Skip to main content
CVE-2026-21031 MEDIUM This Month

Improper authorization in Samsung's AppBlock application on Android 15 and 16 devices allows a local, low-privileged attacker to launch arbitrary Android Activities without proper permission checks. Exploitation requires passive user interaction (CVSS 4.0 UI:P) and local device access, but the confidentiality impact on the vulnerable system is rated High (VC:H), consistent with the reported Information Disclosure tag. No public exploit code exists and the vulnerability is not listed in CISA's KEV catalog at time of analysis; Samsung has released a patch in SMR Jun-2026 Release 1.

Authentication Bypass Samsung Mobile Devices
NVD VulDB
CVSS 4.0
5.2
EPSS
0.0%
CVE-2026-47377 MEDIUM PATCH GHSA This Month

Open redirect in NocoDB's client-side hashRedirect plugin allows any attacker to silently send visitors from a legitimate NocoDB origin to an attacker-controlled domain by embedding a protocol-relative path in the URL hash fragment. All NocoDB npm releases prior to 2026.04.1 are affected; the flaw exists in `packages/nc-gui/plugins/hashRedirect.client.ts` where a single `startsWith('/')` check fails to exclude `//attacker.com/...` paths, which browsers resolve as absolute URLs. No public exploit has been identified at time of analysis, but the technique requires zero tooling and no authentication, making phishing campaigns against NocoDB users trivially constructable.

Open Redirect
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-47376 MEDIUM PATCH GHSA This Month

Reflected XSS in NocoDB's password-reset flow allows an unauthenticated attacker to execute arbitrary JavaScript in the victim's browser within the NocoDB origin by sending a crafted password-reset link. The vulnerability stems from the EJS server-side template rendering the reset token directly into a JavaScript string literal without escaping single quotes or backslashes, enabling string-context escape. Any NocoDB instance running versions prior to 2026.04.1 is affected; no public exploit identified at time of analysis, though the advisory includes a functional proof-of-concept payload.

XSS
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2026-47730 MEDIUM PATCH GHSA This Month

Cross-site scripting in Twig's profiler HtmlDumper component (twig/twig >= 3.0.0, < 3.26.0) allows an attacker who can control template names - via an ArrayLoader key, a database-backed loader row ID, or similar - to inject arbitrary HTML that executes in any browser rendering the profiler output. The root cause is a missing htmlspecialchars() call in HtmlDumper::formatTemplate() and related methods before writing Profile::getTemplate() and Profile::getName() into the HTML response. No public exploit or CISA KEV listing has been identified at time of analysis, but the vendor confirmed the issue and shipped a fix in v3.26.0 as part of a coordinated batch of security releases.

PHP XSS
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-50232 MEDIUM This Month

Stored cross-site scripting in Lyrion Music Server 9.2.0 allows remote attackers to inject JavaScript payloads via media file metadata fields (GENRE, ARTIST, ALBUM) that execute when other users browse the web interface. With CVSS 7.2 and a changed scope, successful exploitation can reach management functions and disclose settings. No public exploit identified at time of analysis, and no CISA KEV listing.

XSS Lyrion Music Server
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-21028 MEDIUM This Month

Improper access control in the AuditLogService component of Samsung Mobile Devices running Android 16 exposes sensitive audit log information to local attackers. The flaw, disclosed and patched by Samsung Mobile as part of their June 2026 Security Maintenance Release (SMR Jun-2026 Release 1), enables a local attacker without special privileges to both read and potentially modify sensitive data surfaced by the audit logging subsystem. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Samsung Mobile Devices
NVD
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-11276 MEDIUM PATCH This Month

Discretionary access control bypass in Google Chrome's Cast feature (prior to 149.0.7827.53) allows an attacker positioned on the local network segment to interfere with Cast functionality via crafted malicious network traffic. The vulnerability stems from improper privilege management (CWE-269) within the Cast implementation, resulting in limited confidentiality and integrity impact (CVSS 5.1). No public exploit code has been identified at time of analysis, and CISA KEV listing is absent; however, the no-authentication-required condition and the network-adjacent attack surface make this relevant for environments where Chrome's Cast feature is actively used on shared or untrusted network segments.

Google Privilege Escalation Red Hat Suse Chrome
NVD
CVSS 3.1
5.1
EPSS
0.0%
CVE-2026-50235 MEDIUM This Month

Reflected cross-site scripting in Lyrion Music Server 9.2.0 allows unauthenticated remote attackers to inject arbitrary JavaScript into victims' browsers via unsanitized advanced search parameters, enabling session token theft and account hijacking with a single user-click interaction. The changed scope (S:C) in the CVSS vector confirms the injected script executes outside the origin of the vulnerable application, amplifying cross-domain impact. No public exploit identified at time of analysis and no CISA KEV listing, but the ZeroScience Lab advisory reference is a known PoC-publishing outlet - PoC availability should be treated as likely pending confirmation.

XSS Lyrion Music Server
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-50231 MEDIUM This Month

Stored cross-site scripting in Lyrion Music Server 9.2.0's log viewer allows unauthenticated remote attackers to inject persistent JavaScript via unescaped template variables, executing arbitrary scripts in the browsers of administrators or other users who view the logs. Injection vectors include the search, lines, and path query parameters as well as indirect channels such as URLs, User-Agent headers, stream titles, and player names that get written to the server log. No public exploit identified at time of analysis, but the CVSS 7.2 score reflects a scope-changed impact (S:C) due to the cross-origin nature of XSS.

XSS Lyrion Music Server
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2026-11290 MEDIUM PATCH This Month

Integer overflow in the WebView component of Google Chrome on Android (prior to 149.0.7827.53) allows a local, low-privileged attacker to crash the application via a crafted malicious file, resulting in a denial of service. The attack requires user interaction - the victim must open or process the malicious file through a WebView-rendered surface. No public exploit code has been identified at time of analysis, and the EPSS score of 0.01% (1st percentile) indicates extremely low real-world exploitation probability; the vendor has rated this Low severity.

Denial Of Service Google
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-11281 MEDIUM PATCH This Month

Integer overflow in Chrome's Chromoting (Remote Desktop) component on Windows exposes process memory contents to local authenticated attackers via crafted ETW (Event Tracing for Windows) events. Affected versions are all Chrome releases on Windows prior to 149.0.7827.53. With CVSS confidentiality impact rated High and no public exploit identified at time of analysis, the practical risk is constrained by the local access and user interaction requirements, though sensitive data such as credentials or session tokens resident in process memory could be disclosed. EPSS score of 0.01% (1st percentile) confirms low observed exploitation probability.

Information Disclosure Google Microsoft Chrome
NVD VulDB
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-21034 MEDIUM This Month

Samsung Auto for Android exposes audio configuration functionality through improperly exported application components, allowing a local attacker with low privileges to arbitrarily modify audio settings without authorization. Affected versions are Samsung Auto prior to 3.1.2.61 on Android 15 and prior to 3.2.0.38 on Android 16, as confirmed by the Samsung Mobile vendor advisory and EUVD-2026-34806. No public exploit is identified at time of analysis and this vulnerability has not been added to the CISA KEV catalog, placing it at low real-world priority despite the straightforward local attack path.

Information Disclosure Google Samsung Samsung Auto
NVD VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-21027 MEDIUM This Month

ImsSettings on Samsung Mobile Devices (Android 14, 15, 16) exposes an improperly exported Android application component, enabling locally authenticated low-privilege attackers to invoke the component and trigger its logging function, resulting in limited information disclosure. The vulnerability is patched in Samsung's SMR Jun-2026 Release 1 and is reported exclusively by Samsung Mobile. No public exploit code and no CISA KEV listing have been identified at time of analysis, and the CVSS 4.0 score of 4.8 (Medium) reflects the narrow, local-only impact.

Information Disclosure Google
NVD
CVSS 4.0
4.8
EPSS
0.0%
CVE-2026-11249 MEDIUM PATCH This Month

Use-after-free in the Network component of Google Chrome prior to version 149.0.7827.53 enables an attacker who has already compromised the renderer process to read potentially sensitive data from process memory by delivering a crafted HTML page. The Changed scope (S:C) in the CVSS vector confirms the vulnerability crosses security boundaries - specifically from the renderer sandbox into the Network process - making this a secondary exploitation step rather than an initial access vector. No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog; Google has released a patched stable channel build.

Denial Of Service Use After Free Memory Corruption Google Red Hat +2
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-21017 MEDIUM This Month

Improper privilege handling in Samsung's SecTelephonyProvider component allows local attackers on Samsung Mobile Devices to access files that should be restricted to privileged processes. Affected devices run Android 14, 15, and 16 prior to the SMR Jun-2026 Release 1 patch, spanning the full current Samsung Android support matrix. No public exploit code exists and no KEV listing has been issued; the CVSS 4.0 score of 4.6 reflects constrained real-world impact due to required local access and active user interaction.

Information Disclosure Samsung Mobile Devices
NVD
CVSS 4.0
4.6
EPSS
0.0%
CVE-2026-50590 MEDIUM PATCH This Month

Arbitrary file access in Mimecast Incydr versions before 2.6.0 exposes endpoints to unauthorized read and write operations against files outside the application's intended scope, rooted in incorrect permission assignments (CWE-732). The CVSS 3.1 Changed Scope indicator (S:C) confirms that exploitation can reach resources beyond the Incydr agent boundary - meaningful given that Incydr is itself an insider risk monitoring platform that may store sensitive activity logs and configuration on the endpoint. Mimecast has released version 2.6.0 as the fix; no public exploit identified at time of analysis.

Information Disclosure Incydr
NVD
CVSS 3.1
4.5
EPSS
0.0%
CVE-2026-11286 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Wallet component (versions prior to 149.0.7827.53) permits a remote attacker who has already achieved renderer process compromise to manipulate the browser's payment/credential interface by delivering a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) scores this at 4.3 Medium, but the explicit renderer-compromise prerequisite in the description significantly narrows real-world attack surface beyond what those scores imply. No public exploit identified at time of analysis, EPSS sits at 0.05% (15th percentile), there is no CISA KEV listing, and Google's own Chromium team rates this Low severity - all signals converging on limited exploitation likelihood.

Information Disclosure Google
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11280 MEDIUM PATCH This Month

UI spoofing in Google Chrome on iOS (prior to 149.0.7827.53) allows an unauthenticated remote attacker to present a deceptive interface to users by serving a crafted HTML page, specifically targeting the Signin flow. The root cause is an inappropriate implementation classified under CWE-20 (Improper Input Validation), meaning Chrome fails to sufficiently validate or constrain inputs that influence the rendered signin UI. No public exploit code exists and no active exploitation has been confirmed; EPSS of 0.05% (15th percentile) indicates very low near-term exploitation probability, consistent with the Low Chromium severity rating.

Apple Information Disclosure Google Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11261 MEDIUM PATCH This Month

UI spoofing in Google Chrome's PDF implementation prior to version 149.0.7827.53 can be triggered by a remote attacker who has already compromised the renderer process, using a crafted HTML page to mislead users through false interface elements. The vulnerability is rated Low severity by the Chromium security team, with a CVSS score of 4.3, and carries a negligible exploitation probability (EPSS 0.05%, 15th percentile). No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog, making real-world exploitation highly unlikely outside of sophisticated, chained attack scenarios.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-7523 MEDIUM This Month

Authorization bypass in the Alba Board WordPress plugin (all versions through 2.1.3) exposes private project card data to unauthorized access. Despite the CVSS vector assigning PR:L (low privileges required), the vulnerability description explicitly reveals a more severe exploitation path: the AJAX handler is registered under the wp_ajax_nopriv_ hook, and the required nonce is broadcast to all site visitors via wp_localize_script on any page rendering the [alba_board] shortcode - enabling fully unauthenticated access to private alba_card records including titles, descriptions, assignees, due dates, tags, and comments. No public exploit has been identified at time of analysis and this CVE is not listed in the CISA KEV catalog, though the vulnerable code path is publicly browsable in the WordPress plugin repository.

Authentication Bypass WordPress
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11309 MEDIUM PATCH This Month

UI spoofing via Chrome's History component (versions prior to 149.0.7827.53) lets an unauthenticated remote attacker deceive users through a crafted HTML page, exploiting insufficient policy enforcement in History navigation handling. The attacker can manipulate browser UI elements perceived by the victim, creating phishing-class deception without any confidentiality or availability impact - consistent with Chromium's own 'Low' severity rating. No public exploit code exists and EPSS sits at 0.03% (11th percentile), indicating very low probability of in-the-wild exploitation at time of analysis.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11294 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Passwords component (all versions prior to 149.0.7827.53) allows a remote unauthenticated attacker to visually mislead users via a crafted HTML page, exploiting CWE-451 misrepresentation of critical UI information. The integrity-only impact (CVSS I:L, C:N, A:N) is consistent with a spoofed password prompt or save dialog that could trick users into revealing credentials or accepting malicious input. No public exploit code exists, EPSS is 0.03% (11th percentile), and CISA has not added this to KEV, making this a low operational priority despite being network-reachable.

Information Disclosure Google
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11285 MEDIUM PATCH This Month

UI spoofing in Google Chrome for iOS prior to version 149.0.7827.53 enables a remote unauthenticated attacker to misrepresent critical browser interface elements through a crafted HTML page, requiring only that the victim visit the malicious page. The vulnerability stems from an inappropriate implementation specific to the iOS platform build of Chrome (CWE-451), with impact limited to integrity - no confidentiality or availability loss. No public exploit identified at time of analysis; EPSS sits at 0.03% (11th percentile) and Chromium's own severity rating is Low, aligning with the constrained real-world impact.

Apple Information Disclosure Google Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11245 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Payments component prior to version 149.0.7827.53 enables a remote unauthenticated attacker to mislead users about payment interface elements via a crafted HTML page. The vulnerability stems from inappropriate implementation logic (CWE-451) that allows visual misrepresentation of critical payment-related UI, potentially facilitating phishing or payment fraud against end users who interact with a malicious page. No public exploit code has been identified at time of analysis, and Chromium's internal severity rating is Low, consistent with its limited integrity-only, user-interaction-dependent impact.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-48111 MEDIUM PATCH This Month

Off-by-one out-of-bounds read in 7-Zip's UEFI firmware image parser (versions 9.21-26.00) allows a network-adjacent attacker to trigger either a denial of service (application crash) or minor information disclosure of an adjacent static .rdata string literal into archive metadata, simply by convincing a user to open a crafted UEFI-containing archive. The vulnerability is reached automatically upon archive open with no special user action beyond opening the file, and affects default 7-Zip installations because the UEFI handler is enabled out-of-the-box. No public exploit code has been identified at time of analysis, no KEV listing exists, and the impact is bounded: there is no write primitive and no disclosure of heap data, secrets, or ASLR base addresses.

Denial Of Service Information Disclosure Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-48103 MEDIUM PATCH This Month

Off-by-one heap out-of-bounds read in 7-Zip's WIM archive handler (versions 9.34-26.00) allows a remote unauthenticated attacker to trigger denial of service - and potentially minor information disclosure - by delivering a crafted WIM file. The vulnerability is zero-click exploitable in the GUI: 7zFM.exe automatically calls GetRawProp(kpidNtSecure) for every listed item, triggering the OOB read without any additional user interaction beyond opening or navigating to the malicious archive. No public exploit code has been identified at time of analysis, and the vulnerability is not listed in the CISA KEV catalog.

Denial Of Service Information Disclosure Microsoft Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-48092 MEDIUM PATCH This Month

Heap memory disclosure in 7-Zip 9.34 through 26.00 (32-bit builds only) allows a remote unauthenticated attacker to leak arbitrary heap contents into attacker-controlled extracted files by supplying a crafted SquashFS archive. The root cause is a 32-bit integer overflow in the SquashFS ReadBlock function: because size_t is 32 bits on 32-bit builds, the addition of offsetInBlock and blockSize wraps modulo 2³², bypassing the fragment bounds check and directing memcpy to read heap memory preceding the intended cache buffer. No public exploit has been identified at time of analysis, and no CISA KEV listing exists. Version 26.01 patches the issue.

Information Disclosure Buffer Overflow Suse
NVD GitHub VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11300 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Permissions subsystem prior to version 149.0.7827.53 enables remote unauthenticated attackers to misrepresent the browser's permission interface by delivering a crafted HTML page to a victim. The flaw (CWE-451) results in low-integrity impact - the attacker can deceive a user into perceiving a false permissions state, potentially manipulating consent decisions. No public exploit code exists, EPSS is 0.03% (8th percentile), CISA SSVC rates exploitation as none, and Chromium's own severity assessment is Low, placing this firmly in the routine-patching tier rather than an urgent response priority.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11259 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Cast component exposes users to limited cross-origin integrity violations via a crafted HTML page, affecting all desktop Chrome versions prior to 149.0.7827.53. An unauthenticated remote attacker can circumvent the browser's fundamental cross-origin boundary by exploiting insufficient input validation in the Cast subsystem, achieving a low-severity integrity impact against a visiting user. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (6th percentile) combined with Chromium's own 'Low' severity rating indicate minimal real-world exploitation risk.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11252 MEDIUM PATCH This Month

Content Settings policy enforcement bypass in Google Chrome prior to 149.0.7827.53 enables remote attackers to circumvent discretionary access control by delivering a crafted HTML page to a victim who must interact with it. Rooted in CWE-284 (Improper Access Control), the flaw affects Chrome's Content Settings subsystem - which governs site-level permissions such as cookies, notifications, and script access - yielding a limited integrity impact with no confidentiality or availability consequences. No public exploit has been identified and the vulnerability is absent from CISA KEV; the vendor itself rates this as Low severity, consistent with the CVSS 4.3 base score.

Authentication Bypass Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11254 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Permissions implementation prior to version 149.0.7827.53 allows a remote, unauthenticated attacker to deceive users through manipulated browser permission dialogs via a crafted HTML page. Exploitation requires user interaction - a victim must visit a malicious page - and the real-world impact is limited to low-integrity outcomes such as misleading users into granting or denying permissions under false pretenses. No public exploit code exists and this vulnerability has not been added to the CISA KEV catalog at time of analysis.

Information Disclosure Google Red Hat Suse Chrome
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11253 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Permissions subsystem (prior to 149.0.7827.53) enables remote unauthenticated attackers to read data across origin boundaries via a crafted HTML page. The flaw, classified as a race condition (CWE-362) in the Permissions implementation, undermines the browser's Same-Origin Policy enforcement - a foundational web isolation mechanism. No public exploit identified at time of analysis; a vendor-released patch is available in version 149.0.7827.53, and Google has rated this Low severity in Chromium security terms.

Information Disclosure Google Race Condition Red Hat Suse +1
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11302 MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome for iOS (prior to 149.0.7827.53) allows remote unauthenticated attackers to bypass discretionary access controls via a crafted HTML page, resulting in limited integrity impact. User interaction is required, and exploitation probability is extremely low - EPSS sits at 0.02% (4th percentile). No public exploit identified at time of analysis, and Chromium's own security team rated this as 'Low' severity, consistent with the CVSS 4.3 score and SSVC's 'partial' technical impact assessment.

Apple Authentication Bypass Google Chrome Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11298 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome on iOS prior to 149.0.7827.53 allows a remote, unauthenticated attacker to violate cross-origin isolation by delivering a crafted HTML page to a victim. The flaw stems from an inappropriate implementation (CWE-346) in the iOS-specific Chrome codebase, meaning the iOS browser incorrectly validates origin boundaries in a way the desktop build does not. No active exploitation is confirmed (no CISA KEV listing), EPSS is 0.02% (4th percentile), and SSVC rates exploitation as none - placing this firmly in a routine patching priority rather than an emergency response.

Apple Authentication Bypass Google Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11292 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome's Blink rendering engine (versions prior to 149.0.7827.53) enables unauthenticated remote attackers to circumvent CSP directives by delivering a crafted HTML page that requires only a user visit to trigger. The impact is confined to low-severity integrity violations (CVSS I:L) with no confidentiality or availability consequences, consistent with Chromium's own Low severity rating. No public exploit has been identified at time of analysis, and an EPSS score of 0.02% (4th percentile) reflects negligible near-term exploitation probability.

Authentication Bypass Google
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11291 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Android Autofill implementation allows remote unauthenticated attackers to perform limited cross-origin integrity violations by delivering a crafted HTML page to a victim user. Affected are all Chrome for Android versions prior to 149.0.7827.53. Impact is constrained to integrity (I:L) with no confidentiality or availability consequence, consistent with Chromium's own 'Low' severity rating. No public exploit code exists and no active exploitation has been confirmed; EPSS exploitation probability sits at 0.02% (4th percentile), making this a low operational priority despite being network-reachable.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11277 MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome for iOS (prior to 149.0.7827.53) enables remote attackers to bypass discretionary access controls by directing a victim to a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) confirms the attack is network-reachable, requires no authentication, and produces a limited integrity impact with no confidentiality or availability consequences. No public exploit has been identified at time of analysis, and the EPSS score of 0.02% (4th percentile) reflects very low exploitation probability; Chromium internally rated this Low severity.

Apple Authentication Bypass Google Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11274 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome's DOM Distiller component on iOS allows a remote attacker to circumvent page navigation controls by serving a specially crafted HTML page. Affected users are running Chrome on iOS prior to version 149.0.7827.53, and exploitation requires the victim to visit an attacker-controlled page. No public exploit identified at time of analysis and EPSS probability sits at 0.02% (4th percentile), consistent with the vendor's own 'Low' severity classification - real-world impact is limited to integrity degradation with no confidentiality or availability consequence.

Apple Authentication Bypass Google Red Hat
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11266 MEDIUM PATCH This Month

SafeBrowsing protection mechanism bypass in Google Chrome prior to version 149.0.7827.53 allows remote unauthenticated attackers to deliver malicious files that evade Chrome's built-in phishing and malware detection layer. The bypass is triggered through user interaction - such as visiting a crafted page or downloading a manipulated file - without requiring any special privileges or configuration. No public exploit has been identified and EPSS is 0.02% (4th percentile), indicating low current exploitation probability; however, successful exploitation silently removes a critical user-facing protection layer, enabling downstream malware delivery.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11264 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to version 149.0.7827.53 enables remote attackers to circumvent CSP protections via a crafted HTML page, with the victim's browser failing to enforce declared content restrictions. The vulnerability requires user interaction (UI:R) and produces limited integrity impact (I:L) only - no confidentiality or availability loss. EPSS at 0.02% (4th percentile) and no CISA KEV listing indicate negligible current exploitation activity; Chromium has internally rated this Low severity, aligning with the constrained impact scope.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11257 MEDIUM PATCH This Month

Navigation restriction bypass in Google Chrome prior to 149.0.7827.53 allows a remote unauthenticated attacker to circumvent browser-enforced navigation controls by delivering a crafted HTML page to a victim. The flaw is classified by Google as an inappropriate implementation in the browser component, carrying a CVSS 4.3 (Medium) with limited integrity impact and no confidentiality or availability consequence. No public exploit has been identified at time of analysis, EPSS exploitation probability stands at 0.02% (4th percentile), and Google's internal Chromium severity rating is Low - consistent signals pointing to a low-urgency, routine-patch item outside of specialized deployment contexts.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11260 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to 149.0.7827.53 stems from an inappropriate implementation in the browser's Permissions subsystem, enabling a remote attacker to circumvent CSP restrictions through a crafted HTML page. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N) confirms the impact is limited to a partial integrity violation - no confidentiality or availability consequences are indicated. No public exploit identified at time of analysis; EPSS at 0.01% (2nd percentile) and Chromium's own 'Low' severity rating together indicate very low near-term exploitation likelihood.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-11267 MEDIUM PATCH This Month

Content Security Policy bypass in Google Chrome prior to 149.0.7827.53 allows a remote attacker who convinces a victim to install a crafted malicious extension to circumvent CSP protections on web pages, enabling unauthorized content injection. The flaw stems from insufficient policy enforcement in Chrome's Extensions subsystem (CWE-602), rated Low severity by the Chromium security team with a CVSS base score of 4.3. No public exploit code exists and no active exploitation has been confirmed; EPSS is 0.01% (1st percentile), reflecting minimal real-world exploitation pressure at time of analysis.

Authentication Bypass Google Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-48104 MEDIUM PATCH This Month

Uninitialized heap read in 7-Zip's SquashFS archive handler (versions 9.18 through 26.00) can crash the application and leak raw heap memory contents when a user opens a specially crafted archive. The flaw originates in the `_blockToNode` array, which is allocated but never zero-initialized; an attacker-controlled `blockIndex` derived from the RootInode superblock field drives a binary search over uninitialized slots, producing a chained out-of-bounds read with no write primitive. No public exploit has been identified at time of analysis, and the description explicitly characterizes exploitation as heap-layout-dependent and not reliably triggerable, which is consistent with the CVSS AC:H rating and limits practical risk despite the network-deliverable attack surface.

Denial Of Service Information Disclosure Suse
NVD GitHub VulDB
CVSS 3.1
4.2
EPSS
0.0%
CVE-2026-47670 CRITICAL POC PATCH GHSA Act Now

Authenticated remote code execution in DbGate (all versions through 7.1.8) allows any user with valid credentials to execute arbitrary OS commands as the process owner - root in Docker - by injecting newline-delimited JavaScript into the unsanitized `functionName` parameter of the `/runners/load-reader` API endpoint. A prior partial mitigation (`require = null`) introduced in commit cf3f95c (June 2025) is trivially bypassed using the dynamic `import()` language keyword, which cannot be nullified at runtime. Publicly available exploit code exists demonstrating full root-level command execution; this vulnerability is not listed in CISA KEV at time of analysis.

Python Privilege Escalation Command Injection RCE Docker
NVD GitHub
EPSS
0.3%
CVE-2026-11247 LOW PATCH Monitor

Cross-origin data leakage in Google Chrome's CustomTabs component on Android exposes sensitive information to remote attackers via a crafted HTML page. Affected versions are all Chrome for Android releases prior to 149.0.7827.53, where insufficient policy enforcement in the CustomTabs API fails to uphold cross-origin isolation guarantees. No public exploit identified at time of analysis and no confirmed active exploitation (CISA KEV not listed); the EPSS score of 0.03% (11th percentile) and a CVSS score of 3.1 (Low) together indicate low real-world exploitation likelihood.

Information Disclosure Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11244 LOW PATCH Monitor

Same-origin policy bypass in Google Chrome's WebAuthentication component affects all Chrome versions prior to 149.0.7827.53, exploitable only by a remote attacker who has already compromised the renderer process. Insufficient input validation in the WebAuthn subsystem allows crafted HTML pages to circumvent same-origin restrictions, resulting in limited confidentiality disclosure (C:L). Chromium's own severity classification is Low, consistent with the CVSS 3.1 score of 3.1, and no public exploit or CISA KEV listing has been identified at time of analysis. The mandatory prerequisite of renderer process compromise significantly constrains the realistic attacker population to sophisticated, multi-stage threat actors.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-48102 LOW PATCH Monitor

Heap out-of-bounds read in 7-Zip versions 9.11 through 26.00 exposes up to 3 bytes of heap memory during UDF disc image parsing, triggering when a user opens or extracts a crafted .iso or .udf file. Impact is constrained to a 1-bit information-disclosure oracle per out-of-bounds byte (inferred from open/fail behavior) and potential denial of service under hardened allocators; no write primitive exists. No public exploit code or CISA KEV listing has been identified at time of analysis, and the CVSS Low score of 3.1 accurately reflects the limited real-world severity.

Denial Of Service Information Disclosure Oracle Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11240 LOW PATCH Monitor

Site isolation bypass in Google Chrome's Loader component (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to escape Chrome's cross-site data boundary via a crafted HTML page. The vulnerability stems from insufficient validation of untrusted input in the Loader, enabling a post-exploitation primitive that leaks limited confidentiality data across site boundaries. With a CVSS score of 3.1 (Low), EPSS at 0.02% (6th percentile), no CISA KEV listing, and Chromium's own classification as Low severity, this represents a low-urgency chained-exploit stepping stone rather than a standalone critical threat; no public exploit identified at time of analysis.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-11251 LOW PATCH Monitor

Insufficient policy enforcement in Google Chrome's Password Manager (versions prior to 149.0.7827.53) allows a remote attacker who has already compromised the renderer process to bypass discretionary access control via a crafted HTML page, resulting in limited confidentiality exposure. This is a chained vulnerability: exploitation is contingent on a prior renderer process compromise, which substantially elevates attack complexity and limits realistic blast radius. No public exploit code exists and this CVE is not listed in the CISA KEV catalog. Google has rated this Low severity and released a fix in Chrome 149.0.7827.53.

Authentication Bypass Google Chrome
NVD
CVSS 3.1
3.1
EPSS
0.0%
Prev Page 5 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy