Content Security Policy bypass in Google Chrome's Extensions subsystem prior to version 150.0.7871.47 allows an attacker who socially engineers a victim into installing a crafted malicious extension to circumvent CSP protections, yielding limited integrity impact. CVSS UI:R and EPSS at 0.12% (2nd percentile) confirm this is a low-probability, user-interaction-dependent attack with no confidentiality or availability consequence. No KEV listing, no known POC, and Google's own 'Low' severity rating collectively position this as a low operational priority despite broad product prevalence.
PostgreSQL Anonymizer's anon.hash() function exposes its internal salt to masked database users through an offline brute-force attack, undermining the core pseudonymization guarantee of the extension. Masked roles - the primary consumer of this extension - can call anon.hash() with arbitrary seed inputs and accumulate (seed, hash_output) pairs to deduce the salt offline, after which all pseudonymized values in the database become reversible. No active exploitation or public proof-of-concept has been identified; a vendor-confirmed fix is available in version 3.1.2.
Cross-origin data leakage in Google Chrome prior to 150.0.7871.47 enables an on-path network adversary to bypass Chrome's privacy policy enforcement and observe data belonging to a different origin via crafted malicious network traffic. The flaw is classified as CWE-693 (Protection Mechanism Failure), indicating Chrome's privacy isolation layer fails to correctly enforce cross-origin restrictions under certain network conditions. EPSS sits at 0.11% (2nd percentile), no public exploit code is known, and the vulnerability has not been added to CISA KEV; Chromium itself rates this Low severity.
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)
Cross-site request forgery in Plugin for Google Analytics by IO Technologies (WordPress) versions up to and including 1.1 allows unauthenticated remote attackers to overwrite the site's Google Analytics tracking ID by tricking a logged-in administrator into clicking a crafted link. The flaw stems from absent nonce validation on the ga.php settings handler, meaning forged POST requests bypass WordPress's standard CSRF protections entirely. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis, and the CVSS score of 4.3 reflects the required administrator interaction and limited integrity-only impact.
{server_uuid}/domains endpoint silently drops team-scope enforcement when the optional uuid query parameter is supplied, producing a classic IDOR (CWE-639) condition where a user-controlled key bypasses authorization. No active exploitation is confirmed (not in CISA KEV) and no public exploit code has been identified, but the low attack complexity and single authentication prerequisite make the flaw trivially exploitable by any tenant in a multi-tenant Coolify deployment.
UI spoofing in Google Chrome's iOSWeb component on iOS allows remote attackers to misrepresent interface elements to users running versions prior to 150.0.7871.47. The vulnerability, rooted in an inappropriate implementation (CWE-451), is triggered when a user performs specific UI gestures on a crafted HTML page, enabling spoofing of security-critical browser interface elements such as the address bar or permission dialogs. No public exploit or active exploitation (CISA KEV) has been identified at time of analysis; the high attack complexity and mandatory user interaction meaningfully constrain real-world risk.
UI spoofing via Chrome's Autofill component affects all desktop installations prior to version 150.0.7871.47, enabling a remote attacker to misrepresent interface elements through a crafted HTML page. Exploitation requires both navigating to an attacker-controlled page and performing specific UI gestures, reflected in CVSS AC:H and UI:R - passive browsing is insufficient. No public exploit code has been identified and the vulnerability is not listed in CISA KEV; the CVSS 4.2 Medium score reflects limited integrity and availability impact with no confidentiality loss.
UI spoofing in Google Chrome on macOS prior to version 150.0.7871.47 allows a remote attacker to misrepresent browser UI elements by convincing a user to perform specific UI gestures on a crafted HTML page. Rooted in CWE-451 (UI Misrepresentation of Critical Information), the flaw can cause security-sensitive browser chrome - such as origin indicators or permission prompts - to display falsified content, potentially deceiving users into unsafe actions. No public exploit code exists and this vulnerability is not listed in CISA KEV; the vendor has released a patch in the Chrome 150 stable channel.
UI spoofing in Google Chrome's Media UI component on ChromeOS allows a remote attacker to manipulate what a user sees by delivering a crafted HTML page and social-engineering the victim into performing specific in-browser UI gestures. Affected versions are all Chrome on ChromeOS prior to 150.0.7871.47. While classified Medium severity (CVSS 4.2), the practical risk is constrained by the requirement for active user interaction and the ChromeOS-only scope; no public exploit code or CISA KEV listing has been identified at time of analysis.
UI spoofing in Google Chrome prior to 150.0.7871.47 allows a remote attacker to visually deceive users by misrepresenting browser UI elements through a crafted HTML page that requires the victim to perform specific interaction gestures. The flaw originates in an inappropriate implementation within Chrome's UI layer (CWE-451), enabling misrepresentation of critical information that could mislead users into unintended actions or false security assumptions. No public exploit code has been identified and the vulnerability is absent from CISA KEV; Google has released a fix in Chrome 150.0.7871.47.
UI spoofing in Google Chrome's PageInfo component (all versions prior to 150.0.7871.47) enables remote attackers to misrepresent the browser's security indicators through a crafted HTML page that induces specific user UI gestures. The flaw (CWE-451) causes the PageInfo panel - the panel users consult to evaluate site trustworthiness - to render incorrect security UI, potentially deceiving victims into trusting malicious or unverified origins. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog; exploitation requires high attack complexity and deliberate user interaction, keeping real-world risk moderate despite the ubiquitous deployment footprint of Chrome.
UI spoofing in Google Chrome's Autofill component on Windows (all versions prior to 150.0.7871.47) allows a remote unauthenticated attacker to mislead users into interacting with forged security UI elements by convincing them to perform specific on-page gestures against a crafted HTML page. Rooted in CWE-451 (UI Misrepresentation of Critical Information), the flaw enables an adversary to obscure or fabricate Autofill security indicators, potentially tricking users into submitting saved credentials or personal data to attacker-controlled destinations. No public exploit or CISA KEV listing has been confirmed; Google has released a fix in stable channel version 150.0.7871.47.
UI spoofing via crafted HTML in Google Chrome's Geometry component (versions prior to 150.0.7871.47) enables remote attackers to misrepresent security-critical interface elements to users who are socially engineered into performing specific UI gestures. The flaw stems from an inappropriate implementation in Chrome's Geometry subsystem (CWE-451), affecting the integrity and availability of the browser interface at low impact levels. No public exploit or active exploitation has been identified; Google has released a confirmed patch in version 150.0.7871.47.
UI spoofing in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to manipulate browser interface elements via a crafted HTML page, provided the attacker can lure the victim into performing specific UI gestures. The root cause is insufficient validation of untrusted HTML input (CWE-20) within Chrome's iOS-specific rendering layer, resulting in low-integrity and low-availability impact. No public exploit code has been identified at time of analysis, and this vulnerability has not been added to the CISA KEV catalog; Chromium's own severity classification is Low.
UI spoofing in Google Chrome's TabStrip component prior to version 150.0.7871.47 allows a remote attacker to misrepresent tab or page identity through a crafted HTML page, contingent on convincing the victim to perform specific UI gestures. The CVSS vector (AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L) places real-world risk in the lower tier: high attack complexity, mandatory user interaction, and no confidentiality impact combine to limit practical exploitation. No public exploit code exists and CISA has not added this to the KEV catalog, consistent with Google's own Low severity classification.
UI spoofing in Google Chrome's WebAppInstalls component on Windows (versions prior to 150.0.7871.47) enables a remote attacker to misrepresent the browser interface by luring a user into performing specific UI interaction gestures on a crafted HTML page. The flaw is Windows-platform-specific and rooted in an inappropriate implementation of the Progressive Web App installation UI flow. Google rates this Low severity; no public exploit identified at time of analysis, and EPSS data is not present in the provided intelligence, but the CVSS 4.2 score and required high-complexity user interaction significantly limit real-world risk.
UI spoofing in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to misrepresent security indicators to users who are socially engineered into performing specific UI gestures on a crafted HTML page. The root cause is incorrect rendering of security UI elements (CWE-451), classified by the Chromium team as Low severity. No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog, aligning with the modest CVSS 4.2 score and the high-complexity attack requirements.
UI spoofing in Google Chrome for Android (prior to 150.0.7871.47) via the PreviewTab feature allows remote attackers to misrepresent interface elements through a crafted HTML page. Successful exploitation requires high attack complexity - specifically, the attacker must convince a victim to perform particular UI gestures - limiting this to targeted rather than opportunistic attacks. No active exploitation or public proof-of-concept has been identified; the Chromium security team rates this as Low severity, consistent with its constrained CVSS 4.2 score.
Omnibox (URL bar) spoofing in Google Chrome on Linux prior to 150.0.7871.47 is possible through an inappropriate SplitView implementation, allowing remote attackers to display false URLs to victims who are tricked into performing specific UI gestures on a crafted HTML page. This CWE-451 class flaw undermines browser trust indicators and enables phishing scenarios, though exploitation is constrained by high attack complexity and mandatory user interaction. No public exploit code or active exploitation has been identified; a vendor patch is available in the stable channel release.
UI spoofing via incorrect security rendering in Chrome's SplitView component allows a remote attacker to misrepresent security-critical UI elements to a victim running any Chrome version prior to 150.0.7871.47. The attacker must serve a crafted HTML page and successfully induce the victim into performing specific UI gestures, after which SplitView renders misleading security indicators - enabling phishing-class deception within a trusted browser context. No public exploit code exists and no active exploitation has been confirmed; the Chromium team itself rated this Low severity, consistent with the CVSS 4.2 score and high attack complexity.
UI spoofing via the File Input security indicator in Google Chrome on macOS allows a remote attacker to misrepresent security-critical interface elements when a user visits a crafted HTML page and performs specific UI gestures. Affected are all Chrome for Mac builds prior to 150.0.7871.47. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV; combined with the high attack complexity and required user interaction, real-world exploitation at scale is unlikely without a targeted social engineering component.
UI spoofing in the Extensions component of Google Chrome on Android (prior to 150.0.7871.47) allows a remote attacker to misrepresent security UI elements by luring a victim into performing specific UI gestures on a crafted HTML page. The root cause (CWE-451) is incorrect rendering of security-critical extension UI, potentially misleading users about which extensions are active or what permissions they hold. No public exploit identified at time of analysis; the vendor has released a patch in the stable channel update.
Domain spoofing in Google Chrome's WebAppInstalls component (versions prior to 150.0.7871.47) allows remote attackers to misrepresent the security origin displayed to a user, enabling phishing or social engineering attacks. Exploitation requires convincing the victim to perform specific UI gestures while visiting a crafted HTML page, placing this in a moderate-complexity social engineering category. No public exploit code has been identified at time of analysis, and the vendor has released a patch in Chrome 150.0.7871.47.
Omnibox (URL bar) spoofing in Google Chrome for iOS prior to 150.0.7871.47 enables a remote attacker to display falsified URL content to a victim user via a crafted HTML page. Exploitation requires convincing the target to perform specific UI gestures while visiting the malicious page, making this a phishing-enabler rather than a direct code-execution primitive. No public exploit code and no active exploitation (CISA KEV) have been identified at time of analysis; Google has released a fix in the 150.0.7871.47 stable channel update.
UI spoofing via race condition in Google Chrome's History Embeddings component (versions prior to 150.0.7871.47) enables remote attackers to present falsified browser interface elements to users through a crafted HTML page. The flaw requires both high attack complexity - a precisely timed race window - and victim interaction, yielding only limited confidentiality and integrity impact with no code execution capability. No public exploit or active exploitation has been identified; EPSS at 0.14% (4th percentile) and SSVC exploitation status of 'none' confirm extremely low real-world exploitation probability at time of analysis.
Incorrect security UI in Google Chrome's Extensions subsystem prior to version 150.0.7871.47 enables Universal Cross-Site Scripting (UXSS), allowing script or HTML injection across web origins via a crafted HTML page. Exploitation requires that the victim user be socially engineered into installing a malicious extension, after which a crafted page triggers the CWE-79 flaw in the Extensions UI. No public exploit exists at time of analysis, EPSS sits at the 4th percentile, and CISA has not listed this in KEV, consistent with the SSVC exploitation:none assessment.
UI spoofing in Google Chrome's Views component (versions prior to 150.0.7871.47) allows a remote attacker to misrepresent security-critical browser interface elements through a crafted HTML page. Exploitation requires convincing a target user to perform specific UI gestures, making the attack conditional on social engineering. No public exploit has been identified and this vulnerability is not listed in the CISA KEV catalog; Google has released a patch as part of the stable channel update.
Race condition exploitation in Google Chrome for iOS (prior to 150.0.7871.47) exposes potentially sensitive data from process memory to a local attacker with physical device access. The flaw is rooted in improper synchronization (CWE-362) and requires high attack complexity to successfully win the timing window. No public exploit has been identified and the vulnerability is not listed in CISA KEV; the vendor has released a patching fix in the 150.0.7871.47 stable channel update.
Information disclosure in IBM InfoSphere Information Server versions 11.7.0.0 through 11.7.1.6 allows remote attackers to obtain sensitive information over the network without authentication (CVSS 3.1 vector AV:N/PR:N, base 7.5). The flaw exposes confidential data (C:H) while leaving integrity and availability untouched, and there is no public exploit identified at time of analysis. EPSS is low (0.15%, 5th percentile) and CISA SSVC rates exploitation as none, indicating this is a real but not urgently exploited issue.
Heap buffer overflow in the Ruby JSON gem's streaming generator (versions 2.9.0-2.19.8) enables reliable process crash via attacker-controlled serialized data. When applications invoke `JSON.dump(obj, io)` or `JSON::State#generate(obj, io)` to stream JSON to an IO object, the C-level generator can write past its internal buffer if the serialized object contains a string near 16 KB in size. Impact is confined to denial of service - reliable process termination - with no evidence of confidentiality or integrity impact. No public exploit code and no CISA KEV listing are identified at time of analysis; the CVSS score of 3.7 (Low) appropriately reflects the constrained attack conditions.
UI spoofing in Google Chrome's Video Capture component on ChromeOS allows a local attacker to deceive users by rendering misleading interface elements through a specially crafted HTML page. Versions prior to 150.0.7871.47 on ChromeOS are affected. No public exploit code exists and no active exploitation is confirmed - EPSS is 0.13% (3rd percentile) and SSVC rates exploitation as none - making this a low operational priority despite the low-complexity attack conditions.
UI spoofing in Google Chrome's CustomTabs component on Android enables a local attacker to manipulate what a victim sees within an in-app browser session by supplying a malicious file, affecting all Chrome for Android versions prior to 150.0.7871.47. The CVSS score of 3.3 (Low) and EPSS of 0.13% (3rd percentile) reflect constrained real-world impact: exploitation is local, requires user interaction, and produces only integrity-level spoofing. No active exploitation has been confirmed - this vulnerability is not listed in CISA KEV, and SSVC assessment indicates exploitation status of none.
UI spoofing in Google Chrome's Passwords component (versions prior to 150.0.7871.47) allows an attacker who has already achieved renderer process compromise to manipulate security-critical password UI elements via a crafted HTML page. This is a chained exploitation scenario - not a standalone initial-access vector - as the attacker must first compromise the renderer through a separate vulnerability before leveraging this flaw. EPSS at 0.21% (11th percentile) and no CISA KEV listing confirm no observed exploitation at scale; Chromium's internal classification is Medium severity.
Cross-origin data leakage in Google Chrome's DevTools component (versions prior to 150.0.7871.47) permits a remote attacker to exfiltrate data across origin boundaries by tricking a user into performing specific UI gestures on a crafted HTML page. The CVSS base score of 3.1 (Low) reflects high attack complexity and mandatory user interaction, consistent with the EPSS score of 0.21% (11th percentile) indicating negligible in-the-wild exploitation activity. No public exploit code is identified and no CISA KEV listing exists; a vendor patch is available in Chrome 150.0.7871.47.
Cross-origin data leakage in Google Chrome's DataTransfer implementation on macOS exposes sensitive content from one origin to an attacker-controlled page by exploiting improper boundary enforcement during user-driven UI gestures such as drag-and-drop. Versions prior to 150.0.7871.47 on Mac are affected; the flaw is platform-specific to macOS, limiting scope. No public exploit has been identified and SSVC assessment confirms no current exploitation, though successful abuse would silently exfiltrate cross-origin data without triggering typical security warnings.
UI spoofing in Google Chrome's WebShare implementation on Android allows a remote attacker who has already compromised the renderer process to deceive users via a malicious HTML page. Affected versions are all Chrome for Android releases prior to 150.0.7871.47. The exploitation path is severely constrained by the requirement for a pre-existing renderer compromise, yielding a CVSS base score of only 3.1 (Low); no public exploit code exists and SSVC assessment confirms no active exploitation at time of analysis.
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)
Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)
Race condition in Zephyr RTOS Bluetooth Classic RFCOMM host stack (v4.4.0 and earlier) permanently wedges session state and exhausts the fixed bt_rfcomm_pool when a peer-transmitted DISC frame for dlci 0 collides with a simultaneous local-initiated teardown. The underlying L2CAP channel is never released and the session slot is never reclaimed, eventually denying RFCOMM service to the targeted peer across repeated occurrences. No public exploit identified at time of analysis; the CVSS 3.1 score of 3.1 (Low) with AV:A/AC:H accurately reflects both the Bluetooth adjacency prerequisite and the high-complexity timing race required.
Path traversal in Vibe-Trading's swarm run directory handler allows low-privileged network attackers to read and overwrite arbitrary run.json files on the host filesystem. All releases before 0.1.10 are affected via the MCP swarm tools interface, where a crafted run identifier is passed to the run_dir function in agent/src/swarm/store.py without sanitization, enabling directory escape. No public exploit is identified at time of analysis and the vulnerability is not in the CISA KEV catalog; a vendor-released patch is available as v0.1.10.
CPython's tarfile.extract() silently bypasses the 'filter' parameter when processing hardlinks within tar archives, writing files with attacker-controlled uid/gid values despite the caller specifying filter='data' for security. Systems that extract content from untrusted tar archives while relying on this filter mechanism for ownership hardening are left with unexpected file ownership on extracted hardlinks. No active exploitation has been confirmed (not in CISA KEV) and no public proof-of-concept is available at time of analysis; the CVSS 4.0 score of 2.0 reflects the narrow, low-impact nature of the flaw.
Certificate timestamp validation bypass in sigstore-java 2.0.0 allows an attacker who has already exfiltrated an ephemeral Sigstore signing key to reuse an expired Fulcio certificate, causing bundle verification to succeed when it should fail. PR #1008 erroneously removed the check that bounds a Rekor V1 log entry's `integratedTime` against the Fulcio certificate's validity window, a regression only present in the 2.0.0 release and fixed in 2.1.0. No public exploit identified at time of analysis beyond the vendor-provided proof-of-concept test bundle in sigstore-conformance; CVSS base score of 2.0 reflects the extremely narrow, high-privilege, local-only attack conditions required.
Memory exhaustion denial of service in ImageMagick before 7.1.2-13 allows a local attacker with write access to the OpenCL cache directory to crash the application by placing malformed XML files that trigger an unpatched memory leak in LoadOpenCLDeviceBenchmark(). The root cause is CWE-401: memory allocated during XML parsing of unclosed device elements is never freed, enabling a resource exhaustion attack. No public exploit code has been identified and exploitation has not been confirmed by CISA KEV; however, a patch commit and upstream advisory are available.
Insufficient data exists to characterize CVE-2026-57964 meaningfully. The only confirmed signal is a vendor attribution to Ubuntu (Canonical), with no description, CVSS score, vector, or CWE provided. No exploitation status, affected component, or impact can be determined from the available intelligence. Security teams should monitor the Ubuntu Security Notices (USN) portal and the NVD entry for this CVE as data becomes available.
Insufficient data exists to characterize CVE-2026-44605 meaningfully. The only available intelligence signal is a vendor attribution to Ubuntu, with no description, CVSS vector, CWE classification, or reference URLs provided. The CVE ID year (2026) places this beyond the analyst's knowledge cutoff of August 2025, meaning no corroborating open-source intelligence can be applied. No exploitation status, affected version range, or impact class can be stated with any confidence.
Insufficient data exists to characterize CVE-2026-13606. The sole intelligence signal is a vendor report attributed to Ubuntu, indicating this vulnerability affects a package or component within the Ubuntu ecosystem. No description, CVSS score, vector, CWE classification, or additional references are available - a complete technical characterization is not possible from the provided data.