-2026-13775 CRITICAL 9.8 Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a … Jun 30, 2026
CVE-2026-13774 HIGH 8.1 Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute … Jun 30, 2026
CVE-2025-71381 MEDIUM 6.5 Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its CORS middleware: when the origin is not set to "*", the middleware copies the … Jun 30, 2026
CVE-2025-71374 HIGH 8.1 picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers … Jun 30, 2026
CVE-2025-71371 HIGH 8.1 picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and execute … Jun 30, 2026
CVE-2025-71368 HIGH 8.1 picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle … Jun 30, 2026
CVE-2025-71363 HIGH 8.1 picklescan before 0.0.30 fails to detect cProfile.run function calls in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle … Jun 30, 2026
CVE-2025-71355 UNKNOWN Picklescan before 0.0.25 fails to detect unsafe global functions in the Numpy library, allowing attackers to bypass static analysis and execute arbitrary code during deserialization. … Jun 30, 2026
CVE-2025-71352 HIGH 8.1 picklescan before 0.0.29 fails to detect the built-in Python trace.Trace.runctx function when used in pickle file reduce methods, allowing attackers to execute arbitrary code. Remote … Jun 30, 2026
CVE-2025-71350 HIGH 8.1 picklescan before 0.0.28 fails to detect malicious pickle files using torch.utils.collect_env.run function in reduce methods. Attackers can embed undetected code in pickle files that executes … Jun 30, 2026