Microsoft CVEs

CVE-2026-58644 Microsoft SharePoint Remote Code Execution Vulnerability
Published on: 2026-07-15 07:00:00
Link: View Details
Corrected the Exploitability Index, Exploited flag and CVSS vector which was incorrect at the time of publication on 7/14/2026. This is an informational change only.

CVE-2026-56182 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-15 07:00:00
Link: View Details
Updated acknowledgment. This is an informational change only.

CVE-2026-50375 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-15 07:00:00
Link: View Details
Updated acknowledgment. This is an informational change only.

CVE-2026-50341 Windows NTFS Information Disclosure Vulnerability
Published on: 2026-07-15 07:00:00
Link: View Details
Updated acknowledgment. This is an informational change only.

CVE-2026-45637 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Published on: 2026-07-15 07:00:00
Link: View Details
Updated acknowledgment. This is an informational change only.

CVE-2026-56288 NULL Pointer Dereference in GNU patch
Published on: 2026-07-15 01:40:21
Link: View Details
Information published.

CVE-2026-58207 NATS Server: Remote crash via integer overflow in Connz pagination
Published on: 2026-07-15 01:40:45
Link: View Details
Information published.

CVE-2026-58251 NATS Server: Queue Subscribe Authz Bypass
Published on: 2026-07-15 01:40:53
Link: View Details
Information published.

CVE-2026-58208 NATS Server: MQTT-over-WebSocket Path Can Crash WebSocket-Only JetStream Servers Before MQTT Is Enabled
Published on: 2026-07-15 01:41:00
Link: View Details
Information published.

CVE-2026-58252 NATS Server: Subscribe Authz Bypass via Wildcard-Overlap
Published on: 2026-07-15 01:41:15
Link: View Details
Information published.

CVE-2026-58209 NATS Server: MQTT retained and QoS replay bypass subscribe deny filters
Published on: 2026-07-15 01:41:23
Link: View Details
Information published.

CVE-2026-58253 NATS Server: Route API Auth Bypass
Published on: 2026-07-15 01:41:30
Link: View Details
Information published.

CVE-2026-57432 Perl versions through 5.43.10 have an integer overflow in S_measure_struct leading to an out-of-bounds heap read in pack and unpack
Published on: 2026-07-15 01:01:20
Link: View Details
Information published.

CVE-2026-39822 Root escape via symlink plus trailing slash in os
Published on: 2026-07-15 01:01:36
Link: View Details
Information published.

CVE-2026-42505 Invoking Encrypted Client Hello privacy leak in crypto/tls
Published on: 2026-07-15 01:01:45
Link: View Details
Information published.

CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header
Published on: 2026-07-15 01:02:01
Link: View Details
Information published.

CVE-2026-57219 RabbitMQ: Unauthenticated disclosure of OAuth client credentials via an HTTP API endpoint with certain less common OAuth 2 configurations
Published on: 2026-07-15 01:02:14
Link: View Details
Information published.

CVE-2026-56289 Loop with Unreachable Exit Condition in GNU patch
Published on: 2026-07-15 01:40:12
Link: View Details
Information published.

CVE-2026-58250 NATS Server: Pre-auth server crash via double INFO in leafnode handshake
Published on: 2026-07-15 01:41:08
Link: View Details
Information published.

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations
Published on: 2026-07-15 01:03:21
Link: View Details
Information published.

CVE-2026-13221 Perl versions through 5.43.9 produce silently incorrect regular expression matches when an alternation of more than 65535 fixed string branches is compiled into a trie in Perl_study_chunk
Published on: 2026-07-15 01:01:27
Link: View Details
Information published.

CVE-2026-59875 node-tar: Uncaught Exception DoS via NUL byte in PAX path/linkpath records
Published on: 2026-07-15 01:01:52
Link: View Details
Information published.

CVE-2026-59831 GitHub CLI `gh codespace jupyter` could allow remote code execution when connecting to a malicious Codespace
Published on: 2026-07-15 01:02:07
Link: View Details
Information published.

CVE-2026-57220 RabbitMQ: Stream listener does not enforce configured frame-size limit during authentication, permitting unauth'd mem-exhaust DoS
Published on: 2026-07-15 01:02:20
Link: View Details
Information published.

CVE-2026-57217 RabbitMQ: Topic authorization can lead to cross-tenant routing-key bypass
Published on: 2026-07-15 01:02:26
Link: View Details
Information published.

CVE-2026-57213 RabbitMQ: Stored XSS federation management plugin via unsanitized consumer_tag rendering
Published on: 2026-07-15 01:02:32
Link: View Details
Information published.

CVE-2026-57216 RabbitMQ: AMQP 1.0, AMQP 0-9-1, Stream Protocol loopback enforcement can lead to remote guest sessions due to listener-address loopback checks
Published on: 2026-07-15 01:02:45
Link: View Details
Information published.

CVE-2026-57211 RabbitMQ: UNC SSRF affecting the management UI on Windows
Published on: 2026-07-15 01:03:10
Link: View Details
Information published.

CVE-2026-57215 RabbitMQ: Direct-reply-to binding persistence can lead to unauthorized reply-channel injection and persistent phantom
Published on: 2026-07-15 01:03:16
Link: View Details
Information published.

CVE-2025-44904 hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.
Published on: 2026-07-15 01:39:09
Link: View Details
Information published.

CVE-2026-44839 RabbitMQ: Unsanitized vhost names allow for XSS in management UI
Published on: 2026-07-15 01:39:24
Link: View Details
Information published.

CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
Published on: 2026-07-15 01:39:37
Link: View Details
Information published.

CVE-2026-48561 Microsoft Copilot Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to execute code over a network.

CVE-2026-42982 Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper validation of consistency within input in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

CVE-2026-47296 Microsoft SQL Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges locally.

CVE-2026-34349 Windows Media Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Media allows an authorized attacker to disclose information locally.

CVE-2026-34346 Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Cleartext transmission of sensitive information in Windows Ancillary Function Driver for WinSock allows an authorized attacker to disclose information locally.

CVE-2026-42900 Microsoft Windows App Store Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows App Store allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-42975 Windows Bluetooth Port Driver Remote Code Execution
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Bluetooth Port Driver allows an unauthorized attacker to execute code over an adjacent network.

CVE-2026-47300 ASP.NET Core Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Incorrect implementation of authentication algorithm in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

CVE-2026-47302 .NET Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

CVE-2026-47303 ASP.NET Core Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Authentication bypass by assumed-immutable data in ASP.NET Core allows an authorized attacker to elevate privileges over a network.

CVE-2026-42990 SQL Server ODBC driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in SQL Server ODBC driver allows an unauthorized attacker to execute code over a network.

CVE-2026-48572 Windows App Package Installer Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows App Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-48571 Windows App Package Installer Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows App Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-49162 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-49164 Windows Active Directory Domain Services Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Active Directory Domain Services allows an unauthorized attacker to execute code over a network.

CVE-2026-49165 Microsoft Windows App Store Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Microsoft Windows App Store allows an authorized attacker to disclose information locally.

CVE-2026-49166 Windows Print Configuration Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Printer Drivers allows an authorized attacker to elevate privileges locally.

CVE-2026-49167 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-49168 Storage Spaces Direct Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-49169 Windows DNS Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in DNS Server allows an authorized attacker to execute code over a network.

CVE-2026-49170 Windows StateRepository API Server file Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficient granularity of access control in Windows StateRepository API allows an authorized attacker to elevate privileges locally.

CVE-2026-49171 Windows Speech Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally.

CVE-2026-49176 Windows WalletService Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper privilege management in Windows WalletService allows an authorized attacker to elevate privileges locally.

CVE-2026-49175 Windows DNS Client Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DNS allows an authorized attacker to elevate privileges locally.

CVE-2026-49172 Windows FTP Service Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows FTP Service allows an unauthorized attacker to execute code over a network.

CVE-2026-49173 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-49174 DNS Client Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authentication for critical function in Microsoft Windows DNS allows an authorized attacker to perform tampering locally.

CVE-2026-49177 Windows TCP/IP Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows TCP/IP allows an authorized attacker to disclose information locally.

CVE-2026-49784 Microsoft Windows App Store Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally.

CVE-2026-50506 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2026-47282 GitHub Copilot and Visual Studio Code Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficiently protected credentials in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to disclose information over a network.

CVE-2026-45496 Visual Studio Code Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

CVE-2026-50663 Game: Age of Empires II: Definitive Edition Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Relative path traversal in Age of Empires II: Definitive Edition Game allows an unauthorized attacker to execute code over a network.

CVE-2026-54983 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

CVE-2026-50695 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.

CVE-2026-54129 Windows Hyper-V Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2026-54989 Quality Windows Audio/Video Experience (QWAVE) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Quality Windows Audio/Video Experience (QWAVE) service allows an authorized attacker to elevate privileges locally.

CVE-2026-54987 Windows Overlay Filter Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Overlay Filter allows an authorized attacker to elevate privileges locally.

CVE-2026-50696 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

CVE-2026-54990 Remote Desktop Client Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

CVE-2026-50697 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-55000 Windows USB Print Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows USB Print Driver allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-54111 Universal Print Management Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-54991 Windows USB Print Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-54132 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Kernel allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-54107 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-54986 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-54993 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally.

CVE-2026-55001 Active Directory Domain Services Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper certificate validation in Windows Active Directory allows an authorized attacker to elevate privileges locally.

CVE-2026-54112 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-55004 Windows Print Configuration Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Double free in Microsoft Printer Drivers allows an authorized attacker to elevate privileges locally.

CVE-2026-54992 Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Message Queuing Queue Manager allows an unauthorized attacker to execute code locally.

CVE-2026-54109 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.

CVE-2026-54982 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Reliable Multicast Transport Driver (RMCAST) allows an unauthorized attacker to execute code over an adjacent network.

CVE-2026-54114 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-54996 Windows USB Print Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-54119 Windows Active Directory Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Loop with unreachable exit condition ('infinite loop') in Windows Active Directory allows an unauthorized attacker to deny service over a network.

CVE-2026-54997 Windows SMB Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows SMB allows an authorized attacker to disclose information locally.

CVE-2026-54999 Windows TCP/IP Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over an adjacent network.

CVE-2026-55003 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-54995 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Reliable Multicast Transport Driver (RMCAST) allows an unauthorized attacker to execute code over a network.

CVE-2026-54122 Windows GDI+ Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally.

CVE-2026-55005 Microsoft Exchange Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Exchange Server allows an authorized attacker to execute code over a network.

CVE-2026-55006 Microsoft Exchange Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficient granularity of access control in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally.

CVE-2026-55009 Microsoft Exchange Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in Microsoft Exchange Server allows an authorized attacker to elevate privileges locally.

CVE-2026-50338 Azure Spring Apps Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authentication in Azure Spring Apps allows an authorized attacker to elevate privileges over a network.

CVE-2026-55011 Microsoft Defender Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Microsoft Defender allows an unauthorized attacker to execute code locally.

CVE-2026-55012 Microsoft Defender Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Microsoft Defender allows an unauthorized attacker to execute code locally.

CVE-2026-50524 .NET Framework Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper validation of specified type of input in .NET Framework allows an unauthorized attacker to deny service over a network.

CVE-2026-54117 Microsoft SQL Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.

CVE-2026-54118 Microsoft SQL Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in SQL Server allows an authorized attacker to execute code over a network.

CVE-2026-55002 Microsoft SQL Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
External control of file name or path in SQL Server allows an authorized attacker to elevate privileges locally.

CVE-2026-55144 Windows Cryptography API: Next Generation (CNG) Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing cryptographic step in Windows CryptoAPI allows an authorized attacker to perform tampering locally.

CVE-2026-50520 Visual Studio Code Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Visual Studio Code allows an unauthorized attacker to execute code locally.

CVE-2026-54108 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
External control of file name or path in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-50675 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-50678 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-54988 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-55899 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55948 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-56155 Active Directory Federation Services Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.

CVE-2026-56164 Microsoft SharePoint Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-56169 Windows Admin Center Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

CVE-2026-56170 ASP.NET Core Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2026-50694 Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Secure Socket Tunneling Protocol (SSTP) allows an unauthorized attacker to execute code over a network.

CVE-2026-54127 Windows Hyper-V Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Hyper-V allows an unauthorized attacker to elevate privileges locally.

CVE-2026-56193 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-56185 Windows Admin Center Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authentication in Windows Admin Center allows an authorized attacker to disclose information over a network.

CVE-2026-57097 Microsoft XML Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted search path in Microsoft XML allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2026-57107 Windows Admin Center Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authentication in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVE-2026-57969 Azure CycleCloud Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authentication for critical function in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

CVE-2026-57976 Windows Active Directory Domain Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-57979 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-55014 Windows Remote Help Defense Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Remote Help Defense allows an authorized attacker to elevate privileges locally.

CVE-2026-58279 Azure CycleCloud Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authorization in Azure CycleCloud allows an authorized attacker to elevate privileges over a network.

CVE-2026-58526 Windows Storage Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Storage allows an authorized attacker to elevate privileges locally.

CVE-2026-58595 Microsoft Bing App for IOS Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper restriction of rendered ui layers or frames in Microsoft Bing App for IOS allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-50522 Microsoft SharePoint Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.

CVE-2026-58601 Virtual Hard Disk (VHD) Miniport Driver Elevation of Privilege Vulernability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Virtual Hard Disk (VHD) Miniport Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-58602 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel Mode Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-58608 Windows Print Spooler Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Print Spooler Components allows an authorized attacker to execute code over a network.

CVE-2026-58609 Windows Graphics Component Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to execute code locally.

CVE-2026-58610 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally.

CVE-2026-58614 Windows Kernel Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Kernel allows an authorized attacker to bypass a security feature locally.

CVE-2026-47301 Configuration Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Microsoft Configuration Manager allows an authorized attacker to elevate privileges over a network.

CVE-2026-58618 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-58631 Windows Admin Center (WAC) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authorization in Windows Admin Center allows an authorized attacker to execute code locally.

CVE-2026-58635 Windows Narrator Braille Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.

CVE-2026-58636 Microsoft PC Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in Window PC Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-58640 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-58644 Microsoft SharePoint Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
The Patch for this issue was released but the CVE was inadvertently left out of the Patch Tuesday June 2026 release

CVE-2026-58647 Microsoft PowerBI Report Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Power BI allows an authorized attacker to perform spoofing over a network.

CVE-2026-50652 Azure Active Directory Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in Azure Active Directory allows an unauthorized attacker to deny service over a network.

CVE-2026-50653 Azure Active Directory Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Loop with unreachable exit condition ('infinite loop') in Azure Active Directory allows an unauthorized attacker to deny service over a network.

CVE-2026-33842 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-34328 Windows Audio Service Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Audio Service allows an authorized attacker to disclose information locally.

CVE-2026-40422 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-41087 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-40400 Windows PowerShell Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Relative path traversal in Windows PowerShell allows an authorized attacker to execute code over a network.

CVE-2026-34348 Windows Event Logging Service Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Protection mechanism failure in Windows Event Logging Service allows an authorized attacker to disclose information over a network.

CVE-2026-44806 Windows Secure Channel Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.

CVE-2026-40378 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Memory allocation with excessive size value in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

CVE-2026-47304 .NET Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper verification of cryptographic signature in .NET allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-44800 Windows Push Notifications Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-47632 Azure Monitor Agent Metrics Extension Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper certificate validation in Azure Monitor Agent allows an unauthorized attacker to elevate privileges over an adjacent network.

CVE-2026-48564 DHCP Server Service Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DHCP Server allows an authorized attacker to execute code over a network.

CVE-2026-48581 Surface Broker SDMA Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficient granularity of access control in Microsoft Surface allows an authorized attacker to elevate privileges locally.

CVE-2026-45646 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.

CVE-2026-49178 Windows Active Directory Domain Services Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network.

CVE-2026-49180 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

CVE-2026-49181 Windows DHCP Client Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Windows DHCP Client allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-49184 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-49183 Windows Clipboard Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Clipboard Server allows an authorized attacker to elevate privileges locally.

CVE-2026-49783 Secure Boot Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improperly implemented security check for standard in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVE-2026-49787 HTTP.sys Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

CVE-2026-49788 HTTP/2 Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in HTTP/2 allows an unauthorized attacker to deny service over a network.

CVE-2026-49789 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-49790 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-49791 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

CVE-2026-49792 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.

CVE-2026-49793 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.

CVE-2026-49794 Windows USB Audio Class Driver Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

CVE-2026-49796 Windows GDI+ Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code locally.

CVE-2026-49795 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-49797 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-49798 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

CVE-2026-50299 Windows Storage Spaces Direct Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Storage Spaces Direct allows an unauthorized attacker to execute code with a physical attack.

CVE-2026-49800 Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Web Proxy Auto-Discovery Protocol (WPAD) allows an authorized attacker to elevate privileges locally.

CVE-2026-49799 Windows Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.

CVE-2026-50308 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50311 Windows Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Server allows an authorized attacker to elevate privileges locally.

CVE-2026-49804 Windows USB Video Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows USB Video Driver allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-50294 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive system information to an unauthorized control sphere in Windows Kernel allows an unauthorized attacker to disclose information locally.

CVE-2026-50333 Windows Spaceport.sys Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authentication for critical function in Windows Spaceport.sys allows an authorized attacker to elevate privileges locally.

CVE-2026-49801 Windows SMB Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows SMB allows an authorized attacker to disclose information locally.

CVE-2026-49802 Windows USB Print Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-49806 Windows USB Print Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-49805 Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-49803 Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50323 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50318 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.

CVE-2026-50351 Windows Audio Compression Manager (ACM) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Audio Compression Manager (ACM) allows an authorized attacker to elevate privileges locally.

CVE-2026-49807 Windows DirectX Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows DirectX allows an unauthorized attacker to disclose information locally.

CVE-2026-50342 Windows MIDI Service Module Elevation of Privileges Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows MIDI Service Module allows an authorized attacker to elevate privileges locally.

CVE-2026-50298 Windows Spaceport.sys Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Spaceport.sys allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-49808 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50293 Windows Internal Task Bar Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Internal Task Bar allows an authorized attacker to elevate privileges locally.

CVE-2026-50316 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-50354 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50296 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Graphics Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50297 Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-50325 Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-50356 Microsoft Windows App Store Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Windows App Store allows an authorized attacker to elevate privileges locally.

CVE-2026-50384 Windows Clip Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Clip Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50295 Windows Zero Trust DNS Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper privilege management in Microsoft Windows DNS allows an authorized attacker to bypass a security feature locally.

CVE-2026-50350 Windows Trusted Runtime Interface Driver Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.

CVE-2026-50381 Composite Image File System driver (cimfs.sys) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Composite Image File System Driver allows an authorized attacker to disclose information locally.

CVE-2026-50300 Windows DWM Core Library Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-50303 Windows Key Guard Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of a cryptographic primitive with a risky implementation in Windows Key Guard allows an authorized attacker to bypass a security feature locally.

CVE-2026-50364 Windows Backup Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in Windows Server Backup allows an authorized attacker to elevate privileges locally.

CVE-2026-50302 Windows Cryptographic Services Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper certificate validation in Windows Cryptographic Services allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-50332 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50372 Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows Redirected Drive Buffering allows an authorized attacker to elevate privileges locally.

CVE-2026-50305 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-50329 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50363 Windows Push Notifications Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

CVE-2026-50392 Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

CVE-2026-50304 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.

CVE-2026-50328 Windows Server Update Service (WSUS) Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Uncaught exception in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

CVE-2026-50306 Windows TCP/IP Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

CVE-2026-50360 Windows SMB Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Incorrect implementation of authentication algorithm in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-50393 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

CVE-2026-50412 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-50337 Windows Notification Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Incorrect type conversion or cast in Windows Notification allows an authorized attacker to elevate privileges locally.

CVE-2026-50386 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50400 Windows App Package Installer Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows App Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-50309 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-50419 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-50368 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.

CVE-2026-50307 Windows TCP/IP Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

CVE-2026-50326 Windows Unified Consent System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Unified Consent System allows an authorized attacker to elevate privileges locally.

CVE-2026-50313 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50440 Windows Audio Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Audio Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50380 Windows GDI+ Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

CVE-2026-50327 Windows Media Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Media allows an authorized attacker to execute code locally.

CVE-2026-50341 Windows NTFS Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows NTFS allows an authorized attacker to disclose information locally.

CVE-2026-50407 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.

CVE-2026-50331 Windows Application Model Core API Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Application Model allows an authorized attacker to elevate privileges locally.

CVE-2026-50343 Microsoft Install Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper privilege management in Microsoft Install Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50396 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

CVE-2026-50370 DHCP Server Service Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over an adjacent network.

CVE-2026-50347 Windows Data.dll Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Data dll allows an unauthorized attacker to execute code locally.

CVE-2026-50321 Windows USB Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-50425 Windows Internal System User Profile Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Internal System User Profile allows an authorized attacker to elevate privileges locally.

CVE-2026-50315 Windows Image Acquisition Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-50434 Windows Push Notification Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.

CVE-2026-50339 Windows Push Notification Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.

CVE-2026-50430 Windows Push Notification Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Push Notifications allows an authorized attacker to disclose information locally.

CVE-2026-50310 Windows Human Interface Device Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Devices Human Interface allows an authorized attacker to disclose information locally.

CVE-2026-50324 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

CVE-2026-50312 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-50330 Windows Remote Desktop Client Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-50357 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Numeric truncation error in Windows Resilient File System (ReFS) allows an authorized attacker to execute code locally.

CVE-2026-50377 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50390 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50452 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-50348 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-50345 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50322 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50335 Windows Operating Systems Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Operating Systems allows an authorized attacker to elevate privileges locally.

CVE-2026-50375 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DirectX allows an authorized attacker to elevate privileges locally.

CVE-2026-50361 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-50317 Windows Operating Systems Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Operating Systems allows an authorized attacker to elevate privileges locally.

CVE-2026-50340 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges over a network.

CVE-2026-50404 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2026-50366 Windows Active Directory Domain Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-50416 Win32k Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an authorized attacker to disclose information locally.

CVE-2026-50358 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2026-50355 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Active Directory Federation Services allows an unauthorized attacker to deny service over a network.

CVE-2026-50428 Windows Container Isolation FS Filter Driver (unionfs.sys) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Container Isolation FS Filter Driver (unionfs.sys) allows an authorized attacker to disclose information locally.

CVE-2026-50373 Windows Search Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

CVE-2026-50353 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

CVE-2026-50388 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50410 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50449 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50371 Windows LUA File Virtualization Filter Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows LUAFV allows an authorized attacker to elevate privileges locally.

CVE-2026-50336 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2026-50398 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges over a network.

CVE-2026-50414 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges over a network.

CVE-2026-50379 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges over a network.

CVE-2026-50463 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Kernel allows an unauthorized attacker to disclose information over a network.

CVE-2026-50460 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-50403 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50433 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2026-50391 Windows Group Policy Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper privilege management in Windows Group Policy allows an authorized attacker to elevate privileges locally.

CVE-2026-50418 Windows System Secure Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows System allows an unauthorized attacker to bypass a security feature locally.

CVE-2026-50423 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50378 Windows Key Guard Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Key Guard allows an authorized attacker to elevate privileges locally.

CVE-2026-50401 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to disclose information locally.

CVE-2026-50346 Netlogon RPC Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authorization in RPC Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50376 Windows Remote Desktop Client Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-50397 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50405 Windows Filtering Platform Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficient granularity of access control in Windows Filtering Platform (WFP) allows an authorized attacker to elevate privileges locally.

CVE-2026-50448 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50387 Windows GDI Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally.

CVE-2026-50334 Windows Push Notification Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Notification allows an authorized attacker to disclose information locally.

CVE-2026-50445 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-50344 Windows OLE Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authorization in Windows OLE allows an authorized attacker to elevate privileges locally.

CVE-2026-50352 Windows Cryptographic Services Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally.

CVE-2026-50382 DirectX Graphics Kernel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Windows DirectX allows an authorized attacker to execute code locally.

CVE-2026-50436 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50437 Windows DWM Core Library Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.

CVE-2026-50471 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50369 Windows Remote Desktop Services Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges over a network.

CVE-2026-50469 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in Windows Projected File System allows an authorized attacker to elevate privileges locally.

CVE-2026-50454 Windows User Interface Core Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Relative path traversal in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

CVE-2026-50365 Remote Access Management service/API (RPC server) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authentication in Windows RPC API allows an unauthorized attacker to elevate privileges over an adjacent network.

CVE-2026-50426 Windows DNS Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Relative path traversal in DNS Server allows an authorized attacker to execute code over an adjacent network.

CVE-2026-50385 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50413 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50427 Content Delivery Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Content Delivery Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-50422 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-50421 Windows Connected User Experiences and Telemetry Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Windows Connected User Experiences and Telemetry allows an authorized attacker to elevate privileges locally.

CVE-2026-50374 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges with a physical attack.

CVE-2026-50367 Windows Sensor Data Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Incorrect access of indexable resource ('range error') in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50383 Windows Print Spooler Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows Print Spooler Components allows an authorized attacker to disclose information locally.

CVE-2026-50451 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authentication for critical function in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

CVE-2026-50455 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally.

CVE-2026-50466 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-50402 NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Incorrect conversion between numeric types in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-50435 Windows Overlay Filter Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows Overlay Filter allows an authorized attacker to elevate privileges locally.

CVE-2026-50409 Windows Overlay Filter Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Overlay Filter allows an authorized attacker to disclose information locally.

CVE-2026-50441 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Windows Resilient File System (ReFS) allows an authorized attacker to elevate privileges locally.

CVE-2026-50465 Windows DNS Client Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally.

CVE-2026-50439 Microsoft Message Queuing Queue Manager Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Message Queuing Queue Manager allows an unauthorized attacker to execute code over a network.

CVE-2026-50462 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
External control of file name or path in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-50457 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50473 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-50442 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-50389 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-50456 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.

CVE-2026-50432 Window Virtual Filtering Platform (VFP) Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Virtual Filtering Platform (VFP) allows an authorized attacker to deny service over a network.

CVE-2026-50399 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50461 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

CVE-2026-50431 Windows Quality of Service (QoS) Packet Scheduler Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-50453 Windows USB Audio Class Driver Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

CVE-2026-50417 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-50447 Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over a network.

CVE-2026-50438 Microsoft PC Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-50420 HTTP.sys Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to disclose information locally.

CVE-2026-50362 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code locally.

CVE-2026-50474 Remote Desktop Client Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

CVE-2026-50411 Windows Active Directory Federation Services Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

CVE-2026-50444 Windows Server Update Service (WSUS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authentication for critical function in Windows Server Update Service allows an authorized attacker to elevate privileges over a network.

CVE-2026-50394 Windows Media Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Media allows an authorized attacker to disclose information locally.

CVE-2026-50415 Windows Media Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Media allows an unauthorized attacker to disclose information over a network.

CVE-2026-50458 Microsoft Brokering File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally.

CVE-2026-50475 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows Kernel allows an authorized attacker to disclose information locally.

CVE-2026-50476 Windows Network Connections Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Windows allows an authorized attacker to elevate privileges locally.

CVE-2026-50429 Windows Kernel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Kernel allows an unauthorized attacker to disclose information over a network.

CVE-2026-50450 Windows Network Connections Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50424 Windows Domain Controller Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Windows Domain Controller allows an unauthorized attacker to deny service over a network.

CVE-2026-50406 Windows Backup Engine Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Backup Engine allows an authorized attacker to elevate privileges locally.

CVE-2026-50470 Windows Network Policy Server SNMP Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network.

CVE-2026-50459 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

CVE-2026-50477 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50478 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50479 Windows USB Hub Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Windows USB Hub Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-50480 Windows Web Proxy Auto-Discovery Protocol (WPAD) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Web Proxy Auto-Discovery Protocol (WPAD) allows an authorized attacker to elevate privileges locally.

CVE-2026-50482 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-50495 DNS Client Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Microsoft Windows DNS allows an authorized attacker to perform tampering locally.

CVE-2026-50483 Windows Graphics Component Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Microsoft Graphics Component allows an authorized attacker to disclose information locally.

CVE-2026-50484 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50493 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Graphics Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50502 Windows Event Logging Service Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Insufficient granularity of access control in Windows Event Logging Service allows an authorized attacker to execute code over a network.

CVE-2026-50485 Windows Hyper-V Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.

CVE-2026-50486 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50487 Windows DNS Client Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Windows DNS allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-50488 Clipboard User Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Windows Clipboard User Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50500 Windows Netlogon Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Netlogon allows an authorized attacker to elevate privileges over a network.

CVE-2026-50499 Windows Print Spooler Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.

CVE-2026-50489 Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-50494 Windows NTFS Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

CVE-2026-50490 Windows Installer Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-50498 Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-50505 Windows Message Queuing Service (MSMQ) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Message Queuing allows an authorized attacker to execute code over a network.

CVE-2026-50491 Code Integrity DLL (ci.dll) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Code Integrity DLL (ci.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-50492 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code with a physical attack.

CVE-2026-50501 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code locally.

CVE-2026-50503 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50497 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Off-by-one error in Windows Remote Desktop Protocol allows an unauthorized attacker to disclose information over a network.

CVE-2026-50496 Windows Network Policy Server SNMP Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Network Policy Server SNMP allows an unauthorized attacker to disclose information over a network.

CVE-2026-50504 Windows Remote Desktop Client Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

CVE-2026-47295 Microsoft SQL Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.

CVE-2026-50509 Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in Windows Wireless Wide Area Network Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50510 GitHub Copilot Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper restriction of names for files and other resources in Github Copilot allows an unauthorized attacker to execute code locally.

CVE-2026-50518 Windows DHCP Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network.

CVE-2026-50525 .NET Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

CVE-2026-50526 .NET Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper link resolution before file access ('link following') in .NET allows an authorized attacker to perform tampering locally.

CVE-2026-50527 .NET Framework Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in .NET Framework allows an unauthorized attacker to deny service over a network.

CVE-2026-50528 .NET Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Incorrect authorization in .NET allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-50646 .NET Framework Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Protection mechanism failure in .NET Framework allows an unauthorized attacker to execute code locally.

CVE-2026-50647 Active Directory Federation Server Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Loop with unreachable exit condition ('infinite loop') in Active Directory Federation Services (AD FS) allows an unauthorized attacker to deny service over a network.

CVE-2026-50648 .NET Framework Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in .NET Framework allows an unauthorized attacker to deny service over a network.

CVE-2026-50649 .NET Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in .NET allows an unauthorized attacker to execute code locally.

CVE-2026-50650 .NET Framework Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper control of generation of code ('code injection') in .NET Framework allows an unauthorized attacker to elevate privileges locally.

CVE-2026-50651 .NET Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

CVE-2026-50655 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

CVE-2026-50657 Microsoft Defender for Endpoint for Mac Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of private personal information to an unauthorized actor in Microsoft Defender allows an authorized attacker to disclose information locally.

CVE-2026-50658 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Time-of-check time-of-use (toctou) race condition in Microsoft Defender allows an authorized attacker to elevate privileges locally.

CVE-2026-50659 .NET Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper encoding or escaping of output in .NET allows an authorized attacker to perform spoofing over a network.

CVE-2026-50661 Windows BitLocker Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2026-50666 Windows Remote Access Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges over a network.

CVE-2026-50667 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-50668 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to elevate privileges with a physical attack.

CVE-2026-50669 Windows Telephony Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

CVE-2026-50670 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50672 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-50673 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-50674 Windows USB Print Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-50676 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2026-50677 Windows Media Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Media allows an authorized attacker to elevate privileges locally.

CVE-2026-54115 Windows Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Active Directory allows an authorized attacker to elevate privileges locally.

CVE-2026-50684 Active Directory Federation Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Active Directory Federation Services (AD FS) allows an authorized attacker to perform spoofing over a network.

CVE-2026-50679 Windows Search Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Search Component allows an authorized attacker to elevate privileges locally.

CVE-2026-50688 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50680 Windows Hyper-V Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

CVE-2026-50681 Windows Secure Channel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Cryptographic Services allows an authorized attacker to disclose information locally.

CVE-2026-54121 Active Directory Certificate Services Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authorization in Active Directory Certificate Services (AD CS) allows an authorized attacker to elevate privileges over a network.

CVE-2026-50682 Active Directory Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Active Directory allows an authorized attacker to deny service over a network.

CVE-2026-50685 Windows DHCP Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Double free in Windows DHCP Server allows an authorized attacker to execute code over a network.

CVE-2026-50683 Windows DHCP Client Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DHCP Server allows an authorized attacker to elevate privileges over an adjacent network.

CVE-2026-50687 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-50686 Windows OLE Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Windows OLE allows an unauthorized attacker to execute code over a network.

CVE-2026-50689 Windows Clipboard Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Clipboard Server allows an authorized attacker to elevate privileges locally.

CVE-2026-54125 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-50690 Windows SMB Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows SMB allows an authorized attacker to disclose information locally.

CVE-2026-50692 Desktop Window Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-54128 Windows DHCP Client Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows DHCP Client allows an unauthorized attacker to execute code locally.

CVE-2026-54126 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-55010 Minecraft Bedrock Dedicated Server Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Minecraft Bedrock Dedicated Server allows an unauthorized attacker to execute code over a network.

CVE-2026-47290 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-47642 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-48580 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-50301 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-50314 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-50467 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55017 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55016 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55024 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-50408 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-55019 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55018 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55046 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-55020 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55021 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55022 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55023 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55025 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55030 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55125 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55031 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55026 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55048 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55034 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55027 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55029 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55028 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55047 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55039 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer underflow (wrap or wraparound) in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55045 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55050 Microsoft Word Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVE-2026-55049 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55032 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55033 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55041 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55138 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-55124 Microsoft Word Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper validation of specified type of input in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVE-2026-55127 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55136 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55141 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55129 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55035 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55036 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55044 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55055 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55054 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVE-2026-55037 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55058 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55038 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55132 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Double free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55137 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55053 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55122 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-55057 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55131 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55126 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-55051 Microsoft SharePoint Server Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Server-side request forgery (ssrf) in Microsoft Office SharePoint allows an authorized attacker to disclose information over a network.

CVE-2026-55134 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55056 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55040 Microsoft SharePoint Server Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-55142 Microsoft Word Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Numeric truncation error in Microsoft Office Word allows an unauthorized attacker to disclose information locally.

CVE-2026-55140 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally.

CVE-2026-55128 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55130 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to execute code locally.

CVE-2026-55042 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55139 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-55043 Microsoft PowerPoint Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-55133 Microsoft OneNote Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office OneNote allows an unauthorized attacker to execute code locally.

CVE-2026-55123 Microsoft PowerPoint Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-55120 Microsoft PowerPoint Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally.

CVE-2026-55052 Microsoft SharePoint Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.

CVE-2026-55135 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-50468 Microsoft SQL Server Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in SQL Server allows an authorized attacker to disclose information over a network.

CVE-2026-54116 Microsoft SQL Server Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in SQL Server allows an authorized attacker to disclose information over a network.

CVE-2026-55145 Outlook Copilot Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Outlook Copilot allows an authorized attacker to perform tampering over a network.

CVE-2026-54131 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55898 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.

CVE-2026-55944 Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Deserialization of untrusted data in Microsoft Dynamics NAV allows an unauthorized attacker to execute code over a network.

CVE-2026-55947 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-55949 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-56156 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.

CVE-2026-56157 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Microsoft Office SharePoint allows an authorized attacker to perform spoofing over a network.

CVE-2026-41109 GitHub Copilot and Visual Studio Code Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements in output used by a downstream component ('injection') in GitHub Copilot and Visual Studio allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-56159 DHCP Server Service Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network.

CVE-2026-50359 Microsoft XML Core Services Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft XML Core Services allows an authorized attacker to elevate privileges locally.

CVE-2026-56168 Windows SMB Server Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Information published.

CVE-2026-56173 Windows WebView Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows WebView allows an authorized attacker to elevate privileges locally.

CVE-2026-56176 Windows Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

CVE-2026-56175 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-56182 Windows NTFS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows NTFS allows an authorized attacker to elevate privileges locally.

CVE-2026-56183 Windows MIDI Service Module Elevation of Privileges Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows MIDI Service Module allows an authorized attacker to elevate privileges locally.

CVE-2026-56190 Remote Desktop Protocol Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to execute code over a network.

CVE-2026-56184 Win32k Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an authorized attacker to disclose information locally.

CVE-2026-56187 Windows MIDI Service Module Elevation of Privileges Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows MIDI Service Module allows an authorized attacker to elevate privileges locally.

CVE-2026-56186 Windows Secure Channel Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Schannel allows an authorized attacker to disclose information over a network.

CVE-2026-56188 Windows Server Network driver Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Server Network driver allows an unauthorized attacker to execute code over a network.

CVE-2026-56189 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code locally.

CVE-2026-50665 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-56192 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-56195 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-56196 Windows Admin Center (WAC) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Relative path traversal in Windows Admin Center allows an authorized attacker to execute code over a network.

CVE-2026-56197 Windows Admin Center (WAC) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Windows Admin Center allows an authorized attacker to execute code over a network.

CVE-2026-56178 Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Time-of-check time-of-use (toctou) race condition in Microsoft Defender for Endpoint allows an authorized attacker to elevate privileges locally.

CVE-2026-56642 Microsoft Fabric Data Warehouse Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Microsoft Fabric Data Warehouse allows an authorized attacker to execute code over a network.

CVE-2026-56643 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-56644 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-54124 Windows Terminal Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code locally.

CVE-2026-56194 Windows NFS Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Network File System allows an authorized attacker to elevate privileges over a network.

CVE-2026-56647 Windows Remote Access Service Infrastructure Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Remote Access Service Infrastructure allows an authorized attacker to elevate privileges over a network.

CVE-2026-56648 Windows NFS Server Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Time-of-check time-of-use (toctou) race condition in Windows Network File System allows an authorized attacker to elevate privileges over a network.

CVE-2026-56649 Windows Network File System Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Network File System allows an unauthorized attacker to execute code over a network.

CVE-2026-57083 Windows Media Photo Codec Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Microsoft Windows Codecs Library allows an unauthorized attacker to disclose information locally.

CVE-2026-57084 Windows File Explorer Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows File Explorer allows an unauthorized attacker to disclose information locally.

CVE-2026-56650 Windows Network File System Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Network File System allows an authorized attacker to elevate privileges locally.

CVE-2026-57095 Win32k Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Windows Win32K allows an unauthorized attacker to elevate privileges locally.

CVE-2026-57090 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network.

CVE-2026-57094 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network.

CVE-2026-57091 Windows File History Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Stack-based buffer overflow in Windows File History Service allows an authorized attacker to elevate privileges locally.

CVE-2026-57089 Windows SMB Server Network Transport Driver (srvnet.sys) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows SMB Server Network Transport Driver (srvnet.sys) allows an unauthorized attacker to execute code over a network.

CVE-2026-57085 Windows Print Spooler Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows Print Spooler Components allows an authorized attacker to disclose information locally.

CVE-2026-57092 Microsoft Windows VMSwitch Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows VMSwitch allows an authorized attacker to elevate privileges over a network.

CVE-2026-57087 Microsoft Windows Media Foundation Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Windows Media Foundation allows an unauthorized attacker to execute code over a network.

CVE-2026-57088 Extensible Storage Engine (ESENT) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Extensible Storage Engine (ESENT) allows an authorized attacker to elevate privileges locally.

CVE-2026-57093 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

CVE-2026-57096 Windows Routing and Remote Access Service (RRAS) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

CVE-2026-57101 Visual Studio Code Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally.

CVE-2026-57102 Visual Studio Code Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-57108 .NET Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in .NET Core allows an unauthorized attacker to deny service over a network.

CVE-2026-57968 Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

CVE-2026-57973 Windows Subsystem for Linux (WSL2) Kernel Tampering Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Time-of-check time-of-use (toctou) race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally.

CVE-2026-57982 Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an authorized attacker to disclose information over a network.

CVE-2026-58277 Microsoft SharePoint Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authorization in Microsoft Office SharePoint allows an authorized attacker to elevate privileges over a network.

CVE-2026-58527 Windows Runtime Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Runtime allows an authorized attacker to elevate privileges locally.

CVE-2026-58528 Windows USB Audio Class Driver Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

CVE-2026-58530 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an unauthorized attacker to execute code locally.

CVE-2026-58538 Windows Bluetooth Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

CVE-2026-58533 Windows Remote Desktop Client Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-58535 Windows Remote Desktop Client Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-58546 Windows Remote Desktop Client Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use of uninitialized resource in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-58539 Windows Remote Desktop Client Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network.

CVE-2026-58540 Windows Installer Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper authorization in Windows Installer allows an authorized attacker to elevate privileges locally.

CVE-2026-58531 Windows SMB Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB allows an authorized attacker to elevate privileges over a network.

CVE-2026-58532 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally.

CVE-2026-58537 Microsoft NAT Helper Components (ipnathlp.dll) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Microsoft NAT Helper Components (ipnathlp.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-58534 Windows Input Method Editor (IME) Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.

CVE-2026-58536 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-58547 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Universal Plug and Play (upnp.dll) allows an authorized attacker to elevate privileges locally.

CVE-2026-58545 Windows Kernel Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Windows Kernel allows an authorized attacker to bypass a security feature locally.

CVE-2026-58544 Windows Management Services Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Management Services allows an authorized attacker to elevate privileges locally.

CVE-2026-58542 Windows Media Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code locally.

CVE-2026-58543 Universal Print Management Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows USB Print Driver allows an authorized attacker to elevate privileges with a physical attack.

CVE-2026-58541 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Windows DWM allows an authorized attacker to elevate privileges locally.

CVE-2026-58594 Remote Desktop Client Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Integer overflow or wraparound in Windows RDP allows an unauthorized attacker to execute code over a network.

CVE-2026-47305 Visual Studio Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Protection mechanism failure in Visual Studio allows an unauthorized attacker to execute code locally.

CVE-2026-58613 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

CVE-2026-58617 M365 Copilot for iOS Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper access control in Microsoft 365 Copilot for iOS allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-58619 Windows Sensor Data Service Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.

CVE-2026-58626 Windows Remote Desktop Services Remote Code Execution Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Remote Desktop Services allows an authorized attacker to execute code over a network.

CVE-2026-58627 Windows DHCP Server Denial of Service Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Uncontrolled resource consumption in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

CVE-2026-58628 Windows Wireless Network Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Wireless Networking allows an authorized attacker to elevate privileges locally.

CVE-2026-58629 DirectX Graphics Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.

CVE-2026-58632 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.

CVE-2026-58633 Desktop Window Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-58634 Desktop Window Manager Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

CVE-2026-58637 Windows Client-Side Caching Elevation of Privilege Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Use after free in Windows Client-Side Caching (CSC) Service allows an authorized attacker to elevate privileges locally.

CVE-2026-58638 Windows Boot Loader Security Feature Bypass Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Missing cryptographic step in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.

CVE-2026-56181 Windows Network Address Translation (NAT) Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Origin validation error in Windows Network Address Translation (NAT) allows an unauthorized attacker to perform spoofing over an adjacent network.

CVE-2026-55121 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Microsoft Office allows an unauthorized attacker to disclose information locally.

CVE-2026-58529 Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Out-of-bounds read in Active Directory Federation Services (AD FS) allows an authorized attacker to disclose information over a network.

CVE-2026-55008 Microsoft Exchange Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

ADV990001 Latest Servicing Stack Updates
Published on: 2026-07-14 07:00:00
Link: View Details
Advisory updated to announce new versions of Servicing Stack Updates are available. Please see the FAQ for details.

CVE-2026-42897 Microsoft Exchange Server Spoofing Vulnerability
Published on: 2026-07-14 07:00:00
Link: View Details
Updated FAQ information. This is an informational change only.

CVE-2026-12480 Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras
Published on: 2026-07-14 01:38:59
Link: View Details
Information published.

CVE-2026-40468 Heap buffer overflow in gawk
Published on: 2026-07-14 01:01:35
Link: View Details
Information published.

CVE-2026-14461 Out-of-bound read in mtr
Published on: 2026-07-14 01:39:17
Link: View Details
Information published.

CVE-2026-40553 Stack-based buffer overflow in gawk
Published on: 2026-07-14 01:01:22
Link: View Details
Information published.

CVE-2026-40469 Heap buffer overflow in gawk
Published on: 2026-07-14 01:01:29
Link: View Details
Information published.

CVE-2026-40467 Use after free in gawk
Published on: 2026-07-14 01:01:41
Link: View Details
Information published.

CVE-2025-71072 shmem: fix recovery on rename failures
Published on: 2026-07-13 01:44:37
Link: View Details
Information published.

CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
Published on: 2026-07-13 01:38:47
Link: View Details
Information published.

CVE-2025-38096 wifi: iwlwifi: don't warn when if there is a FW error
Published on: 2026-07-13 01:46:49
Link: View Details
Information published.

CVE-2026-45489 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-12 07:00:00
Link: View Details
CWE added. Informational change only.

CVE-2026-15308 Incremental HTMLParser feed() allows CPU-exhaustion DoS via repeated unterminated markup declarations
Published on: 2026-07-12 01:01:27
Link: View Details
Information published.

CVE-2026-59871 node-tar: Process crash via PAX numeric path type confusion
Published on: 2026-07-12 01:01:34
Link: View Details
Information published.

CVE-2026-59873 node-tar: Decompression/parse DoS via unlimited input
Published on: 2026-07-12 01:01:40
Link: View Details
Information published.

CVE-2026-59874 node-tar: Negative tar entry size causes infinite loop in archive replace
Published on: 2026-07-12 01:01:47
Link: View Details
Information published.

Chromium: CVE-2026-14428 Insufficient validation of untrusted input in Dawn
Published on: 2026-07-11 15:41:38
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13777 Insufficient validation of untrusted input in iOSWeb
Published on: 2026-07-11 15:39:58
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13778 Use after free in WebUSB
Published on: 2026-07-11 15:39:26
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14394 Use after free in V8
Published on: 2026-07-11 15:37:39
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14396 Out of bounds read in ANGLE
Published on: 2026-07-11 15:39:53
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14395 Out of bounds write in V8
Published on: 2026-07-11 15:37:40
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14397 Out of bounds write in ANGLE
Published on: 2026-07-11 15:39:54
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14398 Use after free in ANGLE
Published on: 2026-07-11 15:37:41
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14399 Uninitialized Use in Dawn
Published on: 2026-07-11 15:37:43
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14400 Out of bounds write in ANGLE
Published on: 2026-07-11 15:37:44
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14401 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-11 15:39:23
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14402 Uninitialized Use in ANGLE
Published on: 2026-07-11 15:37:45
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14403 Use after free in V8
Published on: 2026-07-11 15:37:47
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14405 Uninitialized Use in V8
Published on: 2026-07-11 15:37:50
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14404 Inappropriate implementation in PDFium
Published on: 2026-07-11 15:37:48
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14406 Out of bounds read in V8
Published on: 2026-07-11 15:37:51
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14410 Inappropriate implementation in Skia
Published on: 2026-07-11 15:37:56
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14407 Inappropriate implementation in V8
Published on: 2026-07-11 15:37:53
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14409 Inappropriate implementation in V8
Published on: 2026-07-11 15:37:55
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14412 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-11 15:37:59
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14408 Uninitialized Use in Dawn
Published on: 2026-07-11 15:37:54
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14411 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-11 15:37:57
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14413 Uninitialized Use in ANGLE
Published on: 2026-07-11 15:38:00
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14415 Inappropriate implementation in V8
Published on: 2026-07-11 15:38:03
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14418 Uninitialized Use in ANGLE
Published on: 2026-07-11 15:38:07
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14417 Use after free in Dawn
Published on: 2026-07-11 15:38:05
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14416 Out of bounds read in Dawn
Published on: 2026-07-11 15:38:04
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14419 Use after free in Skia
Published on: 2026-07-11 15:38:08
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14420 Out of bounds read and write in Dawn
Published on: 2026-07-11 15:38:09
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14421 Uninitialized Use in Dawn
Published on: 2026-07-11 15:39:25
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14422 Out of bounds read and write in Tint
Published on: 2026-07-11 15:39:55
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14423 Type Confusion in Tint
Published on: 2026-07-11 15:38:10
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14425 Use after free in ANGLE
Published on: 2026-07-11 15:38:12
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14426 Use after free in V8
Published on: 2026-07-11 15:38:13
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14427 Heap buffer overflow in Skia
Published on: 2026-07-11 15:38:14
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14424 Use after free in Dawn
Published on: 2026-07-11 15:39:57
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14429 Insufficient validation of untrusted input in Skia
Published on: 2026-07-11 15:38:16
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14430 Integer overflow in V8
Published on: 2026-07-11 15:38:17
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14432 Use after free in V8
Published on: 2026-07-11 15:38:19
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14431 Type Confusion in V8
Published on: 2026-07-11 15:38:18
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14414 Insufficient validation of untrusted input in Skia
Published on: 2026-07-11 15:38:02
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13785 Use after free in Bluetooth
Published on: 2026-07-11 15:39:28
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13788 Use after free in Fullscreen
Published on: 2026-07-11 15:40:49
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13791 Insufficient validation of untrusted input in Downloads
Published on: 2026-07-11 15:39:29
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13807 Use after free in Import
Published on: 2026-07-11 15:40:01
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13795 Insufficient policy enforcement in Chrome for iOS
Published on: 2026-07-11 15:39:59
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13792 Use after free in Touchbar
Published on: 2026-07-11 15:39:30
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13805 Use after free in GFX
Published on: 2026-07-11 15:39:31
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13808 Insufficient data validation in Chrome for iOS
Published on: 2026-07-11 15:40:02
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13812 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:05
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13809 Side-channel information leakage in Safe Browsing
Published on: 2026-07-11 15:40:03
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13813 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:06
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13816 Insufficient validation of untrusted input in File Input
Published on: 2026-07-11 15:40:50
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13822 Inappropriate implementation in Extensions
Published on: 2026-07-11 15:40:52
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13819 Out of bounds read in ANGLE
Published on: 2026-07-11 15:39:33
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13825 Uninitialized Use in Dawn
Published on: 2026-07-11 15:40:53
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13826 Inappropriate implementation in Autofill
Published on: 2026-07-11 15:40:54
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13827 Use after free in Updater
Published on: 2026-07-11 15:39:34
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13842 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:07
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13843 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:09
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13833 Uninitialized Use in ANGLE
Published on: 2026-07-11 15:39:35
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13846 Use after free in USB
Published on: 2026-07-11 15:39:37
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13847 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:10
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13850 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:11
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13851 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-11 15:40:56
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13856 Insufficient validation of untrusted input in Speech
Published on: 2026-07-11 15:40:58
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13852 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-11 15:40:57
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-13862
Published on: 2026-07-11 15:40:13
Link: View Details
CVE-2026-13862

Chromium: CVE-2026-13863 Insufficient validation of untrusted input in CustomTabs
Published on: 2026-07-11 15:41:00
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13866 Insufficient validation of untrusted input in Input
Published on: 2026-07-11 15:41:01
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13872 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-11 15:41:05
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13868 Inappropriate implementation in Network
Published on: 2026-07-11 15:41:02
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13870 Use after free in WebView
Published on: 2026-07-11 15:41:04
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13878 Use after free in Bluetooth
Published on: 2026-07-11 15:39:38
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13885 Use after free in Skia
Published on: 2026-07-11 15:41:06
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13880 Use after free in USB
Published on: 2026-07-11 15:39:39
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13889 Insufficient validation of untrusted input in WebAuthentication
Published on: 2026-07-11 15:40:14
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13892 Inappropriate implementation in Chrome for iOS
Published on: 2026-07-11 15:40:15
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13887 Insufficient policy enforcement in NFC
Published on: 2026-07-11 15:41:08
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13902 Inappropriate implementation in Chrome for iOS
Published on: 2026-07-11 15:40:16
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13904 Incorrect security UI in Safe Browsing
Published on: 2026-07-11 15:40:18
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13905 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:19
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13907 Inappropriate implementation in iOSWeb
Published on: 2026-07-11 15:40:20
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13908 Insufficient validation of untrusted input in Omnibox
Published on: 2026-07-11 15:40:22
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13910 Insufficient policy enforcement in WebXR
Published on: 2026-07-11 15:41:09
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13912 Incorrect security UI in Safe Browsing
Published on: 2026-07-11 15:40:23
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13914 Inappropriate implementation in Passwords
Published on: 2026-07-11 15:39:40
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13913 Insufficient policy enforcement in Autofill
Published on: 2026-07-11 15:40:24
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13915 Use after free in Chrome for iOS
Published on: 2026-07-11 15:40:26
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13916 Inappropriate implementation in Chrome for iOS
Published on: 2026-07-11 15:40:27
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13917 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:28
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13918 Use after free in Chrome for iOS
Published on: 2026-07-11 15:40:29
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13924 Insufficient validation of untrusted input in WebView
Published on: 2026-07-11 15:41:12
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13923 Uninitialized Use in GPU
Published on: 2026-07-11 15:41:10
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13926 Insufficient validation of untrusted input in Network
Published on: 2026-07-11 15:41:13
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13927 Insufficient validation of untrusted input in UI
Published on: 2026-07-11 15:41:14
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13932 Inappropriate implementation in Sharing
Published on: 2026-07-11 15:41:17
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13929 Insufficient validation of untrusted input in DevTools
Published on: 2026-07-11 15:41:15
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13936 Inappropriate implementation in Passwords
Published on: 2026-07-11 15:41:18
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13939 Insufficient validation of untrusted input in WebShare
Published on: 2026-07-11 15:41:19
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13944 Inappropriate implementation in DataTransfer
Published on: 2026-07-11 15:39:42
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13943 Uninitialized Use in CSS
Published on: 2026-07-11 15:41:21
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13949 Insufficient policy enforcement in Payments
Published on: 2026-07-11 15:41:22
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13946 Inappropriate implementation in ScriptInjections
Published on: 2026-07-11 15:40:31
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13955 Insufficient validation of untrusted input in CustomTabs
Published on: 2026-07-11 15:41:23
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13964 Insufficient policy enforcement in WebView
Published on: 2026-07-11 15:41:24
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13969 Uninitialized Use in UI
Published on: 2026-07-11 15:41:26
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13974 Integer overflow in Safe Browsing
Published on: 2026-07-11 15:39:43
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13975 Out of bounds read in ANGLE
Published on: 2026-07-11 15:39:44
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13980 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:32
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13994 Inappropriate implementation in Credential Management
Published on: 2026-07-11 15:41:28
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13983 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:34
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13981 Inappropriate implementation in Chrome for iOS
Published on: 2026-07-11 15:40:33
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13991 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:36
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13992 Inappropriate implementation in UI
Published on: 2026-07-11 15:39:46
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13987 Incorrect security UI in Mobile
Published on: 2026-07-11 15:41:27
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13997 Incorrect security UI in Extensions
Published on: 2026-07-11 15:41:31
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13998 Incorrect security UI in File Input
Published on: 2026-07-11 15:39:47
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14028 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:37
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13995 Insufficient validation of untrusted input in Autofill
Published on: 2026-07-11 15:41:29
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14005 Use after free in Omnibox
Published on: 2026-07-11 15:41:32
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14066 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:38
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14067 Use after free in Chrome for iOS
Published on: 2026-07-11 15:40:40
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14075 Policy bypass in Chrome for iOS
Published on: 2026-07-11 15:40:41
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14099 Use after free in Chrome for iOS
Published on: 2026-07-11 15:40:43
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14096 Object lifecycle issue in Input
Published on: 2026-07-11 15:41:33
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14101 Insufficient policy enforcement in Sandbox
Published on: 2026-07-11 15:39:49
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14114 Inappropriate implementation in WebAppInstalls
Published on: 2026-07-11 15:41:35
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14126 Incorrect security UI in UI
Published on: 2026-07-11 15:41:36
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14123 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:44
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14128 Insufficient data validation in Chrome for iOS
Published on: 2026-07-11 15:40:45
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14382 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-11 15:41:37
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14136 Incorrect security UI in Chrome for iOS
Published on: 2026-07-11 15:40:46
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14137 Insufficient validation of untrusted input in Chrome for iOS
Published on: 2026-07-11 15:40:48
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14386 Out of bounds read in ANGLE
Published on: 2026-07-11 15:39:52
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14385 Heap buffer overflow in ANGLE
Published on: 2026-07-11 15:39:50
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14388 Out of bounds read in ANGLE
Published on: 2026-07-11 15:39:22
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14390 Use after free in ANGLE
Published on: 2026-07-11 15:37:31
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14393 Use after free in V8
Published on: 2026-07-11 15:37:37
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14391 Integer overflow in ANGLE
Published on: 2026-07-11 15:37:35
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-14392 Out of bounds write in Tint
Published on: 2026-07-11 15:37:36
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-58281 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-11 07:00:00
Link: View Details
Deserialization of untrusted data in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2024-7598 Network restriction bypass via race condition during namespace termination
Published on: 2026-07-11 01:38:52
Link: View Details
Information published.

CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop
Published on: 2026-07-11 01:40:30
Link: View Details
Information published.

CVE-2026-56000 xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()
Published on: 2026-07-11 01:08:33
Link: View Details
Information published.

CVE-2026-54908 Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message
Published on: 2026-07-11 01:41:05
Link: View Details
Information published.

CVE-2026-59856 Vim: Arbitrary Code Execution via PHP Omni-Completion
Published on: 2026-07-11 01:01:16
Link: View Details
Information published.

CVE-2026-20214 ClamAV FSG File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Published on: 2026-07-11 01:01:29
Link: View Details
Information published.

CVE-2026-20215 ClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Published on: 2026-07-11 01:01:35
Link: View Details
Information published.

CVE-2026-20216 ClamAV InstallShield File Format Processing Resource Exhaustion Vulnerability
Published on: 2026-07-11 01:01:41
Link: View Details
Information published.

CVE-2026-20217 ClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Published on: 2026-07-11 01:01:47
Link: View Details
Information published.

CVE-2026-20244 ClamAV DMG File Processing Denial of Service Vulnerability
Published on: 2026-07-11 01:02:00
Link: View Details
Information published.

CVE-2026-59998 sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory.
Published on: 2026-07-11 01:02:59
Link: View Details
Information published.

CVE-2026-14380 DBI versions before 1.650 for Perl are vulnerable to code injection via caller-influenced Profile
Published on: 2026-07-11 01:06:39
Link: View Details
Information published.

CVE-2026-14740 DBI versions before 1.650 for Perl read one byte out-of-bounds in preparse when deleting an initial SQL comment
Published on: 2026-07-11 01:06:45
Link: View Details
Information published.

CVE-2026-59926 Mistune: XSS via unescaped class option in Admonition directive
Published on: 2026-07-11 01:06:59
Link: View Details
Information published.

CVE-2026-59925 inline_parser: quadratic-time parsing on long runs of `**x**` and `***x***` emphasis pairs
Published on: 2026-07-11 01:07:05
Link: View Details
Information published.

CVE-2026-59930 Mistune toc / TableOfContents directive: heading IDs use predictable `toc_N` numbering with no slugification, allowing collision with attacker-controlled `id="toc_N"` content
Published on: 2026-07-11 01:07:18
Link: View Details
Information published.

CVE-2026-59890 setuptools: MANIFEST.in exclusion bypass in sdist via Unicode normalization collision (NFC/NFD) on macOS APFS/HFS+
Published on: 2026-07-11 01:07:37
Link: View Details
Information published.

CVE-2026-58207 NATS Server: Remote crash via integer overflow in Connz pagination
Published on: 2026-07-11 01:07:49
Link: View Details
Information published.

CVE-2026-58251 NATS Server: Queue Subscribe Authz Bypass
Published on: 2026-07-11 01:07:55
Link: View Details
Information published.

CVE-2026-58208 NATS Server: MQTT-over-WebSocket Path Can Crash WebSocket-Only JetStream Servers Before MQTT Is Enabled
Published on: 2026-07-11 01:08:02
Link: View Details
Information published.

CVE-2026-58252 NATS Server: Subscribe Authz Bypass via Wildcard-Overlap
Published on: 2026-07-11 01:08:14
Link: View Details
Information published.

CVE-2026-58209 NATS Server: MQTT retained and QoS replay bypass subscribe deny filters
Published on: 2026-07-11 01:08:20
Link: View Details
Information published.

CVE-2026-58253 NATS Server: Route API Auth Bypass
Published on: 2026-07-11 01:08:26
Link: View Details
Information published.

CVE-2026-20213 ClamAV PE File Format Processing Out-of-Bounds Memory Corruption Vulnerability
Published on: 2026-07-11 01:01:22
Link: View Details
Information published.

CVE-2026-20243 ClamAV ALZ Archive Processing Denial of Service Vulnerability
Published on: 2026-07-11 01:01:53
Link: View Details
Information published.

CVE-2026-14461 Out-of-bound read in mtr
Published on: 2026-07-11 01:04:28
Link: View Details
Information published.

CVE-2026-14739 DBI versions before 1.650 for Perl have a heap overflow when preparsing SQL statements with an extreme number of placeholders
Published on: 2026-07-11 01:06:33
Link: View Details
Information published.

CVE-2026-59928 Mistune block_parser: quadratic-time parsing on long lists of repeated reference-link definitions
Published on: 2026-07-11 01:06:53
Link: View Details
Information published.

CVE-2026-59922 Mistune plugins/formatting: quadratic-time parsing on long runs of `~~x~~`, `==x==`, and `^^x^^` markers (strikethrough / mark / insert)
Published on: 2026-07-11 01:07:11
Link: View Details
Information published.

CVE-2026-59869 js-yaml: YAML merge-key chains can force quadratic CPU consumption
Published on: 2026-07-11 01:07:43
Link: View Details
Information published.

CVE-2026-58250 NATS Server: Pre-auth server crash via double INFO in leafnode handshake
Published on: 2026-07-11 01:08:08
Link: View Details
Information published.

CVE-2026-45571 go-git: Crafted repositories may modify main and submodule .git directories
Published on: 2026-07-11 01:39:50
Link: View Details
Information published.

CVE-2026-45570 go-git: Improper single-quote escaping in go-git SSH transport
Published on: 2026-07-11 01:39:57
Link: View Details
Information published.

CVE-2026-56288 NULL Pointer Dereference in GNU patch
Published on: 2026-07-10 01:01:37
Link: View Details
Information published.

CVE-2026-59818 etcd: gRPC client listener does not enforce `--client-crl-file` certificate revocation
Published on: 2026-07-10 01:01:17
Link: View Details
Information published.

CVE-2026-56289 Loop with Unreachable Exit Condition in GNU patch
Published on: 2026-07-10 01:01:27
Link: View Details
Information published.

CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2026-07-09 01:42:39
Link: View Details
Information published.

CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2026-07-09 01:41:05
Link: View Details
Information published.

CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2026-07-09 01:40:56
Link: View Details
Information published.

CVE-2025-23131 dlm: prevent NPD when writing a positive value to event_done
Published on: 2026-07-09 01:40:16
Link: View Details
Information published.

CVE-2026-9545 exposing HTTP/3 early data
Published on: 2026-07-09 01:46:22
Link: View Details
Information published.

CVE-2026-8932 incomplete mTLS config matching in conn reuse
Published on: 2026-07-09 01:46:48
Link: View Details
Information published.

CVE-2026-9547 SSH improper host validation
Published on: 2026-07-09 01:47:17
Link: View Details
Information published.

CVE-2026-8458 wrong reuse for different services
Published on: 2026-07-09 01:48:27
Link: View Details
Information published.

CVE-2026-8924 trailing dot domain super cookie
Published on: 2026-07-09 01:48:07
Link: View Details
Information published.

CVE-2026-10536 HTTP/2 stream-dependency tree UAF
Published on: 2026-07-09 01:48:59
Link: View Details
Information published.

CVE-2026-11856 cross-origin Digest auth state leak
Published on: 2026-07-09 01:47:43
Link: View Details
Information published.

CVE-2026-8286 wrong STARTTLS connection reuse
Published on: 2026-07-09 01:50:03
Link: View Details
Information published.

CVE-2026-8926 password leak with netrc and user in URL
Published on: 2026-07-09 01:49:37
Link: View Details
Information published.

CVE-2026-9080 UAF after pause in socket callback
Published on: 2026-07-09 01:49:11
Link: View Details
Information published.

CVE-2026-8925 SASL double-free
Published on: 2026-07-09 01:49:49
Link: View Details
Information published.

CVE-2026-53359 KVM: x86: Fix shadow paging use-after-free due to unexpected role
Published on: 2026-07-09 01:50:15
Link: View Details
Information published.

CVE-2026-14355 ext/openssl: Memory corruption in openssl_encrypt with AES-WRAP-PAD
Published on: 2026-07-09 01:50:09
Link: View Details
Information published.

CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension
Published on: 2026-07-09 01:50:21
Link: View Details
Information published.

CVE-2026-59997 internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection.
Published on: 2026-07-09 01:01:15
Link: View Details
Information published.

CVE-2026-59996 scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations.
Published on: 2026-07-09 01:01:22
Link: View Details
Information published.

CVE-2026-59995 sftp in OpenSSH before 10.4 does not properly constrain the location of downloaded files when "sftp server:/path ." is used with an attacker-controlled server.
Published on: 2026-07-09 01:01:28
Link: View Details
Information published.

CVE-2026-60001 sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay.
Published on: 2026-07-09 01:01:35
Link: View Details
Information published.

CVE-2026-60000 sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.
Published on: 2026-07-09 01:01:41
Link: View Details
Information published.

CVE-2026-59999 In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not.
Published on: 2026-07-09 01:01:47
Link: View Details
Information published.

CVE-2026-60002 ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)
Published on: 2026-07-09 01:01:53
Link: View Details
Information published.

CVE-2026-56002 libXfont2 PCF Font Parsing Heap Buffer Overflow
Published on: 2026-07-09 01:02:13
Link: View Details
Information published.

CVE-2026-56000 xorg-x11-server / xwayland GLX contextTags Use-After-Free in CommonMakeCurrent()
Published on: 2026-07-09 01:02:26
Link: View Details
Information published.

CVE-2026-38968 ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during session creation. As a result, fresh authenticated logins can receive deterministic or colliding session cookies under attacker-controlled timing.
Published on: 2026-07-09 01:02:45
Link: View Details
Information published.

CVE-2026-38969 ruby webrick through v1.9.2 WEBrick reparses trailer Content-Length into canonical request state, enabling request smuggling.
Published on: 2026-07-09 01:02:55
Link: View Details
Information published.

CVE-2026-54908 Pion DTLS: Denial of service via panic while parsing a crafted ECDHE_PSK ServerKeyExchange message
Published on: 2026-07-09 01:03:02
Link: View Details
Information published.

CVE-2026-53354 arm64: errata: Mitigate TLBI errata on various Arm CPUs
Published on: 2026-07-09 01:44:00
Link: View Details
Information published.

CVE-2026-53345 KVM: Don't WARN if memory is dirtied without a vCPU when the VM is dying
Published on: 2026-07-09 01:44:09
Link: View Details
Information published.

CVE-2026-53332 slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd
Published on: 2026-07-09 01:44:16
Link: View Details
Information published.

CVE-2026-53336 nvmem: layouts: onie-tlv: fix hang on unknown types
Published on: 2026-07-09 01:44:34
Link: View Details
Information published.

CVE-2026-53327 debugobjects: Do not fill_pool() if pi_blocked_on
Published on: 2026-07-09 01:44:25
Link: View Details
Information published.

CVE-2026-53339 i2c: qcom-cci: Fix NULL pointer dereference in cci_remove()
Published on: 2026-07-09 01:45:03
Link: View Details
Information published.

CVE-2026-9079 stale proxy password leak
Published on: 2026-07-09 01:46:04
Link: View Details
Information published.

CVE-2026-8927 env-set cross-proxy Digest auth state leak
Published on: 2026-07-09 01:49:26
Link: View Details
Information published.

CVE-2026-12064 proto-default skips SSH verification
Published on: 2026-07-09 01:48:39
Link: View Details
Information published.

CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl
Published on: 2026-07-09 01:50:30
Link: View Details
Information published.

CVE-2026-56001 libXfont2 BitmapScaleBitmaps Integer Overflow Heap Buffer Overflow
Published on: 2026-07-09 01:02:00
Link: View Details
Information published.

CVE-2026-56003 libXfont2 computeProps Property Buffer Heap Buffer Overflow
Published on: 2026-07-09 01:02:07
Link: View Details
Information published.

CVE-2026-55999 xorg-server / xwayland glamor font atlas Heap Buffer Overflow
Published on: 2026-07-09 01:02:20
Link: View Details
Information published.

CVE-2026-14191 WinRAR / UnRAR RAR5 recovery-volume (.rev) out-of-bounds heap write in RecVolumes5::ReadHeader
Published on: 2026-07-09 01:02:39
Link: View Details
Information published.

CVE-2026-23278 netfilter: nf_tables: always walk all pending catchall elements
Published on: 2026-07-09 01:43:38
Link: View Details
Information published.

CVE-2026-43010 bpf: Reject sleepable kprobe_multi programs at attach time
Published on: 2026-07-09 01:44:14
Link: View Details
Information published.

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks
Published on: 2026-07-09 01:47:35
Link: View Details
Information published.

CVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardown
Published on: 2026-07-09 01:47:55
Link: View Details
Information published.

CVE-2026-46242 eventpoll: fix ep_remove struct eventpoll / struct file UAF
Published on: 2026-07-09 01:48:05
Link: View Details
Information published.

CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access
Published on: 2026-07-09 01:40:47
Link: View Details
Information published.

CVE-2026-46252 regulator: core: fix locking in regulator_resolve_supply() error path
Published on: 2026-07-09 01:48:25
Link: View Details
Information published.

CVE-2026-53269 netfilter: synproxy: add mutex to guard hook reference counting
Published on: 2026-07-09 01:02:32
Link: View Details
Information published.

CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption
Published on: 2026-07-09 01:40:26
Link: View Details
Information published.

CVE-2026-47241 Net::IMAP: Denial of Service via incomplete raw argument validation
Published on: 2026-07-09 01:42:15
Link: View Details
Information published.

CVE-2026-53167 fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios
Published on: 2026-07-09 01:46:14
Link: View Details
Information published.

CVE-2026-58055 nghttp2 nghttpx - HTTP Request/Response Smuggling via Upgrade Request with Content-Length
Published on: 2026-07-09 01:43:14
Link: View Details
Information published.

CVE-2026-4360 Tarfile.extract() doesn't fully respect filter parameter
Published on: 2026-07-09 01:45:43
Link: View Details
Information published.

CVE-2026-42980 NT OS Kernel Elevation of Privilege Vulnerability
Published on: 2026-07-08 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability
Published on: 2026-07-08 07:00:00
Link: View Details
Microsoft has released an update to the Microsoft Malware Protection Engine that addresses the vulnerability identified by CVE-2026-50656. Please see the FAQ for more information on how to check if the new version has been installed.

CVE-2026-58525 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Published on: 2026-07-08 07:00:00
Link: View Details
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-45638 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Published on: 2026-07-07 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-9545 exposing HTTP/3 early data
Published on: 2026-07-07 01:41:09
Link: View Details
Information published.

CVE-2026-8932 incomplete mTLS config matching in conn reuse
Published on: 2026-07-07 01:41:30
Link: View Details
Information published.

CVE-2026-8458 wrong reuse for different services
Published on: 2026-07-07 01:42:14
Link: View Details
Information published.

CVE-2026-8924 trailing dot domain super cookie
Published on: 2026-07-07 01:41:55
Link: View Details
Information published.

CVE-2026-10536 HTTP/2 stream-dependency tree UAF
Published on: 2026-07-07 01:42:55
Link: View Details
Information published.

CVE-2026-8286 wrong STARTTLS connection reuse
Published on: 2026-07-07 01:42:34
Link: View Details
Information published.

CVE-2026-8926 password leak with netrc and user in URL
Published on: 2026-07-07 01:43:09
Link: View Details
Information published.

CVE-2026-9080 UAF after pause in socket callback
Published on: 2026-07-07 01:43:20
Link: View Details
Information published.

CVE-2026-55952 TLS 1.3 server denial of service via malformed ClientHello pre-shared key extension
Published on: 2026-07-07 01:01:15
Link: View Details
Information published.

CVE-2026-54886 SSH SFTP server denial of service via extended channel data infinite loop
Published on: 2026-07-07 01:01:22
Link: View Details
Information published.

CVE-2026-12480 Arbitrary HDF5 File Read via Virtual Dataset Bypass in keras-team/keras
Published on: 2026-07-07 01:01:38
Link: View Details
Information published.

CVE-2026-14647 onnx onnxruntime old.cc convPoolShapeInference_opset19 out-of-bounds
Published on: 2026-07-07 01:01:44
Link: View Details
Information published.

CVE-2026-54891 Plaintext APPLICATION_DATA injected during TLS handshake delivered to client application post-handshake in ssl
Published on: 2026-07-07 01:01:28
Link: View Details
Information published.

CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
Published on: 2026-07-07 01:40:29
Link: View Details
Information published.

CVE-2026-39827 Invoking memory leak when rejecting channels can lead to DoS in golang.org/x/crypto/ssh
Published on: 2026-07-07 01:40:36
Link: View Details
Information published.

CVE-2026-53223 net: guard timestamp cmsgs to real error queue skbs
Published on: 2026-07-04 01:03:27
Link: View Details
Information published.

Chromium: CVE-2026-13933 Insufficient policy enforcement in Passwords
Published on: 2026-07-03 07:00:42
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14153 Inappropriate implementation in Glic
Published on: 2026-07-03 07:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14125 Uninitialized Use in ANGLE
Published on: 2026-07-03 07:00:54
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

CVE-2026-55945 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally.

CVE-2026-56645 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57975 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57983 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-57984 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57985 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57987 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57988 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57992 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57993 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-56646 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58282 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58283 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58287 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58299 Microsoft Edge for Android Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

CVE-2026-58522 Microsoft Edge for Android Information Disclosure Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Relative path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.

Chromium: CVE-2026-13775 Use after free in GPU
Published on: 2026-07-03 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13776 Type Confusion in Dawn
Published on: 2026-07-03 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13779 Use after free in Chromoting
Published on: 2026-07-03 07:00:42
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13780 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-03 07:00:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13781 Insufficient validation of untrusted input in Skia
Published on: 2026-07-03 07:00:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13782 Use after free in Browser
Published on: 2026-07-03 07:00:45
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13783 Use after free in Views
Published on: 2026-07-03 07:00:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13784 Use after free in Views
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13786 Use after free in Ozone
Published on: 2026-07-03 07:00:49
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13787 Use after free in Chromoting
Published on: 2026-07-03 07:00:50
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13790 Side-channel information leakage in Scroll
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13793 Insufficient policy enforcement in SVG
Published on: 2026-07-03 07:00:54
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13794 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-03 07:00:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13797 Insufficient validation of untrusted input in Chromecast
Published on: 2026-07-03 07:00:58
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13801 Integer overflow in Chromecast
Published on: 2026-07-03 07:00:03
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13802 Use after free in Views
Published on: 2026-07-03 07:00:04
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13803 Type Confusion in Chrome Tabs
Published on: 2026-07-03 07:00:05
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13804 Use after free in Chromecast
Published on: 2026-07-03 07:00:06
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13810 Inappropriate implementation in Input
Published on: 2026-07-03 07:00:08
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13811 Use after free in IME
Published on: 2026-07-03 07:00:10
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13814 Use after free in Views
Published on: 2026-07-03 07:00:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13817 Insufficient validation of untrusted input in Glic
Published on: 2026-07-03 07:00:13
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13815 Use after free in Blink
Published on: 2026-07-03 07:00:12
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13820 Out of bounds read in Skia
Published on: 2026-07-03 07:00:16
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13821 Use after free in Canvas
Published on: 2026-07-03 07:00:17
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13823 Use after free in Glic
Published on: 2026-07-03 07:00:18
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13818 Inappropriate implementation in Passwords
Published on: 2026-07-03 07:00:14
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13829 Insufficient validation of untrusted input in Settings
Published on: 2026-07-03 07:00:22
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13828 Inappropriate implementation in Enterprise
Published on: 2026-07-03 07:00:20
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13824 Insufficient validation of untrusted input in Extensions
Published on: 2026-07-03 07:00:19
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13830 Use after free in Chromoting
Published on: 2026-07-03 07:00:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13832 Use after free in Headless
Published on: 2026-07-03 07:00:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13831 Use after free in GPU
Published on: 2026-07-03 07:00:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13837 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13836 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13835 Inappropriate implementation in XML
Published on: 2026-07-03 07:00:28
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13834 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-03 07:00:27
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13838 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:32
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13839 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13840 Insufficient policy enforcement in Canvas
Published on: 2026-07-03 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13841 Integer overflow in Skia
Published on: 2026-07-03 07:00:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13844 Use after free in Updater
Published on: 2026-07-03 07:00:37
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13845 Use after free in DOM
Published on: 2026-07-03 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13849 Insufficient validation of untrusted input in Chromoting
Published on: 2026-07-03 07:00:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13848 Use after free in Forms
Published on: 2026-07-03 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13853 Use after free in Journeys
Published on: 2026-07-03 07:00:42
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13854 Use after free in Ozone
Published on: 2026-07-03 07:00:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13855 Use after free in Ozone
Published on: 2026-07-03 07:00:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13858 Out of bounds read in FFmpeg
Published on: 2026-07-03 07:00:47
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13857 Inappropriate implementation in Geometry
Published on: 2026-07-03 07:00:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13859 Inappropriate implementation in ANGLE
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13860 Incorrect security UI in Autofill
Published on: 2026-07-03 07:00:49
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13861 Use after free in Core
Published on: 2026-07-03 07:00:50
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13864 Insufficient policy enforcement in WebHID
Published on: 2026-07-03 07:00:51
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13865 Insufficient validation of untrusted input in Enterprise
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13869 Use after free in Device
Published on: 2026-07-03 07:00:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13867 Inappropriate implementation in Geolocation
Published on: 2026-07-03 07:00:34
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13871 Insufficient data validation in GuestView
Published on: 2026-07-03 07:00:56
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13873 Out of bounds memory access in Layout
Published on: 2026-07-03 07:00:57
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13874 Inappropriate implementation in DataTransfer
Published on: 2026-07-03 07:00:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13876 Inappropriate implementation in Network
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13875 Insufficient validation of untrusted input in GPU
Published on: 2026-07-03 07:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13881 Insufficient data validation in WebAppInstalls
Published on: 2026-07-03 07:00:05
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13882 Inappropriate implementation in USB
Published on: 2026-07-03 07:00:06
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13879 Use after free in Bluetooth
Published on: 2026-07-03 07:00:03
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13877 Insufficient validation of untrusted input in ANGLE
Published on: 2026-07-03 07:00:02
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13883 Type Confusion in ANGLE
Published on: 2026-07-03 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13884 Heap buffer overflow in Chromecast
Published on: 2026-07-03 07:00:08
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13890 Out of bounds read in Chromecast
Published on: 2026-07-03 07:00:12
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13886 Policy bypass in Isolated Web Apps
Published on: 2026-07-03 07:00:10
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13888 Use after free in Extensions
Published on: 2026-07-03 07:00:11
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13891 Insufficient validation of untrusted input in Extensions
Published on: 2026-07-03 07:00:13
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13893 Insufficient validation of untrusted input in WebUI
Published on: 2026-07-03 07:00:14
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13894 Insufficient policy enforcement in Network
Published on: 2026-07-03 07:00:16
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13899 Use after free in HTML
Published on: 2026-07-03 07:00:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13897 Insufficient policy enforcement in Chromecast
Published on: 2026-07-03 07:00:20
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13895 Inappropriate implementation in Autofill
Published on: 2026-07-03 07:00:17
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13896 Insufficient policy enforcement in Glic
Published on: 2026-07-03 07:00:19
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13898 Use after free in Cast Receiver
Published on: 2026-07-03 07:00:21
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13900 Insufficient validation of untrusted input in Chromecast
Published on: 2026-07-03 07:00:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13901 Insufficient validation of untrusted input in Serial
Published on: 2026-07-03 07:00:25
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13903 Insufficient policy enforcement in Bluetooth
Published on: 2026-07-03 07:00:37
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13906 Out of bounds read in Codecs
Published on: 2026-07-03 07:00:28
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13909 Insufficient policy enforcement in DevTools
Published on: 2026-07-03 07:00:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13911 Insufficient data validation in Spellcheck
Published on: 2026-07-03 07:00:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13919 Insufficient data validation in Extensions
Published on: 2026-07-03 07:00:32
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13921 Insufficient validation of untrusted input in DeviceBoundSessionCredentials
Published on: 2026-07-03 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13922 Side-channel information leakage in Paint
Published on: 2026-07-03 07:00:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13925 Inappropriate implementation in Downloads
Published on: 2026-07-03 07:00:37
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13928 Insufficient validation of untrusted input in Enterprise
Published on: 2026-07-03 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13930 Insufficient policy enforcement in Actor
Published on: 2026-07-03 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13931 Inappropriate implementation in Media
Published on: 2026-07-03 07:00:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13934 Insufficient validation of untrusted input in Dawn
Published on: 2026-07-03 07:00:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13935 Side-channel information leakage in ComputePressure
Published on: 2026-07-03 07:00:45
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13937 Insufficient policy enforcement in Passwords
Published on: 2026-07-03 07:00:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13938 Integer overflow in Fonts
Published on: 2026-07-03 07:00:47
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13940 Uninitialized Use in Cast
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13941 Inappropriate implementation in SiteSettings
Published on: 2026-07-03 07:00:50
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13942 Insufficient validation of untrusted input in Video Capture
Published on: 2026-07-03 07:00:51
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13945 Insufficient policy enforcement in Extensions
Published on: 2026-07-03 07:00:52
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13947 Uninitialized Use in XR
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13948 Insufficient policy enforcement in Extensions
Published on: 2026-07-03 07:00:39
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13950 Uninitialized Use in GPU
Published on: 2026-07-03 07:00:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13951 Policy bypass in USB
Published on: 2026-07-03 07:00:57
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13952 Inappropriate implementation in PerformanceAPIs
Published on: 2026-07-03 07:00:58
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13953 Inappropriate implementation in SplitView
Published on: 2026-07-03 07:00:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13956 Incorrect security UI in PageInfo
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13957 Incorrect security UI in Extensions
Published on: 2026-07-03 07:00:03
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13958 Uninitialized Use in Codecs
Published on: 2026-07-03 07:00:04
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13959 Insufficient validation of untrusted input in Blink
Published on: 2026-07-03 07:00:05
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13960 Inappropriate implementation in Passwords
Published on: 2026-07-03 07:00:06
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13962 Insufficient data validation in PDF
Published on: 2026-07-03 07:00:07
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13774 Use after free in Extensions
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14142 Inappropriate implementation in Extensions
Published on: 2026-07-03 07:00:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14130 Incorrect security UI in Omnibox
Published on: 2026-07-03 07:00:58
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14116 Insufficient validation of untrusted input in DevTools
Published on: 2026-07-03 07:00:56
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14105 Insufficient policy enforcement in Speech
Published on: 2026-07-03 07:00:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14092 Insufficient policy enforcement in Privacy
Published on: 2026-07-03 07:00:54
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14082 Race in Storage
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14071 Side-channel information leakage in WebAudio
Published on: 2026-07-03 07:00:51
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14059 Insufficient policy enforcement in Related-Website-Sets
Published on: 2026-07-03 07:00:50
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14039 Insufficient policy enforcement in GetUserMedia
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14027 Use after free in SignIn
Published on: 2026-07-03 07:00:47
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14016 Insufficient policy enforcement in SVG
Published on: 2026-07-03 07:00:45
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14006 Use after free in Navigation
Published on: 2026-07-03 07:00:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13989 Insufficient policy enforcement in PageInfo
Published on: 2026-07-03 07:00:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13973 Inappropriate implementation in UI
Published on: 2026-07-03 07:00:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13961 Insufficient validation of untrusted input in DevTools
Published on: 2026-07-03 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14156 Policy bypass in StorageAccessAPI
Published on: 2026-07-03 07:00:28
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14155 Insufficient policy enforcement in StorageAccessAPI
Published on: 2026-07-03 07:00:26
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14154 Inappropriate implementation in DevTools
Published on: 2026-07-03 07:00:25
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14152 Out of bounds write in ANGLE
Published on: 2026-07-03 07:00:22
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14151 Inappropriate implementation in AI
Published on: 2026-07-03 07:00:21
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14150 Insufficient validation of untrusted input in Speech
Published on: 2026-07-03 07:00:20
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14149 Use after free in Audio
Published on: 2026-07-03 07:00:19
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14148 Type Confusion in CSS
Published on: 2026-07-03 07:00:17
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14147 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:16
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14146 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:15
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14145 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:14
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14144 Incorrect security UI in Views
Published on: 2026-07-03 07:00:13
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14143 Incorrect security UI in Passwords
Published on: 2026-07-03 07:00:11
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14141 Incorrect security UI in Document Picture-in-Picture
Published on: 2026-07-03 07:00:09
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14140 Insufficient validation of untrusted input in Input
Published on: 2026-07-03 07:00:08
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14139 Inappropriate implementation in TabStrip
Published on: 2026-07-03 07:00:07
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14133 Race in History Embeddings
Published on: 2026-07-03 07:00:02
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14132 Inappropriate implementation in WebXR
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14131 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-03 07:00:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14129 Incorrect security UI in PreviewTab
Published on: 2026-07-03 07:00:57
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14127 Inappropriate implementation in Printing
Published on: 2026-07-03 07:00:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14124 Inappropriate implementation in CredentialProvider
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14122 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-03 07:00:52
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14121 Use after free in Chromoting
Published on: 2026-07-03 07:00:51
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14119 Type Confusion in Bluetooth
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14117 Insufficient validation of untrusted input in DevTools
Published on: 2026-07-03 07:00:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14115 Insufficient validation of untrusted input in Cast
Published on: 2026-07-03 07:00:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14112 Inappropriate implementation in Enterprise
Published on: 2026-07-03 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14110 Inappropriate implementation in DarkMode
Published on: 2026-07-03 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14109 Insufficient policy enforcement in Mojo
Published on: 2026-07-03 07:00:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14104 Insufficient validation of untrusted input in WebAppInstalls
Published on: 2026-07-03 07:00:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14103 Use after free in SSL
Published on: 2026-07-03 07:00:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14102 Use after free in Passwords
Published on: 2026-07-03 07:00:28
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14100 Insufficient data validation in NetworkCache
Published on: 2026-07-03 07:00:27
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14098 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:26
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14097 Inappropriate implementation in WebAppInstalls
Published on: 2026-07-03 07:00:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14095 Insufficient validation of untrusted input in Browser
Published on: 2026-07-03 07:00:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14094 Use after free in Installer
Published on: 2026-07-03 07:00:22
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14093 Use after free in Cast
Published on: 2026-07-03 07:00:21
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14091 Use after free in DevTools
Published on: 2026-07-03 07:00:19
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14089 Insufficient validation of untrusted input in PopupBlocker
Published on: 2026-07-03 07:00:16
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14088 Uninitialized Use in Canvas
Published on: 2026-07-03 07:00:15
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14087 Insufficient validation of untrusted input in WebNN
Published on: 2026-07-03 07:00:14
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14086 Insufficient policy enforcement in HID
Published on: 2026-07-03 07:00:12
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14084 Insufficient validation of untrusted input in Chromoting
Published on: 2026-07-03 07:00:10
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14081 Insufficient policy enforcement in DevTools
Published on: 2026-07-03 07:00:07
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14080 Insufficient validation of untrusted input in TabSwitcher
Published on: 2026-07-03 07:00:05
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14079 Policy bypass in Network
Published on: 2026-07-03 07:00:04
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14078 Policy bypass in WebRTC
Published on: 2026-07-03 07:00:03
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14077 Incorrect security UI in Select
Published on: 2026-07-03 07:00:02
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14076 Policy bypass in Network
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14074 Side-channel information leakage in WebAuthentication
Published on: 2026-07-03 07:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14072 Incorrect security UI in SplitView
Published on: 2026-07-03 07:00:57
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14070 Uninitialized Use in WebNN
Published on: 2026-07-03 07:00:54
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14069 Integer overflow in WebNN
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14065 Insufficient validation of untrusted input in PageInfo
Published on: 2026-07-03 07:00:51
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14064 Use after free in PageInfo
Published on: 2026-07-03 07:00:50
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14063 Out of bounds memory access in Chromecast
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14062 Inappropriate implementation in Views
Published on: 2026-07-03 07:00:47
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14061 Inappropriate implementation in Dawn
Published on: 2026-07-03 07:00:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14056 Insufficient validation of untrusted input in Media
Published on: 2026-07-03 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14055 Insufficient validation of untrusted input in Device Trust
Published on: 2026-07-03 07:00:39
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14052 Insufficient policy enforcement in FileSystem
Published on: 2026-07-03 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14051 Uninitialized Use in GamepadAPI
Published on: 2026-07-03 07:00:34
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14050 Insufficient policy enforcement in Passwords
Published on: 2026-07-03 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14048 Use after free in Chromecast
Published on: 2026-07-03 07:00:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14047 Insufficient policy enforcement in Extensions
Published on: 2026-07-03 07:00:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14046 Inappropriate implementation in CustomTabs
Published on: 2026-07-03 07:00:28
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14045 Insufficient validation of untrusted input in Network
Published on: 2026-07-03 07:00:27
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14044 Use after free in ANGLE
Published on: 2026-07-03 07:00:25
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14043 Use after free in GetUserMedia
Published on: 2026-07-03 07:00:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14042 Inappropriate implementation in Isolated Web Apps
Published on: 2026-07-03 07:00:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14041 Insufficient policy enforcement in Serial
Published on: 2026-07-03 07:00:22
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14040 Use after free in BrowserTag
Published on: 2026-07-03 07:00:21
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14038 Insufficient validation of untrusted input in New Tab Page
Published on: 2026-07-03 07:00:18
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14037 Insufficient policy enforcement in GPU
Published on: 2026-07-03 07:00:17
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14036 Insufficient policy enforcement in Bluetooth
Published on: 2026-07-03 07:00:16
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14035 Insufficient policy enforcement in Bluetooth
Published on: 2026-07-03 07:00:15
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14033 Insufficient policy enforcement in Media
Published on: 2026-07-03 07:00:12
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14032 Use after free in Bluetooth
Published on: 2026-07-03 07:00:11
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14031 Incorrect security UI in File Input
Published on: 2026-07-03 07:00:10
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14026 Incorrect security UI in SplitView
Published on: 2026-07-03 07:00:06
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14024 Use after free in Ozone
Published on: 2026-07-03 07:00:04
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14022 Insufficient validation of untrusted input in Network
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14020 Insufficient validation of untrusted input in WebXR
Published on: 2026-07-03 07:00:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14019 Inappropriate implementation in Passwords
Published on: 2026-07-03 07:00:58
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14018 Use after free in Updater
Published on: 2026-07-03 07:00:57
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14015 Inappropriate implementation in WebRTC
Published on: 2026-07-03 07:00:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14014 Inappropriate implementation in Paint
Published on: 2026-07-03 07:00:52
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14013 Inappropriate implementation in SVG
Published on: 2026-07-03 07:00:51
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14012 Side-channel information leakage in CSS
Published on: 2026-07-03 07:00:49
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14011 Out of bounds read in SurfaceCapture
Published on: 2026-07-03 07:00:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14009 Insufficient data validation in Passwords
Published on: 2026-07-03 07:00:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14008 Uninitialized Use in WebXR
Published on: 2026-07-03 07:00:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14004 Inappropriate implementation in CSS
Published on: 2026-07-03 07:00:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14003 Insufficient policy enforcement in Extensions
Published on: 2026-07-03 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14002 Inappropriate implementation in Geolocation
Published on: 2026-07-03 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14001 Inappropriate implementation in Network
Published on: 2026-07-03 07:00:37
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14000 Inappropriate implementation in XML
Published on: 2026-07-03 07:00:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13999 Inappropriate implementation in Extensions
Published on: 2026-07-03 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13988 Inappropriate implementation in Paint
Published on: 2026-07-03 07:00:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13985 Inappropriate implementation in MediaCapture
Published on: 2026-07-03 07:00:26
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13979 Inappropriate implementation in Paint
Published on: 2026-07-03 07:00:23
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13978 Insufficient policy enforcement in PageInfo
Published on: 2026-07-03 07:00:22
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13977 Inappropriate implementation in HTMLParser
Published on: 2026-07-03 07:00:21
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13972 Inappropriate implementation in Paint
Published on: 2026-07-03 07:00:17
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13970 Uninitialized Use in Media
Published on: 2026-07-03 07:00:14
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13968 Insufficient validation of untrusted input in DevTools
Published on: 2026-07-03 07:00:13
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13967 Type Confusion in V8
Published on: 2026-07-03 07:00:12
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

CVE-2026-45488 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57974 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57977 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57981 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-57986 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58276 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

Chromium: CVE-2026-13954 Insufficient policy enforcement in XML
Published on: 2026-07-03 07:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

CVE-2026-58278 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58284 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58285 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58286 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58288 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58289 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58290 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58292 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58293 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58294 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

CVE-2026-58295 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-58296 Microsoft Edge for Android Information Disclosure Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.

CVE-2026-58297 Microsoft Edge for Android Information Disclosure Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Exposure of private personal information to an unauthorized actor in Microsoft Edge for Android allows an unauthorized attacker to disclose information over a network.

CVE-2026-58298 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58300 Microsoft Edge for Android Information Disclosure Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Absolute path traversal in Microsoft Edge for Android allows an unauthorized attacker to disclose information locally.

CVE-2026-58524 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-58597 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Insufficient ui warning of dangerous operations in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

Chromium: CVE-2026-13796 Integer overflow in Chromecast
Published on: 2026-07-03 07:00:56
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13798 Heap buffer overflow in Chromecast
Published on: 2026-07-03 07:00:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13799 Use after free in QUIC
Published on: 2026-07-03 07:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13800 Inappropriate implementation in Updater
Published on: 2026-07-03 07:00:01
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13806 Insufficient validation of untrusted input in Accessibility
Published on: 2026-07-03 07:00:07
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14138 Inappropriate implementation in WebAppInstalls
Published on: 2026-07-03 07:00:05
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14135 Insufficient validation of untrusted input in Network
Published on: 2026-07-03 07:00:04
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14134 Inappropriate implementation in Autofill
Published on: 2026-07-03 07:00:03
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14120 Inappropriate implementation in DevTools
Published on: 2026-07-03 07:00:49
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14118 Insufficient data validation in DevTools
Published on: 2026-07-03 07:00:47
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14113 Use after free in Updater
Published on: 2026-07-03 07:00:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14111 Use after free in WebProtect
Published on: 2026-07-03 07:00:39
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14108 Use after free in PDFium
Published on: 2026-07-03 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14107 Use after free in Scheduling
Published on: 2026-07-03 07:00:34
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14106 Insufficient validation of untrusted input in Text
Published on: 2026-07-03 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14085 Side-channel information leakage in CSS
Published on: 2026-07-03 07:00:11
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14083 Insufficient validation of untrusted input in HTML
Published on: 2026-07-03 07:00:09
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14073 Insufficient policy enforcement in WebXR
Published on: 2026-07-03 07:00:58
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14068 Inappropriate implementation in Omnibox
Published on: 2026-07-03 07:00:52
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14060 Insufficient validation of untrusted input in Chromoting
Published on: 2026-07-03 07:00:45
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14058 Policy bypass in Parser
Published on: 2026-07-03 07:00:42
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14057 Insufficient policy enforcement in FedCM
Published on: 2026-07-03 07:00:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14054 Insufficient policy enforcement in Network
Published on: 2026-07-03 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14053 Insufficient policy enforcement in Extensions
Published on: 2026-07-03 07:00:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14034 Inappropriate implementation in WebXR
Published on: 2026-07-03 07:00:14
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14030 Incorrect security UI in SplitView
Published on: 2026-07-03 07:00:09
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14025 Use after free in Views
Published on: 2026-07-03 07:00:05
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14023 Insufficient validation of untrusted input in SanitizerAPI
Published on: 2026-07-03 07:00:03
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14021 Insufficient validation of untrusted input in StorageAccessAPI
Published on: 2026-07-03 07:00:00
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14017 Inappropriate implementation in Navigation
Published on: 2026-07-03 07:00:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14010 Uninitialized Use in Codecs
Published on: 2026-07-03 07:00:47
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14007 Insufficient policy enforcement in PermissionsPolicy
Published on: 2026-07-03 07:00:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13996 Incorrect security UI in Permissions
Published on: 2026-07-03 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13993 Incorrect security UI in WebAppInstalls
Published on: 2026-07-03 07:00:32
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13990 Insufficient validation of untrusted input in DataTransfer
Published on: 2026-07-03 07:00:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13986 Inappropriate implementation in Media UI
Published on: 2026-07-03 07:00:28
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13984 Incorrect security UI in TabStrip
Published on: 2026-07-03 07:00:25
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13982 Incorrect security UI in Passwords
Published on: 2026-07-03 07:00:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13976 Heap buffer overflow in Storage
Published on: 2026-07-03 07:00:19
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13971 Uninitialized Use in Skia
Published on: 2026-07-03 07:00:16
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13966 Inappropriate implementation in History
Published on: 2026-07-03 07:00:11
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13965 Use after free in Oilpan
Published on: 2026-07-03 07:00:10
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

CVE-2026-45489 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Information published.

CVE-2026-58291 Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Operation on a resource after expiration or release in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

Chromium: CVE-2026-13920 Insufficient validation of untrusted input in Media
Published on: 2026-07-03 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-14049 Inappropriate implementation in GPU
Published on: 2026-07-03 07:00:49
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

Chromium: CVE-2026-13963 Inappropriate implementation in DevTools
Published on: 2026-07-03 07:00:08
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2026) for more information.

CVE-2026-58523 Microsoft Edge for Android Security Feature Bypass Vulnerability
Published on: 2026-07-03 07:00:00
Link: View Details
Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network.

CVE-2026-56149 Allocation of Resources Without Limits or Throttling in Elasticsearch Leading to Denial of Service
Published on: 2026-07-03 01:02:04
Link: View Details
Information published.

CVE-2026-14258 Dhcpcd: dhcpcd infinite loop and out-of-bounds read via zero-length ipv6 nd option in router advertisement handling
Published on: 2026-07-03 01:03:50
Link: View Details
Information published.

CVE-2026-49090 Uncontrolled Resource Consumption in Elasticsearch Leading to Denial of Service
Published on: 2026-07-03 01:01:57
Link: View Details
Information published.

CVE-2026-53357 Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del()
Published on: 2026-07-03 01:02:18
Link: View Details
Information published.

CVE-2026-56405 libexpat before 2.8.2 has an integer overflow in getAttributeId.
Published on: 2026-07-03 01:07:08
Link: View Details
Information published.

CVE-2026-56406 libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.
Published on: 2026-07-03 01:06:23
Link: View Details
Information published.

CVE-2026-53043 ocfs2/dlm: validate qr_numregions in dlm_match_regions()
Published on: 2026-07-03 01:03:26
Link: View Details
Information published.

CVE-2026-56131 libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).
Published on: 2026-07-03 01:05:57
Link: View Details
Information published.

CVE-2026-52911 ksmbd: scope conn->binding slowpath to bound sessions only
Published on: 2026-07-03 01:04:01
Link: View Details
Information published.

CVE-2026-53049 gfs2: add some missing log locking
Published on: 2026-07-03 01:04:14
Link: View Details
Information published.

CVE-2026-53045 memory: tegra124-emc: Fix dll_change check
Published on: 2026-07-03 01:04:20
Link: View Details
Information published.

CVE-2026-53097 wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work()
Published on: 2026-07-03 01:01:57
Link: View Details
Information published.

CVE-2026-53039 ocfs2: validate group add input before caching
Published on: 2026-07-03 01:04:26
Link: View Details
Information published.

CVE-2026-53010 ksmbd: fix use-after-free in smb2_open during durable reconnect
Published on: 2026-07-03 01:02:03
Link: View Details
Information published.

CVE-2026-53046 ksmbd: fix use-after-free from async crypto on Qualcomm crypto engine
Published on: 2026-07-03 01:04:36
Link: View Details
Information published.

CVE-2026-53048 gfs2: prevent NULL pointer dereference during unmount
Published on: 2026-07-03 01:02:17
Link: View Details
Information published.

CVE-2026-53196 USB: serial: io_ti: fix heap overflow in get_manuf_info()
Published on: 2026-07-03 01:02:44
Link: View Details
Information published.

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation
Published on: 2026-07-03 01:09:25
Link: View Details
Information published.

CVE-2026-58051 libssh2 - Free of Uninitialized Pointer in publickey List Cleanup
Published on: 2026-07-03 01:09:31
Link: View Details
Information published.

CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks
Published on: 2026-07-03 01:10:13
Link: View Details
Information published.

CVE-2026-13322 Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service
Published on: 2026-07-03 01:10:37
Link: View Details
Information published.

CVE-2026-57918 libnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker.
Published on: 2026-07-03 01:10:48
Link: View Details
Information published.

CVE-2026-12912 Libtiff: libtiff: heap-based buffer overflow via crafted pixarlog-compressed tiff image
Published on: 2026-07-03 01:04:06
Link: View Details
Information published.

CVE-2026-14164 Libarchive: double-free vulnerability in rar5 decompression logic via dangling filtered_buf pointer in init_unpack()
Published on: 2026-07-03 01:03:58
Link: View Details
Information published.

CVE-2026-53195 USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr()
Published on: 2026-07-03 01:03:06
Link: View Details
Information published.

CVE-2026-56407 libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.
Published on: 2026-07-03 01:06:51
Link: View Details
Information published.

CVE-2026-56404 libexpat before 2.8.2 has an integer overflow in addBinding.
Published on: 2026-07-03 01:06:06
Link: View Details
Information published.

CVE-2026-52913 batman-adv: v: stop OGMv2 on disabled interface
Published on: 2026-07-03 01:03:20
Link: View Details
Information published.

CVE-2026-56403 libexpat before 2.8.2 has an integer overflow in storeAtts.
Published on: 2026-07-03 01:06:32
Link: View Details
Information published.

CVE-2026-56132 In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.
Published on: 2026-07-03 01:06:15
Link: View Details
Information published.

CVE-2026-56412 libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219.
Published on: 2026-07-03 01:07:18
Link: View Details
Information published.

CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)
Published on: 2026-07-03 01:08:03
Link: View Details
Information published.

CVE-2026-11972 tarfile opened in streaming mode mishandles EOF
Published on: 2026-07-03 01:07:57
Link: View Details
Information published.

CVE-2026-0864 Configuration Injection via Carriage Return (\r) in write() method
Published on: 2026-07-03 01:08:33
Link: View Details
Information published.

CVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler
Published on: 2026-07-03 01:03:36
Link: View Details
Information published.

CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c
Published on: 2026-07-03 01:03:42
Link: View Details
Information published.

CVE-2025-15661 libssh2 - Heap Buffer Over-read via sftp_symlink() in sftp.c
Published on: 2026-07-03 01:03:49
Link: View Details
Information published.

CVE-2026-53052 ASoC: qcom: qdsp6: topology: check widget type before accessing data
Published on: 2026-07-03 01:03:55
Link: View Details
Information published.

CVE-2026-53098 wifi: mt76: mt7915: fix use-after-free bugs in mt7915_mac_dump_work()
Published on: 2026-07-03 01:04:08
Link: View Details
Information published.

CVE-2026-52946 fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling
Published on: 2026-07-03 01:01:37
Link: View Details
Information published.

CVE-2026-52992 fs/adfs: validate nzones in adfs_validate_bblk()
Published on: 2026-07-03 01:01:51
Link: View Details
Information published.

CVE-2026-52954 libceph: handle rbtree insertion error in decode_choose_args()
Published on: 2026-07-03 01:01:44
Link: View Details
Information published.

CVE-2026-53160 misc: fastrpc: fix use-after-free race in fastrpc_map_create
Published on: 2026-07-03 01:02:11
Link: View Details
Information published.

CVE-2026-53130 fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START
Published on: 2026-07-03 01:02:24
Link: View Details
Information published.

CVE-2026-53016 crypto: ccp - copy IV using skcipher ivsize
Published on: 2026-07-03 01:05:17
Link: View Details
Information published.

CVE-2026-52962 ceph: fix a buffer leak in __ceph_setxattr()
Published on: 2026-07-03 01:02:37
Link: View Details
Information published.

CVE-2026-52935 xfrm: espintcp: do not reuse an in-progress partial send
Published on: 2026-07-03 01:02:31
Link: View Details
Information published.

CVE-2026-52944 ksmbd: fix FSCTL permission bypass by adding a permission check for FSCTL_SET_SPARSE
Published on: 2026-07-03 01:02:51
Link: View Details
Information published.

CVE-2026-53320 nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty()
Published on: 2026-07-03 01:08:39
Link: View Details
Information published.

CVE-2026-53296 mailbox: mailbox-test: free channels on probe error
Published on: 2026-07-03 01:08:45
Link: View Details
Information published.

CVE-2026-53309 ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison
Published on: 2026-07-03 01:08:50
Link: View Details
Information published.

CVE-2026-53306 tty: hvc_iucv: fix off-by-one in number of supported devices
Published on: 2026-07-03 01:08:56
Link: View Details
Information published.

CVE-2026-53294 mailbox: mailbox-test: don't free the reused channel
Published on: 2026-07-03 01:09:02
Link: View Details
Information published.

CVE-2026-53303 f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show()
Published on: 2026-07-03 01:09:08
Link: View Details
Information published.

CVE-2026-53279 drm/gma500/oaktrail_lvds: fix hang on init failure
Published on: 2026-07-03 01:09:13
Link: View Details
Information published.

CVE-2026-58055 nghttp2 nghttpx - HTTP Request/Response Smuggling via Upgrade Request with Content-Length
Published on: 2026-07-03 01:09:43
Link: View Details
Information published.

CVE-2026-41991 Predictable Temporary File in GNU gzip
Published on: 2026-07-03 01:09:59
Link: View Details
Information published.

CVE-2026-57231 Podman: Malformed Image can trick podman run into leaking host environment variables into the container
Published on: 2026-07-03 01:10:42
Link: View Details
Information published.

CVE-2026-4360 Tarfile.extract() doesn't fully respect filter parameter
Published on: 2026-07-03 01:04:31
Link: View Details
Information published.

CVE-2026-13757 P11-kit: stack exhaustion via unbounded recursion in rpc attribute parsing
Published on: 2026-07-03 01:04:13
Link: View Details
Information published.

CVE-2026-57585 MessagePack: Out-of-bounds read/crash on Unpacker reuse after caught error
Published on: 2026-07-03 01:04:20
Link: View Details
Information published.

CVE-2026-50521 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published on: 2026-07-02 07:00:00
Link: View Details
Added Edge software to the Security Updates table. Customers that are running supported version of Edge are encouraged to update to the indicated version to be protected from this vulnerability.

CVE-2026-57100 Microsoft Entra Provisioning Service Elevation of Privilege Vulnerability
Published on: 2026-07-02 07:00:00
Link: View Details
Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

CVE-2026-45499 Azure OpenAI Elevation of Privilege Vulnerability
Published on: 2026-07-02 07:00:00
Link: View Details
Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

CVE-2026-26145 Microsoft Azure Synapse Elevation of Privilege Vulnerability
Published on: 2026-07-02 07:00:00
Link: View Details
Improper access control in Azure Synapse allows an authorized attacker to elevate privileges over a network.

CVE-2026-41106 Microsoft 365 Copilot Elevation of Privilege Vulnerability
Published on: 2026-07-02 07:00:00
Link: View Details
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-54998 Microsoft Exchange Online Elevation of Privilege Vulnerability
Published on: 2026-07-02 07:00:00
Link: View Details
Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

CVE-2026-32208 Microsoft Entra ID Spoofing Vulnerability
Published on: 2026-07-01 07:00:00
Link: View Details
Corrected the CVE description and title. This is an informational change only.

CVE-2026-57062 CMS (Cryptographic Message Syntax) parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182.
Published on: 2026-07-01 01:40:05
Link: View Details
Information published.

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation
Published on: 2026-07-01 01:06:43
Link: View Details
Information published.

CVE-2026-58051 libssh2 - Free of Uninitialized Pointer in publickey List Cleanup
Published on: 2026-07-01 01:06:37
Link: View Details
Information published.

CVE-2026-42055 NGINX ngx_http_proxy_v2_module and ngx_http_grpc_module vulnerability
Published on: 2026-07-01 01:01:22
Link: View Details
Information published.

CVE-2026-48779 ws: Memory exhaustion DoS from tiny fragments and data chunks
Published on: 2026-07-01 01:01:28
Link: View Details
Information published.

CVE-2026-58010 Glib: buffer over-read in glib/gvariant-serialiser.c via gvs_tuple_is_normal()
Published on: 2026-07-01 01:01:42
Link: View Details
Information published.

CVE-2026-58015 Glib: path traversal in glib/gio/gdbusauthmechanismsha1.c via keyring_lookup_entry and mechanism_client_data_receive
Published on: 2026-07-01 01:01:49
Link: View Details
Information published.

CVE-2026-58016 Glib: integer underflow in gio/gdbusintrospection.c via "g_dbus_node_info_new_for_xml"
Published on: 2026-07-01 01:01:55
Link: View Details
Information published.

CVE-2026-58012 Glib: buffer over-read in g_regex_replace() via glib/gregex.c:string_append() and g_utf8_next_char()
Published on: 2026-07-01 01:02:01
Link: View Details
Information published.

CVE-2026-58011 Glib: out-of-bounds read in glib/gdatetime.c:g_date_time_get_ymd via invalid gdatetime
Published on: 2026-07-01 01:02:07
Link: View Details
Information published.

CVE-2026-58013 Glib: buffer over-read in glib/giochannel.c via "g_io_channel_read_line_backend"
Published on: 2026-07-01 01:02:15
Link: View Details
Information published.

CVE-2026-58014 Glib: off-by-one error in glib/gkeyfile.c via "g_key_file_get_locale_string_list"
Published on: 2026-07-01 01:02:21
Link: View Details
Information published.

CVE-2026-13322 Kubevirt: virt-handler-rhel9: kubevirt: unbounded virtio-serial readline in virt-handler causes oom denial of service
Published on: 2026-07-01 01:02:40
Link: View Details
Information published.

CVE-2026-13208 Kubevirt: virt-handler-rhel9: kubevirt: virt-handler notify server trusts vmi identity from unauthenticated grpc request body
Published on: 2026-07-01 01:02:53
Link: View Details
Information published.

CVE-2026-13218 Kubevirt: kubevirt: symlink following in writetocachedfile allows host file overwrite from virt-launcher
Published on: 2026-07-01 01:02:59
Link: View Details
Information published.

CVE-2026-13325 Virt-handler-rhel9: kubevirt: kubevirt: disabletls migration setting removes authentication, exposing unauthenticated virtqemud proxy on all interfaces
Published on: 2026-07-01 01:03:05
Link: View Details
Information published.

CVE-2026-57918 libnfs through 6.0.2 before 935b8db has an xid integer underflow in READ_IOVEC in rpc_read_from_socket in lib/socket.c during a connection to a crafted NFS server, when the expected pdu size exceeds the absolute pdu size from the xid/record-marker.
Published on: 2026-07-01 01:03:19
Link: View Details
Information published.

CVE-2026-6291 Bleichenbacher padding oracle in PKCS#7 KTRI RSA PKCS#1 v1.5 decryption
Published on: 2026-07-01 01:03:26
Link: View Details
Information published.

CVE-2026-7532 iPAddress name constraints not enforced when WOLFSSL_IP_ALT_NAME is undefined
Published on: 2026-07-01 01:03:32
Link: View Details
Information published.

CVE-2026-6450 CRL critical extension bypass in ParseCRL_Extensions
Published on: 2026-07-01 01:03:39
Link: View Details
Information published.

CVE-2026-55960 Un-negotiated Raw Public Key (RFC 7250) accepted in place of X.509, bypassing chain validation
Published on: 2026-07-01 01:03:45
Link: View Details
Information published.

CVE-2026-55964 Chain intermediate CA:TRUE without keyCertSign accepted as a signing CA (temporary CA exemption)
Published on: 2026-07-01 01:03:51
Link: View Details
Information published.

CVE-2026-6329 PKCS#12 MAC verification uses attacker-controlled comparison length
Published on: 2026-07-01 01:04:22
Link: View Details
Information published.

CVE-2026-55961 wolfSSL_PKCS7_verify() reports success for degenerate (certs-only) PKCS#7 with no signer
Published on: 2026-07-01 01:04:29
Link: View Details
Information published.

CVE-2026-6678 Integer underflow in wc_PKCS7_DecryptOri handling crafted Other Recipient Info
Published on: 2026-07-01 01:04:35
Link: View Details
Information published.

CVE-2026-6094 Heap buffer overread in wc_PKCS7_DecodeEnvelopedData parsing crafted PKCS7 EnvelopedData
Published on: 2026-07-01 01:04:41
Link: View Details
Information published.

CVE-2026-6331 HMAC zero-length tag forgery in EVP_DigestVerifyFinal
Published on: 2026-07-01 01:04:48
Link: View Details
Information published.

CVE-2026-6330 ML-KEM ARM64 NEON ciphertext comparison only compares half of the input
Published on: 2026-07-01 01:04:54
Link: View Details
Information published.

CVE-2026-6731 X.509 name constraint bypass via Subject CN treated as a DNS name
Published on: 2026-07-01 01:05:06
Link: View Details
Information published.

CVE-2026-55958 Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage
Published on: 2026-07-01 01:05:13
Link: View Details
Information published.

CVE-2026-6325 Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list
Published on: 2026-07-01 01:05:19
Link: View Details
Information published.

CVE-2026-10592 Wildcard DNS SAN bypasses CA name-constraint checks
Published on: 2026-07-01 01:05:36
Link: View Details
Information published.

CVE-2026-10512 X25519 x86_64 assembly final reduction leaves non-canonical field element
Published on: 2026-07-01 01:05:43
Link: View Details
Information published.

CVE-2026-8720 HMAC-BLAKE2 final discards message when key length exceeds block size
Published on: 2026-07-01 01:05:55
Link: View Details
Information published.

CVE-2026-10098 OCSP CertID serial-number length-confusion in wolfSSL_OCSP_resp_find_status
Published on: 2026-07-01 01:06:01
Link: View Details
Information published.

CVE-2026-10097 ML-KEM-1024 x64 AVX2 incomplete cipher text comparison enables IND-CCA2 break and static private-key recovery
Published on: 2026-07-01 01:06:07
Link: View Details
Information published.

CVE-2026-11310 X.509 trust-chain bypass in wolfSSL_X509_verify_cert() via untrusted intermediate anchoring
Published on: 2026-07-01 01:06:13
Link: View Details
Information published.

CVE-2026-13595 Util-linux: util-linux: heap use-after-free in libblkid nested partition probing
Published on: 2026-07-01 01:06:57
Link: View Details
Information published.

CVE-2026-58055 nghttp2 nghttpx - HTTP Request/Response Smuggling via Upgrade Request with Content-Length
Published on: 2026-07-01 01:02:33
Link: View Details
Information published.

CVE-2026-54371 attr < 2.6.0 Symlink Traversal Privilege Escalation via getfattr/setfattr
Published on: 2026-07-01 01:01:34
Link: View Details
Information published.

CVE-2026-41992 Global Buffer Overflow in GNU gzip
Published on: 2026-07-01 01:40:53
Link: View Details
Information published.

CVE-2026-13318 Virt-api-rhel9: kubevirt: kubevirt: ssrf in virt-api port-forward via unvalidated guest-agent-reported ip
Published on: 2026-07-01 01:02:46
Link: View Details
Information published.

CVE-2026-57231 Podman: Malformed Image can trick podman run into leaking host environment variables into the container
Published on: 2026-07-01 01:03:12
Link: View Details
Information published.

CVE-2026-11703 Missing SNI/ALPN binding on stateful (session-ID) TLS session resumption
Published on: 2026-07-01 01:03:57
Link: View Details
Information published.

CVE-2026-55967 AES-GCM streaming APIs do not reject >64 GiB cumulative single messages, enabling counter wrap and keystream reuse
Published on: 2026-07-01 01:04:04
Link: View Details
Information published.

CVE-2026-55962 TLS 1.3 post-handshake authentication: server accepts Finished without client Certificate/CertificateVerify
Published on: 2026-07-01 01:04:10
Link: View Details
Information published.

CVE-2026-11999 X.509 trust-chain bypass via path-depth exhaustion in wolfSSL_X509_verify_cert()
Published on: 2026-07-01 01:04:16
Link: View Details
Information published.

CVE-2026-7511 PKCS7_verify signer confusion allows forged signatures to be accepted
Published on: 2026-07-01 01:05:00
Link: View Details
Information published.

CVE-2026-6091 Partial-chain verification accepts untrusted intermediate as trust anchor
Published on: 2026-07-01 01:05:25
Link: View Details
Information published.

CVE-2026-12340 Out-of-bounds heap read in SM2/SM3 certificate Subject Key Identifier computation
Published on: 2026-07-01 01:05:49
Link: View Details
Information published.

CVE-2026-6092 Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured
Published on: 2026-07-01 01:06:20
Link: View Details
Information published.

CVE-2026-6412 Continued acceptance of SHA-1/MD5 digests in certificate processing
Published on: 2026-07-01 01:06:26
Link: View Details
Information published.

CVE-2026-7531 Use-after-free in PQC hybrid key-share handling
Published on: 2026-07-01 01:06:32
Link: View Details
Information published.

CVE-2026-11625 Bytes::Random::Secure versions through 0.29 for Perl share internal state across forked processes
Published on: 2026-07-01 01:06:51
Link: View Details
Information published.

CVE-2026-42910 Windows Hotpatch Monitoring Service Elevation of Privilege Vulnerability
Published on: 2026-06-30 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-54369 acl < 2.4.0 Symlink Traversal Privilege Escalation via libacl Functions
Published on: 2026-06-30 01:01:43
Link: View Details
Information published.

CVE-2026-41991 Predictable Temporary File in GNU gzip
Published on: 2026-06-30 01:01:56
Link: View Details
Information published.

CVE-2026-54371 attr < 2.6.0 Symlink Traversal Privilege Escalation via getfattr/setfattr
Published on: 2026-06-30 01:01:49
Link: View Details
Information published.

CVE-2026-53325 agp/amd64: Fix broken error propagation in agp_amd64_probe()
Published on: 2026-06-30 01:02:09
Link: View Details
Information published.

CVE-2026-41992 Global Buffer Overflow in GNU gzip
Published on: 2026-06-30 01:02:02
Link: View Details
Information published.

CVE-2026-11979 Stack-Based Buffer Overflow in libxml2
Published on: 2026-06-30 01:02:15
Link: View Details
Information published.

CVE-2026-52910 bpf: Free reuseport cBPF prog after RCU grace period.
Published on: 2026-06-29 01:05:09
Link: View Details
Information published.

CVE-2026-52908 RDMA: During rereg_mr ensure that REREG_ACCESS is compatible
Published on: 2026-06-29 01:05:37
Link: View Details
Information published.

CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation
Published on: 2026-06-29 01:05:57
Link: View Details
Information published.

CVE-2026-58051 libssh2 - Free of Uninitialized Pointer in publickey List Cleanup
Published on: 2026-06-29 01:06:18
Link: View Details
Information published.

CVE-2026-58058 Nmap - Integer Underflow in IPv6 Extension Header Parsing
Published on: 2026-06-29 01:06:47
Link: View Details
Information published.

CVE-2026-52909 ip6_vti: set netns_immutable on the fallback device.
Published on: 2026-06-29 01:05:23
Link: View Details
Information published.

CVE-2026-58055 nghttp2 nghttpx - HTTP Request/Response Smuggling via Upgrade Request with Content-Length
Published on: 2026-06-29 01:06:34
Link: View Details
Information published.

CVE-2023-6606 Kernel: out-of-bounds read vulnerability in smbcalcsize
Published on: 2026-06-28 01:51:57
Link: View Details
Information published.

CVE-2025-21825 bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT
Published on: 2026-06-28 01:47:13
Link: View Details
Information published.

CVE-2024-58089 btrfs: fix double accounting race when btrfs_run_delalloc_range() failed
Published on: 2026-06-28 01:41:08
Link: View Details
Information published.

CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP
Published on: 2026-06-28 01:53:51
Link: View Details
Information published.

CVE-2025-21885 RDMA/bnxt_re: Fix the page details for the srq created by kernel consumers
Published on: 2026-06-28 01:54:23
Link: View Details
Information published.

CVE-2025-21833 iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE
Published on: 2026-06-28 01:43:00
Link: View Details
Information published.

CVE-2025-29923 go-redis allows potential out of order responses when `CLIENT SETINFO` times out during connection establishment
Published on: 2026-06-28 01:43:15
Link: View Details
Information published.

CVE-2025-21888 RDMA/mlx5: Fix a WARN during dereg_mr for DM type
Published on: 2026-06-28 01:59:08
Link: View Details
Information published.

CVE-2025-21870 ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers
Published on: 2026-06-28 01:59:24
Link: View Details
Information published.

CVE-2026-23214 btrfs: reject new transactions if the fs is fully read-only
Published on: 2026-06-28 01:58:54
Link: View Details
Information published.

CVE-2026-23213 drm/amd/pm: Disable MMIO access during SMU Mode 1 reset
Published on: 2026-06-28 01:58:23
Link: View Details
Information published.

CVE-2025-71225 md: suspend array while updating raid_disks via sysfs
Published on: 2026-06-28 01:58:39
Link: View Details
Information published.

CVE-2025-71227 wifi: mac80211: don't WARN for connections on invalid channels
Published on: 2026-06-28 01:59:10
Link: View Details
Information published.

CVE-2026-23207 spi: tegra210-quad: Protect curr_xfer check in IRQ handler
Published on: 2026-06-28 02:00:39
Link: View Details
Information published.

CVE-2025-40213 Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete
Published on: 2026-06-28 01:58:16
Link: View Details
Information published.

CVE-2025-40139 smc: Use __sk_dst_get() and dst_dev_rcu() in in smc_clc_prfx_set().
Published on: 2026-06-28 01:50:41
Link: View Details
Information published.

CVE-2025-40146 blk-mq: fix potential deadlock while nr_requests grown
Published on: 2026-06-28 01:50:58
Link: View Details
Information published.

CVE-2025-40168 smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match().
Published on: 2026-06-28 01:51:12
Link: View Details
Information published.

CVE-2025-40170 net: use dst_dev_rcu() in sk_setup_caps()
Published on: 2026-06-28 01:51:26
Link: View Details
Information published.

CVE-2025-40158 ipv6: use RCU in ip6_output()
Published on: 2026-06-28 01:51:42
Link: View Details
Information published.

CVE-2025-40180 mailbox: zynqmp-ipi: Fix out-of-bounds access in mailbox cleanup loop
Published on: 2026-06-28 01:51:57
Link: View Details
Information published.

CVE-2025-68822 Input: alps - fix use-after-free bugs caused by dev3_register_work
Published on: 2026-06-28 01:57:14
Link: View Details
Information published.

CVE-2026-0989 Libxml2: unbounded relaxng include recursion leading to stack overflow
Published on: 2026-06-28 01:58:09
Link: View Details
Information published.

CVE-2025-71073 Input: lkkbd - disable pending work before freeing device
Published on: 2026-06-28 01:57:28
Link: View Details
Information published.

CVE-2025-71072 shmem: fix recovery on rename failures
Published on: 2026-06-28 01:57:44
Link: View Details
Information published.

CVE-2025-68201 drm/amdgpu: remove two invalid BUG_ON()s
Published on: 2026-06-28 01:54:03
Link: View Details
Information published.

CVE-2025-68230 drm/amdgpu: fix gpu page fault after hibernation on PF passthrough
Published on: 2026-06-28 01:54:20
Link: View Details
Information published.

CVE-2025-68174 amd/amdkfd: enhance kfd process check in switch partition
Published on: 2026-06-28 01:54:35
Link: View Details
Information published.

CVE-2025-40355 sysfs: check visibility before changing group attribute ownership
Published on: 2026-06-28 01:54:51
Link: View Details
Information published.

CVE-2025-68209 mlx5: Fix default values in create CQ
Published on: 2026-06-28 01:55:07
Link: View Details
Information published.

CVE-2025-68304 Bluetooth: hci_core: lookup hci_conn on RX path on protocol side
Published on: 2026-06-28 01:55:36
Link: View Details
Information published.

CVE-2025-68338 net: dsa: microchip: Don't free uninitialized ksz_irq
Published on: 2026-06-28 01:55:51
Link: View Details
Information published.

CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
Published on: 2026-06-28 01:56:09
Link: View Details
Information published.

CVE-2025-61727 Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509
Published on: 2026-06-28 01:52:43
Link: View Details
Information published.

CVE-2025-40289 drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM
Published on: 2026-06-28 01:53:00
Link: View Details
Information published.

CVE-2025-40339 drm/amdgpu: fix nullptr err of vm_handle_moved
Published on: 2026-06-28 01:53:15
Link: View Details
Information published.

CVE-2025-68190 drm/amdgpu/atom: Check kcalloc() for WS buffer in amdgpu_atom_execute_table_locked()
Published on: 2026-06-28 01:53:47
Link: View Details
Information published.

CVE-2025-68188 tcp: use dst_dev_rcu() in tcp_fastopen_active_disable_ofo_check()
Published on: 2026-06-28 01:55:21
Link: View Details
Information published.

CVE-2025-68378 bpf: Fix stackmap overflow check in __bpf_get_stackid()
Published on: 2026-06-28 01:56:24
Link: View Details
Information published.

CVE-2025-68374 md: fix rcu protection in md_wakeup_thread
Published on: 2026-06-28 01:56:40
Link: View Details
Information published.

CVE-2025-38041 clk: sunxi-ng: h616: Reparent GPU clock during frequency changes
Published on: 2026-06-28 01:59:55
Link: View Details
Information published.

CVE-2025-38029 kasan: avoid sleepable page allocation from atomic context
Published on: 2026-06-28 02:00:26
Link: View Details
Information published.

CVE-2025-38064 virtio: break and reset virtio devices on device_shutdown()
Published on: 2026-06-28 02:00:11
Link: View Details
Information published.

CVE-2023-52485 drm/amd/display: Wake DMCUB before sending a command
Published on: 2026-06-28 02:02:22
Link: View Details
Information published.

CVE-2024-25740 A memory leak flaw was found in the UBI driver in drivers/mtd/ubi/attach.c in the Linux kernel through 6.7.4 for UBI_IOCATT, because kobj->name is not released.
Published on: 2026-06-28 01:40:23
Link: View Details
Information published.

CVE-2024-24864 Race condition vulnerability in Linux kernel media/dvb-core in dvbdmx_write()
Published on: 2026-06-28 01:40:08
Link: View Details
Information published.

CVE-2024-1151 Kernel: stack overflow problem in open vswitch kernel module leading to dos
Published on: 2026-06-28 01:45:26
Link: View Details
Information published.

CVE-2024-53201 drm/amd/display: Fix null check for pipe_ctx->plane_state in dcn20_program_pipe
Published on: 2026-06-28 02:02:36
Link: View Details
Information published.

CVE-2024-53114 x86/CPU/AMD: Clear virtualized VMLOAD/VMSAVE on Zen4 client
Published on: 2026-06-28 01:59:57
Link: View Details
Information published.

CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO
Published on: 2026-06-28 01:49:06
Link: View Details
Information published.

CVE-2024-56712 udmabuf: fix memory leak on last export_udmabuf() error path
Published on: 2026-06-28 02:01:34
Link: View Details
Information published.

CVE-2024-56591 Bluetooth: hci_conn: Use disable_delayed_work_sync
Published on: 2026-06-28 01:52:17
Link: View Details
Information published.

CVE-2024-53133 drm/amd/display: Handle dml allocation failure to avoid crash
Published on: 2026-06-28 01:59:22
Link: View Details
Information published.

CVE-2024-53187 io_uring: check for overflows in io_pin_pages
Published on: 2026-06-28 02:03:37
Link: View Details
Information published.

CVE-2024-56544 udmabuf: change folios array from kmalloc to kvmalloc
Published on: 2026-06-28 02:04:29
Link: View Details
Information published.

CVE-2024-56702 bpf: Mark raw_tp arguments with PTR_MAYBE_NULL
Published on: 2026-06-28 02:04:44
Link: View Details
Information published.

CVE-2024-56742 vfio/mlx5: Fix an unwind issue in mlx5vf_add_migration_pages()
Published on: 2026-06-28 02:01:49
Link: View Details
Information published.

CVE-2025-38660 [ceph] parse_longname(): strrchr() expects NUL-terminated string
Published on: 2026-06-28 02:04:26
Link: View Details
Information published.

CVE-2025-38636 rv: Use strings in da monitors tracepoints
Published on: 2026-06-28 02:04:41
Link: View Details
Information published.

CVE-2025-38591 bpf: Reject narrower access to pointer ctx fields
Published on: 2026-06-28 02:03:45
Link: View Details
Information published.

CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
Published on: 2026-06-28 01:52:14
Link: View Details
Information published.

CVE-2025-38585 staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int()
Published on: 2026-06-28 02:04:01
Link: View Details
Information published.

CVE-2025-58160 Tracing logging user input may result in poisoning logs with ANSI escape sequences
Published on: 2026-06-28 01:56:57
Link: View Details
Information published.

CVE-2024-47702 bpf: Fail verification for sign-extension of packet data/data_end/data_meta
Published on: 2026-06-28 01:50:22
Link: View Details
Information published.

CVE-2024-49888 bpf: Fix a sdiv overflow issue
Published on: 2026-06-28 01:55:01
Link: View Details
Information published.

CVE-2024-47662 drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection
Published on: 2026-06-28 01:49:05
Link: View Details
Information published.

CVE-2024-49940 l2tp: prevent possible tunnel refcount underflow
Published on: 2026-06-28 01:55:33
Link: View Details
Information published.

CVE-2024-49932 btrfs: don't readahead the relocation inode on RST
Published on: 2026-06-28 01:55:17
Link: View Details
Information published.

CVE-2024-49893 drm/amd/display: Check stream_status before it is used
Published on: 2026-06-28 01:52:15
Link: View Details
Information published.

CVE-2024-49885 mm, slub: avoid zeroing kmalloc redzone
Published on: 2026-06-28 01:55:48
Link: View Details
Information published.

CVE-2024-49972 drm/amd/display: Deallocate DML memory if allocation fails
Published on: 2026-06-28 01:53:16
Link: View Details
Information published.

CVE-2024-49945 net/ncsi: Disable the ncsi work before freeing the associated structure
Published on: 2026-06-28 01:53:31
Link: View Details
Information published.

CVE-2024-49920 drm/amd/display: Check null pointers before multiple uses
Published on: 2026-06-28 01:52:31
Link: View Details
Information published.

CVE-2024-47661 drm/amd/display: Avoid overflow from uint32_t to uint8_t
Published on: 2026-06-28 01:48:36
Link: View Details
Information published.

CVE-2024-49904 drm/amdgpu: add list empty check to avoid null pointer issue
Published on: 2026-06-28 01:50:52
Link: View Details
Information published.

CVE-2024-50028 thermal: core: Reference count the zone in thermal_zone_get_by_id()
Published on: 2026-06-28 01:51:07
Link: View Details
Information published.

CVE-2024-49908 drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2)
Published on: 2026-06-28 01:49:36
Link: View Details
Information published.

CVE-2024-49918 drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer
Published on: 2026-06-28 01:50:38
Link: View Details
Information published.

CVE-2024-49990 drm/xe/hdcp: Check GSC structure validity
Published on: 2026-06-28 01:52:46
Link: View Details
Information published.

CVE-2024-49922 drm/amd/display: Check null pointers before using them
Published on: 2026-06-28 01:51:40
Link: View Details
Information published.

CVE-2024-46870 drm/amd/display: Disable DMCUB timeout for DCN35
Published on: 2026-06-28 01:48:50
Link: View Details
Information published.

CVE-2024-49971 drm/amd/display: Increase array size of dummy_boolean
Published on: 2026-06-28 01:53:45
Link: View Details
Information published.

CVE-2024-49921 drm/amd/display: Check null pointers before used
Published on: 2026-06-28 01:51:23
Link: View Details
Information published.

CVE-2024-47703 bpf, lsm: Add check for BPF LSM return value
Published on: 2026-06-28 01:50:07
Link: View Details
Information published.

CVE-2024-49910 drm/amd/display: Add NULL check for function pointer in dcn401_set_output_transfer_func
Published on: 2026-06-28 01:49:20
Link: View Details
Information published.

CVE-2024-49916 drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn401_init_hw
Published on: 2026-06-28 01:49:52
Link: View Details
Information published.

CVE-2024-49970 drm/amd/display: Implement bounds check for stream encoder creation in DCN401
Published on: 2026-06-28 01:53:00
Link: View Details
Information published.

CVE-2024-50004 drm/amd/display: update DML2 policy EnhancedPrefetchScheduleAccelerationFinal DCN35
Published on: 2026-06-28 01:54:00
Link: View Details
Information published.

CVE-2024-38608 net/mlx5e: Fix netif state handling
Published on: 2026-06-28 01:44:09
Link: View Details
Information published.

CVE-2024-38595 net/mlx5: Fix peer devlink set for SF representor devlink port
Published on: 2026-06-28 01:49:08
Link: View Details
Information published.

CVE-2024-46834 ethtool: fail closed if we can't get max channel used in indirection tables
Published on: 2026-06-28 01:48:06
Link: View Details
Information published.

CVE-2024-44951 serial: sc16is7xx: fix TX fifo corruption
Published on: 2026-06-28 01:48:21
Link: View Details
Information published.

CVE-2024-46730 drm/amd/display: Ensure array index tg_inst won't be -1
Published on: 2026-06-28 01:47:03
Link: View Details
Information published.

CVE-2024-46727 drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update
Published on: 2026-06-28 01:47:19
Link: View Details
Information published.

CVE-2024-46754 bpf: Remove tst_run from lwt_seg6local_prog_ops.
Published on: 2026-06-28 01:50:58
Link: View Details
Information published.

CVE-2024-46681 pktgen: use cpus_read_lock() in pg_net_init()
Published on: 2026-06-28 01:46:48
Link: View Details
Information published.

CVE-2024-46701 libfs: fix infinite directory reads for offset dir
Published on: 2026-06-28 01:46:17
Link: View Details
Information published.

CVE-2024-46775 drm/amd/display: Validate function returns
Published on: 2026-06-28 01:56:52
Link: View Details
Information published.

CVE-2024-44956 drm/xe/preempt_fence: enlarge the fence critical section
Published on: 2026-06-28 01:45:43
Link: View Details
Information published.

CVE-2024-46698 video/aperture: optionally match the device in sysfb_disable()
Published on: 2026-06-28 01:46:03
Link: View Details
Information published.

CVE-2024-46705 drm/xe: reset mmio mappings with devm
Published on: 2026-06-28 01:46:32
Link: View Details
Information published.

CVE-2024-46778 drm/amd/display: Check UnboundedRequestEnabled's value
Published on: 2026-06-28 01:56:37
Link: View Details
Information published.

CVE-2024-46808 drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range
Published on: 2026-06-28 01:47:34
Link: View Details
Information published.

CVE-2024-46842 scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info
Published on: 2026-06-28 01:47:50
Link: View Details
Information published.

CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
Published on: 2026-06-28 01:39:49
Link: View Details
Information published.

CVE-2025-39932 smb: client: let smbd_destroy() call disable_work_sync(&info->post_send_credits_work)
Published on: 2026-06-28 01:45:00
Link: View Details
Information published.

CVE-2025-40064 smc: Fix use-after-free in __pnet_find_base_ndev().
Published on: 2026-06-28 01:46:26
Link: View Details
Information published.

CVE-2025-58188 Panic when validating certificates with DSA public keys in crypto/x509
Published on: 2026-06-28 01:48:21
Link: View Details
Information published.

CVE-2025-39927 ceph: fix race condition validating r_parent before applying state
Published on: 2026-06-28 01:44:03
Link: View Details
Information published.

CVE-2025-39901 i40e: remove read access to debugfs files
Published on: 2026-06-28 01:44:23
Link: View Details
Information published.

CVE-2025-39905 net: phylink: add lock for serializing concurrent pl->phydev writes with resolver
Published on: 2026-06-28 01:44:44
Link: View Details
Information published.

CVE-2025-39940 dm-stripe: fix a possible integer overflow
Published on: 2026-06-28 01:45:17
Link: View Details
Information published.

CVE-2025-39990 bpf: Check the helper function is valid in get_helper_proto
Published on: 2026-06-28 01:45:33
Link: View Details
Information published.

CVE-2025-40003 net: mscc: ocelot: Fix use-after-free caused by cyclic delayed work
Published on: 2026-06-28 01:45:50
Link: View Details
Information published.

CVE-2025-40074 ipv4: start using dst_dev_rcu()
Published on: 2026-06-28 01:46:11
Link: View Details
Information published.

CVE-2025-40065 RISC-V: KVM: Write hgatp register with valid mode bits
Published on: 2026-06-28 01:46:40
Link: View Details
Information published.

CVE-2025-40075 tcp_metrics: use dst_dev_net_rcu()
Published on: 2026-06-28 01:46:57
Link: View Details
Information published.

CVE-2025-40057 ptp: Add a upper bound on max_vclocks
Published on: 2026-06-28 01:47:14
Link: View Details
Information published.

CVE-2025-58183 Unbounded allocation when parsing GNU sparse map in archive/tar
Published on: 2026-06-28 01:47:33
Link: View Details
Information published.

CVE-2025-61725 Excessive CPU consumption in ParseAddress in net/mail
Published on: 2026-06-28 01:48:37
Link: View Details
Information published.

CVE-2025-58186 Lack of limit when parsing cookies can cause memory exhaustion in net/http
Published on: 2026-06-28 01:47:49
Link: View Details
Information published.

CVE-2025-61724 Excessive CPU consumption in Reader.ReadResponse in net/textproto
Published on: 2026-06-28 01:48:06
Link: View Details
Information published.

CVE-2025-40102 KVM: arm64: Prevent access to vCPU events before init
Published on: 2026-06-28 01:48:53
Link: View Details
Information published.

CVE-2025-21976 fbdev: hyperv_fb: Allow graceful removal of framebuffer
Published on: 2026-06-28 01:58:37
Link: View Details
Information published.

CVE-2025-22113 ext4: avoid journaling sb update on error if journal is destroying
Published on: 2026-06-28 01:47:31
Link: View Details
Information published.

CVE-2025-22108 bnxt_en: Mask the bd_cnt field in the TX BD properly
Published on: 2026-06-28 01:48:20
Link: View Details
Information published.

CVE-2025-22070 fs/9p: fix NULL pointer dereference on mkdir
Published on: 2026-06-28 01:45:53
Link: View Details
Information published.

CVE-2025-21961 eth: bnxt: fix truesize for mb-xdp-pass case
Published on: 2026-06-28 01:44:48
Link: View Details
Information published.

CVE-2025-21985 drm/amd/display: Fix out-of-bound accesses
Published on: 2026-06-28 01:53:20
Link: View Details
Information published.

CVE-2025-22115 btrfs: fix block group refcount race in btrfs_create_pending_block_groups()
Published on: 2026-06-28 01:54:52
Link: View Details
Information published.

CVE-2025-21927 nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu()
Published on: 2026-06-28 01:44:14
Link: View Details
Information published.

CVE-2025-21949 LoongArch: Set hugetlb mmap base address aligned with pmd size
Published on: 2026-06-28 01:44:30
Link: View Details
Information published.

CVE-2025-23131 dlm: prevent NPD when writing a positive value to event_done
Published on: 2026-06-28 01:57:38
Link: View Details
Information published.

CVE-2025-21907 mm: memory-failure: update ttu flag inside unmap_poisoned_folio
Published on: 2026-06-28 01:49:24
Link: View Details
Information published.

CVE-2025-22124 md/md-bitmap: fix wrong bitmap_limit for clustermd when write sb
Published on: 2026-06-28 01:49:37
Link: View Details
Information published.

CVE-2025-23135 RISC-V: KVM: Teardown riscv specific bits after kvm_exit
Published on: 2026-06-28 01:49:53
Link: View Details
Information published.

CVE-2025-46327 Go Snowflake Driver has race condition when checking access to Easy Logging configuration file
Published on: 2026-06-28 01:45:22
Link: View Details
Information published.

CVE-2025-22109 ax25: Remove broken autobind
Published on: 2026-06-28 01:46:55
Link: View Details
Information published.

CVE-2025-4035 Libsoup: cookie domain validation bypass via uppercase characters in libsoup
Published on: 2026-06-28 01:45:38
Link: View Details
Information published.

CVE-2025-40325 md/raid10: wait barrier before returning discard request with REQ_NOWAIT
Published on: 2026-06-28 01:57:24
Link: View Details
Information published.

CVE-2025-37860 sfc: fix NULL dereferences in ef100_process_design_param()
Published on: 2026-06-28 01:45:05
Link: View Details
Information published.

CVE-2024-43901 drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401
Published on: 2026-06-28 01:43:55
Link: View Details
Information published.

CVE-2024-43872 RDMA/hns: Fix soft lockup under heavy CEQE load
Published on: 2026-06-28 01:44:38
Link: View Details
Information published.

CVE-2024-43819 kvm: s390: Reject memory region operations for ucontrol VMs
Published on: 2026-06-28 01:45:09
Link: View Details
Information published.

CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed
Published on: 2026-06-28 01:56:08
Link: View Details
Information published.

CVE-2024-43886 drm/amd/display: Add null check in resource_log_pipe_topology_update
Published on: 2026-06-28 01:44:23
Link: View Details
Information published.

CVE-2024-43824 PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init()
Published on: 2026-06-28 01:44:54
Link: View Details
Information published.

CVE-2013-1633 easy_install in setuptools before 0.7 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to the default use of the product.
Published on: 2026-06-28 01:40:56
Link: View Details
Information published.

CVE-2025-38333 f2fs: fix to bail out in get_new_segment()
Published on: 2026-06-28 02:01:28
Link: View Details
Information published.

CVE-2025-38359 s390/mm: Fix in_atomic() handling in do_secure_storage_access()
Published on: 2026-06-28 02:03:01
Link: View Details
Information published.

CVE-2025-38264 nvme-tcp: sanitize request list handling
Published on: 2026-06-28 02:01:13
Link: View Details
Information published.

CVE-2025-38303 Bluetooth: eir: Fix possible crashes on eir_create_adv_data
Published on: 2026-06-28 02:01:45
Link: View Details
Information published.

CVE-2025-38279 bpf: Do not include stack ptr register in precision backtracking bookkeeping
Published on: 2026-06-28 02:01:59
Link: View Details
Information published.

CVE-2025-38269 btrfs: exit after state insertion failure at btrfs_convert_extent_bit()
Published on: 2026-06-28 02:02:17
Link: View Details
Information published.

CVE-2025-38096 wifi: iwlwifi: don't warn when if there is a FW error
Published on: 2026-06-28 02:00:55
Link: View Details
Information published.

CVE-2025-38272 net: dsa: b53: do not enable EEE on bcm63xx
Published on: 2026-06-28 02:02:32
Link: View Details
Information published.

CVE-2024-58266 The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.
Published on: 2026-06-28 02:03:30
Link: View Details
Information published.

CVE-2025-38311 iavf: get rid of the crit lock
Published on: 2026-06-28 02:02:47
Link: View Details
Information published.

CVE-2025-38140 dm: limit swapping tables for devices with zone write plugs
Published on: 2026-06-28 02:00:40
Link: View Details
Information published.

CVE-2024-42107 ice: Don't process extts if PTP is disabled
Published on: 2026-06-28 02:02:05
Link: View Details
Information published.

CVE-2024-42064 drm/amd/display: Skip pipe if the pipe idx not set properly
Published on: 2026-06-28 01:41:27
Link: View Details
Information published.

CVE-2024-42065 drm/xe: Add a NULL check in xe_ttm_stolen_mgr_init
Published on: 2026-06-28 01:42:34
Link: View Details
Information published.

CVE-2024-42066 drm/xe: Fix potential integer overflow in page size calculation
Published on: 2026-06-28 01:42:01
Link: View Details
Information published.

CVE-2024-41045 bpf: Defer work in bpf_timer_cancel_and_free
Published on: 2026-06-28 01:46:39
Link: View Details
Information published.

CVE-2024-42151 bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable
Published on: 2026-06-28 01:59:07
Link: View Details
Information published.

CVE-2024-41008 drm/amdgpu: change vm->task_info handling
Published on: 2026-06-28 01:59:40
Link: View Details
Information published.

CVE-2024-41082 nvme-fabrics: use reserved tag for reg read/write command
Published on: 2026-06-28 01:48:04
Link: View Details
Information published.

CVE-2024-42134 virtio-pci: Check if is_avq is NULL
Published on: 2026-06-28 01:59:36
Link: View Details
Information published.

CVE-2024-40999 net: ena: Add validation for completion descriptors consistency
Published on: 2026-06-28 01:49:54
Link: View Details
Information published.

CVE-2024-42118 drm/amd/display: Do not return negative stream id for array
Published on: 2026-06-28 01:50:11
Link: View Details
Information published.

CVE-2024-39478 crypto: starfive - Do not free stack buffer
Published on: 2026-06-28 01:51:13
Link: View Details
Information published.

CVE-2024-41067 btrfs: scrub: handle RST lookup error correctly
Published on: 2026-06-28 01:55:08
Link: View Details
Information published.

CVE-2024-41023 sched/deadline: Fix task_struct reference leak
Published on: 2026-06-28 01:40:08
Link: View Details
Information published.

CVE-2024-42123 drm/amdgpu: fix double free err_addr pointer warnings
Published on: 2026-06-28 01:43:39
Link: View Details
Information published.

CVE-2024-42155 s390/pkey: Wipe copies of protected- and secure-keys
Published on: 2026-06-28 01:43:05
Link: View Details
Information published.

CVE-2024-42227 drm/amd/display: Fix overlapping copy within dml_core_mode_programming
Published on: 2026-06-28 01:41:44
Link: View Details
Information published.

CVE-2024-42081 drm/xe/xe_devcoredump: Check NULL before assignments
Published on: 2026-06-28 01:42:19
Link: View Details
Information published.

CVE-2024-41085 cxl/mem: Fix no cxl_nvd during pmem region auto-assembling
Published on: 2026-06-28 01:43:23
Link: View Details
Information published.

CVE-2024-42139 ice: Fix improper extts handling
Published on: 2026-06-28 02:00:14
Link: View Details
Information published.

CVE-2024-42158 s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings
Published on: 2026-06-28 01:42:49
Link: View Details
Information published.

CVE-2024-23848 In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.
Published on: 2026-06-28 01:39:56
Link: View Details
Information published.

CVE-2025-21696 mm: clear uffd-wp PTE/PMD state on mremap()
Published on: 2026-06-28 02:05:29
Link: View Details
Information published.

CVE-2025-21768 net: ipv6: fix dst ref loops in rpl, seg6 and ioam6 lwtunnels
Published on: 2026-06-28 01:47:48
Link: View Details
Information published.

CVE-2024-57974 udp: Deal with race between UDP socket address change and rehash
Published on: 2026-06-28 01:48:51
Link: View Details
Information published.

CVE-2025-21801 net: ravb: Fix missing rtnl lock in suspend/resume path
Published on: 2026-06-28 01:50:42
Link: View Details
Information published.

CVE-2024-57976 btrfs: do proper folio cleanup when cow_file_range() failed
Published on: 2026-06-28 01:52:01
Link: View Details
Information published.

CVE-2025-21732 RDMA/mlx5: Fix a race for an ODP MR which leads to CQE with error
Published on: 2026-06-28 01:53:05
Link: View Details
Information published.

CVE-2025-21786 workqueue: Put the pwq after detaching the rescuer from the pool
Published on: 2026-06-28 01:41:56
Link: View Details
Information published.

CVE-2025-21693 mm: zswap: properly synchronize freeing resources during CPU hotunplug
Published on: 2026-06-28 01:42:45
Link: View Details
Information published.

CVE-2024-58006 PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()
Published on: 2026-06-28 01:57:09
Link: View Details
Information published.

CVE-2025-21723 scsi: mpi3mr: Fix possible crash when setting up bsg fails
Published on: 2026-06-28 01:40:53
Link: View Details
Information published.

CVE-2025-21714 RDMA/mlx5: Fix implicit ODP use after free
Published on: 2026-06-28 01:42:13
Link: View Details
Information published.

CVE-2024-58012 ASoC: SOF: Intel: hda-dai: Ensure DAI widget is valid during params
Published on: 2026-06-28 01:40:39
Link: View Details
Information published.

CVE-2024-53050 drm/i915/hdcp: Add encoder check in hdcp2_get_capability
Published on: 2026-06-28 01:58:37
Link: View Details
Information published.

CVE-2024-53090 afs: Fix lock recursion
Published on: 2026-06-28 02:01:04
Link: View Details
Information published.

CVE-2024-53089 LoongArch: KVM: Mark hrtimer to expire in hard interrupt context
Published on: 2026-06-28 02:01:19
Link: View Details
Information published.

CVE-2024-30896 InfluxDB OSS 2.x through 2.7.11 stores the administrative operator token under the default organization which allows authorized users with read access to the authorization resource of the default organization to retrieve the operator token. InfluxDB OSS 1.x, Enterprise, Cloud, Cloud Dedicated and Clustered are not affected. NOTE: The researcher states that InfluxDB allows allAccess administrators to retrieve all raw tokens via an "influx auth ls" command. The supplier indicates that the organizations feature is operating as intended and that users may choose to add users to non-default organizations. A future release of InfluxDB 2.x will remove the ability to retrieve tokens from the API.
Published on: 2026-06-28 01:57:09
Link: View Details
Information published.

CVE-2024-50177 drm/amd/display: fix a UBSAN warning in DML2.1
Published on: 2026-06-28 01:58:51
Link: View Details
Information published.

CVE-2024-50225 btrfs: fix error propagation of split bios
Published on: 2026-06-28 01:56:21
Link: View Details
Information published.

CVE-2024-53056 drm/mediatek: Fix potential NULL dereference in mtk_crtc_destroy()
Published on: 2026-06-28 01:58:09
Link: View Details
Information published.

CVE-2024-50277 dm: fix a crash if blk_alloc_disk fails
Published on: 2026-06-28 01:57:39
Link: View Details
Information published.

CVE-2024-50217 btrfs: fix use-after-free of block device file in __btrfs_free_extra_devids()
Published on: 2026-06-28 01:56:06
Link: View Details
Information published.

CVE-2024-53084 drm/imagination: Break an object reference loop
Published on: 2026-06-28 01:57:54
Link: View Details
Information published.

CVE-2024-50091 dm vdo: don't refer to dedupe_context after releasing it
Published on: 2026-06-28 01:54:30
Link: View Details
Information published.

CVE-2024-50090 drm/xe/oa: Fix overflow in oa batch buffer
Published on: 2026-06-28 01:54:47
Link: View Details
Information published.

CVE-2024-50102 x86: fix user address masking non-canonical speculation issue
Published on: 2026-06-28 01:54:15
Link: View Details
Information published.

CVE-2024-50178 cpufreq: loongson3: Use raw_smp_processor_id() in do_service_request()
Published on: 2026-06-28 01:57:25
Link: View Details
Information published.

CVE-2024-53051 drm/i915/hdcp: Add encoder check in intel_hdcp_get_capability
Published on: 2026-06-28 01:58:23
Link: View Details
Information published.

CVE-2024-57872 scsi: ufs: pltfrm: Dellocate HBA during ufshcd_pltfrm_remove()
Published on: 2026-06-28 02:03:52
Link: View Details
Information published.

CVE-2024-56775 drm/amd/display: Fix handling of plane refcount
Published on: 2026-06-28 02:02:51
Link: View Details
Information published.

CVE-2024-57875 block: RCU protect disk->conv_zones_bitmap
Published on: 2026-06-28 01:52:33
Link: View Details
Information published.

CVE-2024-41932 sched: fix warning in sched_setaffinity
Published on: 2026-06-28 01:52:49
Link: View Details
Information published.

CVE-2024-57804 scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs
Published on: 2026-06-28 01:54:08
Link: View Details
Information published.

CVE-2024-57898 wifi: cfg80211: clear link ID from bitmap during link delete after clean up
Published on: 2026-06-28 01:55:22
Link: View Details
Information published.

CVE-2025-21635 rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy
Published on: 2026-06-28 01:39:56
Link: View Details
Information published.

CVE-2025-21649 net: hns3: fix kernel crash when 1588 is sent on HIP08 devices
Published on: 2026-06-28 02:04:08
Link: View Details
Information published.

CVE-2025-21634 cgroup/cpuset: remove kernfs active break
Published on: 2026-06-28 02:05:00
Link: View Details
Information published.

CVE-2024-57809 PCI: imx6: Fix suspend/resume support on i.MX6QDL
Published on: 2026-06-28 01:48:36
Link: View Details
Information published.

CVE-2024-56782 ACPI: x86: Add adev NULL check to acpi_quirk_skip_serdev_enumeration()
Published on: 2026-06-28 02:03:07
Link: View Details
Information published.

CVE-2024-47794 bpf: Prevent tailcall infinite loop caused by freplace
Published on: 2026-06-28 01:55:52
Link: View Details
Information published.

CVE-2024-57857 RDMA/siw: Remove direct link to net_device
Published on: 2026-06-28 01:42:29
Link: View Details
Information published.

CVE-2025-21672 afs: Fix merge preference rule failure condition
Published on: 2026-06-28 02:05:14
Link: View Details
Information published.

CVE-2026-31419 net: bonding: fix use-after-free in bond_xmit_broadcast()
Published on: 2026-06-28 02:05:24
Link: View Details
Information published.

CVE-2026-35387 OpenSSH before 10.3 can use unintended ECDSA algorithms. Listing of any ECDSA algorithm in PubkeyAcceptedAlgorithms or HostbasedAcceptedAlgorithms is misinterpreted to mean all ECDSA algorithms.
Published on: 2026-06-28 02:04:54
Link: View Details
Information published.

CVE-2026-23472 serial: core: fix infinite loop in handle_tx() for PORT_UNKNOWN
Published on: 2026-06-28 02:05:08
Link: View Details
Information published.

CVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure
Published on: 2026-06-28 02:05:37
Link: View Details
Information published.

CVE-2026-4786 Incomplete mitigation of CVE-2026-4519, %action expansion for command injection to webbrowser.open()
Published on: 2026-06-28 02:05:46
Link: View Details
Information published.

CVE-2026-31486 hwmon: (pmbus/core) Protect regulator operations with mutex
Published on: 2026-06-28 02:05:54
Link: View Details
Information published.

CVE-2024-35808 md/dm-raid: don't call md_reap_sync_thread() directly
Published on: 2026-06-28 01:58:53
Link: View Details
Information published.

CVE-2024-35931 drm/amdgpu: Skip do PCI error slot reset during RAS recovery
Published on: 2026-06-28 01:50:27
Link: View Details
Information published.

CVE-2024-36024 drm/amd/display: Disable idle reallow as part of command/gpint execution
Published on: 2026-06-28 01:58:09
Link: View Details
Information published.

CVE-2024-26944 btrfs: zoned: fix use-after-free in do_zone_finish()
Published on: 2026-06-28 02:03:22
Link: View Details
Information published.

CVE-2024-27010 net/sched: Fix mirred deadlock on device recursion
Published on: 2026-06-28 02:00:29
Link: View Details
Information published.

CVE-2024-35794 dm-raid: really frozen sync_thread during suspend
Published on: 2026-06-28 01:53:36
Link: View Details
Information published.

CVE-2024-26962 dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape
Published on: 2026-06-28 02:00:44
Link: View Details
Information published.

CVE-2024-27079 iommu/vt-d: Fix NULL domain on device release
Published on: 2026-06-28 01:40:23
Link: View Details
Information published.

CVE-2019-11254 Kubernetes API Server denial of service vulnerability from malicious YAML payloads
Published on: 2026-06-28 01:41:12
Link: View Details
Information published.

CVE-2023-1386 Qemu: 9pfs: suid/sgid bits not dropped on file write
Published on: 2026-06-28 01:40:39
Link: View Details
Information published.

CVE-2026-2297 SourcelessFileLoader does not use io.open_code()
Published on: 2026-06-28 01:59:24
Link: View Details
Information published.

CVE-2026-4224 Stack overflow parsing XML with deeply nested DTD content models
Published on: 2026-06-28 02:00:08
Link: View Details
Information published.

CVE-2026-3644 Incomplete control character validation in http.cookies
Published on: 2026-06-28 02:00:24
Link: View Details
Information published.

CVE-2026-23278 netfilter: nf_tables: always walk all pending catchall elements
Published on: 2026-06-28 02:00:53
Link: View Details
Information published.

CVE-2026-23276 net: add xmit recursion limit to tunnel xmit functions
Published on: 2026-06-28 02:01:08
Link: View Details
Information published.

CVE-2026-3634 Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type header
Published on: 2026-06-28 02:01:23
Link: View Details
Information published.

CVE-2026-3632 Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames
Published on: 2026-06-28 02:01:38
Link: View Details
Information published.

CVE-2026-23377 ice: change XDP RxQ frag_size from DMA write length to xdp.frame_sz
Published on: 2026-06-28 02:02:56
Link: View Details
Information published.

CVE-2026-23383 bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing
Published on: 2026-06-28 02:03:12
Link: View Details
Information published.

CVE-2026-23371 sched/deadline: Fix missing ENQUEUE_REPLENISH during PI de-boosting
Published on: 2026-06-28 02:03:44
Link: View Details
Information published.

CVE-2026-5119 Libsoup: libsoup: information disclosure via cleartext transmission of cookies during https tunnel establishment
Published on: 2026-06-28 02:04:37
Link: View Details
Information published.

CVE-2026-23240 tls: Fix race condition in tls_sw_cancel_work_tx()
Published on: 2026-06-28 01:59:39
Link: View Details
Information published.

CVE-2026-23247 tcp: secure_seq: add back ports to TS offset
Published on: 2026-06-28 01:59:53
Link: View Details
Information published.

CVE-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection
Published on: 2026-06-28 02:01:51
Link: View Details
Information published.

CVE-2026-3099 Libsoup: libsoup: authentication bypass via digest authentication replay attack
Published on: 2026-06-28 02:02:07
Link: View Details
Information published.

CVE-2025-13462 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling
Published on: 2026-06-28 02:02:25
Link: View Details
Information published.

CVE-2026-23361 PCI: dwc: ep: Flush MSI-X write before unmapping its ATU entry
Published on: 2026-06-28 02:02:40
Link: View Details
Information published.

CVE-2026-23346 arm64: io: Extract user memory type in ioremap_prot()
Published on: 2026-06-28 02:03:29
Link: View Details
Information published.

CVE-2025-49010 OpenSC: Stack-buffer-overflow WRITE in GET RESPONSE
Published on: 2026-06-28 02:04:00
Link: View Details
Information published.

CVE-2025-66038 OpenSC: `sc_compacttlv_find_tag` can return out-of-bounds pointers
Published on: 2026-06-28 02:04:24
Link: View Details
Information published.

CVE-2025-37907 accel/ivpu: Fix locking order in ivpu_job_submit
Published on: 2026-06-28 01:58:23
Link: View Details
Information published.

CVE-2025-37834 mm/vmscan: don't try to reclaim hwpoison folio
Published on: 2026-06-28 01:49:21
Link: View Details
Information published.

CVE-2025-37870 drm/amd/display: prevent hang on link training fail
Published on: 2026-06-28 01:49:37
Link: View Details
Information published.

CVE-2025-37877 iommu: Clear iommu-dma ops on cleanup
Published on: 2026-06-28 01:51:29
Link: View Details
Information published.

CVE-2025-37826 scsi: ufs: core: Add NULL check in ufshcd_mcq_compl_pending_transfer()
Published on: 2026-06-28 01:51:45
Link: View Details
Information published.

CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()
Published on: 2026-06-28 01:54:38
Link: View Details
Information published.

CVE-2025-37856 btrfs: harden block_group::bg_list against list_del() races
Published on: 2026-06-28 01:56:38
Link: View Details
Information published.

CVE-2025-37882 usb: xhci: Fix isochronous Ring Underrun/Overrun event handling
Published on: 2026-06-28 01:56:53
Link: View Details
Information published.

CVE-2025-37861 scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
Published on: 2026-06-28 01:46:23
Link: View Details
Information published.

CVE-2025-37807 bpf: Fix kmemleak warning for percpu hashmap
Published on: 2026-06-28 01:56:22
Link: View Details
Information published.

CVE-2025-37747 perf: Fix hang while freeing sigtrap event
Published on: 2026-06-28 01:50:09
Link: View Details
Information published.

CVE-2025-37750 smb: client: fix UAF in decryption with multichannel
Published on: 2026-06-28 01:50:25
Link: View Details
Information published.

CVE-2023-52586 drm/msm/dpu: Add mutex lock in control vblank irq
Published on: 2026-06-28 01:39:49
Link: View Details
Information published.

CVE-2023-52624 drm/amd/display: Wake DMCUB before executing GPINT commands
Published on: 2026-06-28 01:41:24
Link: View Details
Information published.

CVE-2024-26672 drm/amdgpu: Fix variable 'mca_funcs' dereferenced before NULL check in 'amdgpu_mca_smu_get_mca_entry()'
Published on: 2026-06-28 01:43:59
Link: View Details
Information published.

CVE-2024-26757 md: Don't ignore read-only array in md_check_recovery()
Published on: 2026-06-28 01:43:44
Link: View Details
Information published.

CVE-2024-26758 md: Don't ignore suspended array in md_check_recovery()
Published on: 2026-06-28 01:43:29
Link: View Details
Information published.

CVE-2024-26756 md: Don't register sync_thread for reshape directly
Published on: 2026-06-28 01:41:40
Link: View Details
Information published.

CVE-2024-26914 drm/amd/display: fix incorrect mpc_combine array size
Published on: 2026-06-28 01:57:53
Link: View Details
Information published.

CVE-2024-24856 NULL pointer deference in acpi_db_convert_to_package of Linux acpi module
Published on: 2026-06-28 01:55:38
Link: View Details
Information published.

CVE-2026-27136 Invoking duplicate attributes can cause XSS in golang.org/x/net/html
Published on: 2026-06-28 01:40:16
Link: View Details
Information published.

CVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent
Published on: 2026-06-28 01:41:12
Link: View Details
Information published.

CVE-2026-9150 Libsolv: stack-based buffer overflow in libsolv's debian metadata parser when handling sha384/sha512 checksums
Published on: 2026-06-28 01:40:36
Link: View Details
Information published.

CVE-2026-9149 Libsolv: heap buffer overflow in libsolv repo_add_solv via negative maxsize from crafted .solv file
Published on: 2026-06-28 01:40:54
Link: View Details
Information published.

CVE-2026-45877 HID: intel-ish-hid: fix NULL-ptr-deref in ishtp_bus_remove_all_clients
Published on: 2026-06-28 01:44:21
Link: View Details
Information published.

CVE-2026-45917 ipvs: do not keep dest_dst if dev is going down
Published on: 2026-06-28 01:44:37
Link: View Details
Information published.

CVE-2026-46059 KVM: nSVM: Always use NextRIP as vmcb02's NextRIP after first L2 VMRUN
Published on: 2026-06-28 01:45:21
Link: View Details
Information published.

CVE-2026-45901 netfilter: nf_tables: revert commit_mutex usage in reset path
Published on: 2026-06-28 01:45:37
Link: View Details
Information published.

CVE-2026-45894 iommu/vt-d: Clear Present bit before tearing down PASID entry
Published on: 2026-06-28 01:45:51
Link: View Details
Information published.

CVE-2026-46054 selinux: fix overlayfs mmap() and mprotect() access checks
Published on: 2026-06-28 01:46:39
Link: View Details
Information published.

CVE-2026-45944 iommu/vt-d: Clear Present bit before tearing down context entry
Published on: 2026-06-28 01:46:54
Link: View Details
Information published.

CVE-2026-45932 bpf: Fix tcx/netkit detach permissions when prog fd isn't given
Published on: 2026-06-28 01:47:08
Link: View Details
Information published.

CVE-2026-45961 gfs2: fix memory leaks in gfs2_fill_super error path
Published on: 2026-06-28 01:47:24
Link: View Details
Information published.

CVE-2026-45940 net: stmmac: fix oops when split header is enabled
Published on: 2026-06-28 01:47:38
Link: View Details
Information published.

CVE-2026-45893 apparmor: Fix & Optimize table creation from possibly unaligned memory
Published on: 2026-06-28 01:47:54
Link: View Details
Information published.

CVE-2026-45943 erofs: fix inline data read failure for ztailpacking pclusters
Published on: 2026-06-28 01:41:26
Link: View Details
Information published.

CVE-2026-46017 mm: fix deferred split queue races during migration
Published on: 2026-06-28 01:41:40
Link: View Details
Information published.

CVE-2026-45897 netfilter: nft_counter: serialize reset with spinlock
Published on: 2026-06-28 01:48:09
Link: View Details
Information published.

CVE-2026-45571 go-git: Crafted repositories may modify main and submodule .git directories
Published on: 2026-06-28 01:48:23
Link: View Details
Information published.

CVE-2026-45859 netfilter: nfnetlink_queue: do shared-unconfirmed check before segmentation
Published on: 2026-06-28 01:41:56
Link: View Details
Information published.

CVE-2026-46032 KVM: nSVM: Triple fault if restore host CR3 fails on nested #VMEXIT
Published on: 2026-06-28 01:42:12
Link: View Details
Information published.

CVE-2026-46014 KVM: SVM: Add missing save/restore handling of LBR MSRs
Published on: 2026-06-28 01:42:57
Link: View Details
Information published.

CVE-2026-45861 gfs2: Fix slab-use-after-free in qd_put
Published on: 2026-06-28 01:43:12
Link: View Details
Information published.

CVE-2026-45963 ASoC: nau8821: Cancel delayed work on component remove
Published on: 2026-06-28 01:43:40
Link: View Details
Information published.

CVE-2026-42250 Off-by-One Leading to Out-of-Bounds Write in bzip2
Published on: 2026-06-28 01:49:07
Link: View Details
Information published.

CVE-2026-46158 mptcp: pm: ADD_ADDR rtx: always decrease sk refcount
Published on: 2026-06-28 01:49:23
Link: View Details
Information published.

CVE-2026-46170 mptcp: pm: ADD_ADDR rtx: free sk if last
Published on: 2026-06-28 01:51:43
Link: View Details
Information published.

CVE-2026-46175 f2fs: fix fsck inconsistency caused by FGGC of node block
Published on: 2026-06-28 01:49:54
Link: View Details
Information published.

CVE-2026-46153 8021q: delete cleared egress QoS mappings
Published on: 2026-06-28 01:50:09
Link: View Details
Information published.

CVE-2026-46241 spi: mpc52xx: fix use-after-free on registration failure
Published on: 2026-06-28 01:51:58
Link: View Details
Information published.

CVE-2026-46147 KVM: arm64: Fix pin leak and publication ordering in __pkvm_init_vcpu()
Published on: 2026-06-28 01:50:24
Link: View Details
Information published.

CVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardown
Published on: 2026-06-28 01:50:38
Link: View Details
Information published.

CVE-2026-46181 RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()
Published on: 2026-06-28 01:51:12
Link: View Details
Information published.

CVE-2026-46242 eventpoll: fix ep_remove struct eventpoll / struct file UAF
Published on: 2026-06-28 01:52:13
Link: View Details
Information published.

CVE-2026-6324 Libsoup: libsoup: http request smuggling via unsigned to signed conversion error
Published on: 2026-06-28 01:52:47
Link: View Details
Information published.

CVE-2026-43059 Bluetooth: MGMT: Fix list corruption and UAF in command complete handlers
Published on: 2026-06-28 01:58:30
Link: View Details
Information published.

CVE-2026-45973 RDMA/mlx5: Fix UMR hang in LAG error state unload
Published on: 2026-06-28 01:44:51
Link: View Details
Information published.

CVE-2026-46071 KVM: nSVM: Avoid clearing VMCB_LBR in vmcb12
Published on: 2026-06-28 01:45:06
Link: View Details
Information published.

CVE-2026-46066 ceph: fix num_ops off-by-one when crypto allocation fails
Published on: 2026-06-28 01:46:10
Link: View Details
Information published.

CVE-2026-45855 ata: libata-scsi: avoid Non-NCQ command starvation
Published on: 2026-06-28 01:46:24
Link: View Details
Information published.

CVE-2026-45570 go-git: Improper single-quote escaping in go-git SSH transport
Published on: 2026-06-28 01:48:38
Link: View Details
Information published.

CVE-2026-45949 hwrng: core - use RCU and work_struct to fix race condition
Published on: 2026-06-28 01:42:26
Link: View Details
Information published.

CVE-2026-46044 ipmi:ssif: Clean up kthread on errors
Published on: 2026-06-28 01:42:42
Link: View Details
Information published.

CVE-2026-45934 btrfs: fix EEXIST abort due to non-consecutive gaps in chunk allocation
Published on: 2026-06-28 01:43:27
Link: View Details
Information published.

CVE-2026-46090 ALSA: aloop: Fix peer runtime UAF during format-change stop
Published on: 2026-06-28 01:43:54
Link: View Details
Information published.

CVE-2026-46076 KVM: nSVM: Raise #UD if unhandled VMMCALL isn't intercepted by L1
Published on: 2026-06-28 01:44:08
Link: View Details
Information published.

CVE-2026-46200 spi: mpc52xx: fix controller deregistration
Published on: 2026-06-28 01:51:28
Link: View Details
Information published.

CVE-2026-46171 riscv: kvm: fix vector context allocation leak
Published on: 2026-06-28 01:49:36
Link: View Details
Information published.

CVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)
Published on: 2026-06-28 01:50:53
Link: View Details
Information published.

CVE-2026-44839 RabbitMQ: Unsanitized vhost names allow for XSS in management UI
Published on: 2026-06-28 01:52:31
Link: View Details
Information published.

CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access
Published on: 2026-06-28 02:01:35
Link: View Details
Information published.

CVE-2025-39779 btrfs: subpage: keep TOWRITE tag until folio is cleaned
Published on: 2026-06-28 01:40:51
Link: View Details
Information published.

CVE-2025-39754 mm/smaps: fix race between smaps_hugetlb_range and migration
Published on: 2026-06-28 01:41:05
Link: View Details
Information published.

CVE-2025-39762 drm/amd/display: add null check
Published on: 2026-06-28 01:41:19
Link: View Details
Information published.

CVE-2025-39746 wifi: ath10k: shutdown driver when hardware is unreliable
Published on: 2026-06-28 01:41:35
Link: View Details
Information published.

CVE-2025-39747 drm/msm: Add error handling for krealloc in metadata setup
Published on: 2026-06-28 01:41:51
Link: View Details
Information published.

CVE-2025-39789 crypto: x86/aegis - Add missing error checks
Published on: 2026-06-28 01:42:06
Link: View Details
Information published.

CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer
Published on: 2026-06-28 01:42:23
Link: View Details
Information published.

CVE-2025-39850 vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects
Published on: 2026-06-28 01:43:26
Link: View Details
Information published.

CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog
Published on: 2026-06-28 01:43:42
Link: View Details
Information published.

CVE-2025-38705 drm/amd/pm: fix null pointer access
Published on: 2026-06-28 02:04:57
Link: View Details
Information published.

CVE-2025-38722 habanalabs: fix UAF in export_dmabuf()
Published on: 2026-06-28 02:05:14
Link: View Details
Information published.

CVE-2025-38717 net: kcm: Fix race condition in kcm_unattach()
Published on: 2026-06-28 02:05:28
Link: View Details
Information published.

CVE-2025-39705 drm/amd/display: fix a Null pointer dereference vulnerability
Published on: 2026-06-28 02:05:40
Link: View Details
Information published.

CVE-2025-39677 net/sched: Fix backlog accounting in qdisc_dequeue_internal
Published on: 2026-06-28 01:40:04
Link: View Details
Information published.

CVE-2025-39707 drm/amdgpu: check if hubbub is NULL in debugfs/amdgpu_dm_capabilities
Published on: 2026-06-28 01:40:19
Link: View Details
Information published.

CVE-2025-9901 Libsoup: improper handling of http vary header in libsoup caching
Published on: 2026-06-28 01:40:36
Link: View Details
Information published.

CVE-2025-39810 bnxt_en: Fix memory corruption when FW resources change during ifdown
Published on: 2026-06-28 01:42:38
Link: View Details
Information published.

CVE-2025-39851 vxlan: Fix NPD when refreshing an FDB entry with a nexthop object
Published on: 2026-06-28 01:42:55
Link: View Details
Information published.

CVE-2025-39862 wifi: mt76: mt7915: fix list corruption after hardware restart
Published on: 2026-06-28 01:43:10
Link: View Details
Information published.

CVE-2024-58241 Bluetooth: hci_core: Disable works on hci_unregister_dev
Published on: 2026-06-28 01:53:30
Link: View Details
Information published.

CVE-2026-46245 drm/amd/display: Fix dc_link NULL handling in HPD init
Published on: 2026-06-28 01:53:37
Link: View Details
Information published.

CVE-2026-46252 regulator: core: fix locking in regulator_resolve_supply() error path
Published on: 2026-06-28 01:54:22
Link: View Details
Information published.

CVE-2026-46244 netfilter: nft_inner: Fix IPv6 inner_thoff desync
Published on: 2026-06-28 01:54:38
Link: View Details
Information published.

CVE-2026-42504 Quadratic complexity in WordDecoder.DecodeHeader in mime
Published on: 2026-06-28 01:55:04
Link: View Details
Information published.

CVE-2026-46275 Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths
Published on: 2026-06-28 01:57:02
Link: View Details
Information published.

CVE-2026-46282 iio: frequency: admv1013: fix NULL pointer dereference on str
Published on: 2026-06-28 01:57:17
Link: View Details
Information published.

CVE-2026-46302 selinux: allow multiple opens of /sys/fs/selinux/policy
Published on: 2026-06-28 01:57:31
Link: View Details
Information published.

CVE-2026-46314 drm/v3d: Reject empty multisync extension to prevent infinite loop
Published on: 2026-06-28 01:57:46
Link: View Details
Information published.

CVE-2025-71315 drm/vkms: Convert to DRM's vblank timer
Published on: 2026-06-28 01:58:01
Link: View Details
Information published.

CVE-2026-46323 net: gro: don't merge zcopy skbs
Published on: 2026-06-28 01:59:04
Link: View Details
Information published.

CVE-2026-46324 netfilter: nf_tables: use list_del_rcu for netlink hooks
Published on: 2026-06-28 01:59:18
Link: View Details
Information published.

CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling
Published on: 2026-06-28 02:00:21
Link: View Details
Information published.

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow
Published on: 2026-06-28 02:00:52
Link: View Details
Information published.

CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
Published on: 2026-06-28 02:01:05
Link: View Details
Information published.

CVE-2026-12003 CPython >3.11 Insecure Input Validation resulting in privilege escalation
Published on: 2026-06-28 02:01:20
Link: View Details
Information published.

CVE-2026-52953 iommu/vt-d: Fix oops due to out of scope access
Published on: 2026-06-28 01:55:49
Link: View Details
Information published.

CVE-2026-56405 libexpat before 2.8.2 has an integer overflow in getAttributeId.
Published on: 2026-06-28 01:59:02
Link: View Details
Information published.

CVE-2026-53005 af_unix: Drop all SCM attributes for SOCKMAP.
Published on: 2026-06-28 01:56:22
Link: View Details
Information published.

CVE-2026-53239 xfrm: policy: fix use-after-free on inexact bin in xfrm_policy_bysel_ctx()
Published on: 2026-06-28 01:44:45
Link: View Details
Information published.

CVE-2026-52912 netfilter: nf_queue: hold bridge skb->dev while queued
Published on: 2026-06-28 01:45:04
Link: View Details
Information published.

CVE-2026-55653 Openssh: double free in red hat enterprise linux versions of openssh dh-gex client path during fips known-group validation leads to client-side denial of service
Published on: 2026-06-28 02:01:14
Link: View Details
Information published.

CVE-2026-56406 libexpat before 2.8.2 has an integer overflow in XML_ParseBuffer because it lacked a check that was present in XML_Parse.
Published on: 2026-06-28 01:57:31
Link: View Details
Information published.

CVE-2026-53213 drm/vc4: fix krealloc() memory leak
Published on: 2026-06-28 01:58:03
Link: View Details
Information published.

CVE-2026-52931 batman-adv: tp_meter: avoid use of uninit sender vars
Published on: 2026-06-28 01:58:22
Link: View Details
Information published.

CVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions
Published on: 2026-06-28 02:01:00
Link: View Details
Information published.

CVE-2026-53147 thunderbolt: Validate XDomain request packet size before type cast
Published on: 2026-06-28 01:59:32
Link: View Details
Information published.

CVE-2026-9675 undici WebSocket client vulnerable to denial of service via cumulative fragment bypass
Published on: 2026-06-28 02:03:06
Link: View Details
Information published.

CVE-2026-53159 misc: fastrpc: fix DMA address corruption due to find_vma misuse
Published on: 2026-06-28 01:59:53
Link: View Details
Information published.

CVE-2026-56131 libexpat before 2.8.2 lacks handler call depth tracking for calls to XML_ResumeParser from within handlers in cases of a policy violation. Thus, a use-after-free can occur (similar to the CVE-2026-50219 situation).
Published on: 2026-06-28 01:56:22
Link: View Details
Information published.

CVE-2026-53274 net/smc: fix sleep-inside-lock in __smc_setsockopt() causing local DoS
Published on: 2026-06-28 01:47:38
Link: View Details
Information published.

CVE-2026-52915 netfilter: ip6t_hbh: reject oversized option lists
Published on: 2026-06-28 01:48:36
Link: View Details
Information published.

CVE-2026-9697 undici vulnerable to TLS certificate validation bypass via dropped requestTls in SOCKS5 ProxyAgent
Published on: 2026-06-28 02:04:02
Link: View Details
Information published.

CVE-2026-53230 net/mlx5: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list
Published on: 2026-06-28 01:47:03
Link: View Details
Information published.

CVE-2026-52956 libceph: Fix potential out-of-bounds access in __ceph_x_decrypt()
Published on: 2026-06-28 02:02:53
Link: View Details
Information published.

CVE-2026-53194 USB: serial: kl5kusb105: fix bulk-out buffer overflow
Published on: 2026-06-28 02:00:45
Link: View Details
Information published.

CVE-2026-53115 bus: fsl-mc: use generic driver_override infrastructure
Published on: 2026-06-28 02:04:07
Link: View Details
Information published.

CVE-2026-53161 misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context
Published on: 2026-06-28 02:03:12
Link: View Details
Information published.

CVE-2026-53163 locking/rtmutex: Skip remove_waiter() when waiter is not enqueued
Published on: 2026-06-28 02:01:33
Link: View Details
Information published.

CVE-2026-53254 Bluetooth: RFCOMM: validate skb length in MCC handlers
Published on: 2026-06-28 01:49:27
Link: View Details
Information published.

CVE-2026-52916 batman-adv: frag: disallow unicast fragment in fragment
Published on: 2026-06-28 02:03:31
Link: View Details
Information published.

CVE-2026-53017 f2fs: fix data loss caused by incorrect use of nat_entry flag
Published on: 2026-06-28 02:04:42
Link: View Details
Information published.

CVE-2026-53089 bpf: Fix use-after-free in offloaded map/prog info fill
Published on: 2026-06-28 02:04:55
Link: View Details
Information published.

CVE-2026-53158 misc: fastrpc: Fix NULL pointer dereference in rpmsg callback
Published on: 2026-06-28 02:02:26
Link: View Details
Information published.

CVE-2026-53120 PCI: use generic driver_override infrastructure
Published on: 2026-06-28 02:05:10
Link: View Details
Information published.

CVE-2026-53151 rxrpc: Fix the ACK parser to extract the SACK table for parsing
Published on: 2026-06-28 02:05:25
Link: View Details
Information published.

CVE-2026-52934 batman-adv: tvlv: reject oversized TVLV packets
Published on: 2026-06-28 01:50:19
Link: View Details
Information published.

CVE-2026-53267 netfilter: nft_ct: bail out on template ct in get eval
Published on: 2026-06-28 01:51:16
Link: View Details
Information published.

CVE-2026-53249 ipv4: restrict IPOPT_SSRR and IPOPT_LSRR options
Published on: 2026-06-28 02:03:15
Link: View Details
Information published.

CVE-2026-52943 net: skbuff: fix missing zerocopy reference in pskb_carve helpers
Published on: 2026-06-28 01:40:07
Link: View Details
Information published.

CVE-2026-53139 drm/v3d: Skip CSD when it has zeroed workgroups
Published on: 2026-06-28 02:03:28
Link: View Details
Information published.

CVE-2026-52942 netfilter: nf_log: validate MAC header was set before dumping it
Published on: 2026-06-28 01:40:58
Link: View Details
Information published.

CVE-2026-52957 libceph: Fix potential null-ptr-deref in decode_choose_args()
Published on: 2026-06-28 01:41:14
Link: View Details
Information published.

CVE-2026-53131 netfilter: require Ethernet MAC header before using eth_hdr()
Published on: 2026-06-28 02:02:40
Link: View Details
Information published.

CVE-2026-53177 bnxt_en: Fix NULL pointer dereference
Published on: 2026-06-28 01:40:25
Link: View Details
Information published.

CVE-2026-53198 ksmbd: fix use-after-free of a deferred file_lock on double SMB2_CANCEL
Published on: 2026-06-28 01:42:02
Link: View Details
Information published.

CVE-2026-53214 ipv6: Fix a potential NPD in cleanup_prefix_route()
Published on: 2026-06-28 01:44:04
Link: View Details
Information published.

CVE-2026-53218 netfilter: nft_exthdr: fix register tracking for F_PRESENT flag
Published on: 2026-06-28 01:43:28
Link: View Details
Information published.

CVE-2026-53097 wifi: mt76: mt7996: fix use-after-free bugs in mt7996_mac_dump_work()
Published on: 2026-06-28 02:06:03
Link: View Details
Information published.

CVE-2026-53107 wifi: libertas: don't kill URBs in interrupt context
Published on: 2026-06-28 02:06:09
Link: View Details
Information published.

CVE-2026-53166 futex/requeue: Prevent NULL pointer dereference in remove_waiter() on self-deadlock
Published on: 2026-06-28 01:43:09
Link: View Details
Information published.

CVE-2026-53220 netfilter: revalidate bridge ports
Published on: 2026-06-28 02:06:26
Link: View Details
Information published.

CVE-2026-53179 staging: rtl8723bs: fix buffer over-read in rtw_update_protection
Published on: 2026-06-28 01:42:54
Link: View Details
Information published.

CVE-2026-53228 ipv6: sit: reload inner IPv6 header after GSO offloads
Published on: 2026-06-28 02:06:40
Link: View Details
Information published.

CVE-2026-53132 vsock/virtio: fix potential unbounded skb queue
Published on: 2026-06-28 01:45:27
Link: View Details
Information published.

CVE-2026-52961 ceph: fix BUG_ON in __ceph_build_xattrs_blob() due to stale blob size
Published on: 2026-06-28 02:06:14
Link: View Details
Information published.

CVE-2026-53208 Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig
Published on: 2026-06-28 01:46:30
Link: View Details
Information published.

CVE-2026-53010 ksmbd: fix use-after-free in smb2_open during durable reconnect
Published on: 2026-06-28 01:40:15
Link: View Details
Information published.

CVE-2026-52937 tap: fix stack info leak in tap_ioctl() SIOCGIFHWADDR
Published on: 2026-06-28 01:45:41
Link: View Details
Information published.

CVE-2026-53109 powerpc/pgtable-frag: Fix bad page state in pte_frag_destroy
Published on: 2026-06-28 01:46:01
Link: View Details
Information published.

CVE-2026-53106 bpf: Do not allow deleting local storage in NMI
Published on: 2026-06-28 01:40:48
Link: View Details
Information published.

CVE-2026-53217 net: mvpp2: sync RX data at the hardware packet offset
Published on: 2026-06-28 01:48:21
Link: View Details
Information published.

CVE-2026-53186 RDMA/srp: bound SRP_RSP sense copy by the received length
Published on: 2026-06-28 01:48:39
Link: View Details
Information published.

CVE-2026-53268 netfilter: conntrack_irc: fix possible out-of-bounds read
Published on: 2026-06-28 01:47:42
Link: View Details
Information published.

CVE-2026-53053 iommu/amd: Fix clone_alias() to use the original device's devid
Published on: 2026-06-28 01:47:22
Link: View Details
Information published.

CVE-2026-52926 batman-adv: clear current gateway during teardown
Published on: 2026-06-28 01:49:10
Link: View Details
Information published.

CVE-2026-52927 netfilter: ebtables: fix OOB read in compat_mtw_from_user
Published on: 2026-06-28 01:41:06
Link: View Details
Information published.

CVE-2026-53219 netfilter: x_tables: avoid leaking percpu counter pointers
Published on: 2026-06-28 01:49:28
Link: View Details
Information published.

CVE-2026-53157 net: phonet: free phonet_device after RCU grace period
Published on: 2026-06-28 01:50:15
Link: View Details
Information published.

CVE-2026-53102 wifi: mt76: Fix memory leak after mt76_connac_mcu_alloc_sta_req()
Published on: 2026-06-28 01:50:30
Link: View Details
Information published.

CVE-2026-53247 net: ethernet: mtk_eth_soc: Fix use-after-free in metadata dst teardown
Published on: 2026-06-28 01:49:46
Link: View Details
Information published.

CVE-2026-57452 Vim: Out-of-bounds Read with libsodium-encrypted Files
Published on: 2026-06-28 01:53:16
Link: View Details
Information published.

CVE-2026-55895 Vim: Vimscript Code Injection in netrw NetrwLocalRmFile() via crafted filename
Published on: 2026-06-28 01:53:45
Link: View Details
Information published.

CVE-2026-53221 ip6_vti: fix incorrect tunnel matching in vti6_tnl_lookup()
Published on: 2026-06-28 01:42:54
Link: View Details
Information published.

CVE-2026-55693 Vim: Out-of-bounds Write in Spell File Word Count
Published on: 2026-06-28 01:53:59
Link: View Details
Information published.

CVE-2026-53253 Bluetooth: bnep: reject short frames before parsing
Published on: 2026-06-28 01:50:49
Link: View Details
Information published.

CVE-2026-53196 USB: serial: io_ti: fix heap overflow in get_manuf_info()
Published on: 2026-06-28 01:43:13
Link: View Details
Information published.

CVE-2026-57455 Vim: Stack out-of-bounds write in `spell_soundfold_sofo()` via an over-length `soundfold()` argument
Published on: 2026-06-28 01:53:31
Link: View Details
Information published.

CVE-2026-53025 greybus: raw: fix use-after-free on cdev close
Published on: 2026-06-28 01:51:03
Link: View Details
Information published.

CVE-2026-57456 Vim: Arbitrary Code Execution via Python Omni-Completion Docstrings
Published on: 2026-06-28 01:54:14
Link: View Details
Information published.

CVE-2026-57453 Vim: PowerShell Command Injection via Unescaped Filename in zip.vim Extraction
Published on: 2026-06-28 01:54:57
Link: View Details
Information published.

CVE-2026-53215 net: mvpp2: refill RX buffers before XDP or skb use
Published on: 2026-06-28 01:51:57
Link: View Details
Information published.

CVE-2026-55892 Vim: Out-of-bounds Write in Spell File Prefix Dump
Published on: 2026-06-28 01:54:30
Link: View Details
Information published.

CVE-2026-53154 mm/hugetlb: restore reservation on error in hugetlb folio copy paths
Published on: 2026-06-28 01:52:51
Link: View Details
Information published.

CVE-2026-52941 net/smc: avoid NULL deref of conn->lnk in smc_msg_event tracepoint
Published on: 2026-06-28 01:43:33
Link: View Details
Information published.

CVE-2026-53263 6lowpan: fix off-by-one in multicast context address compression
Published on: 2026-06-28 01:53:12
Link: View Details
Information published.

CVE-2026-52947 net: qrtr: fix refcount saturation and potential UAF in qrtr_port_remove
Published on: 2026-06-28 01:52:32
Link: View Details
Information published.

CVE-2026-52991 sched/psi: fix race between file release and pressure write
Published on: 2026-06-28 01:53:44
Link: View Details
Information published.

CVE-2026-52988 netfilter: nf_tables: join hook list via splice_list_rcu() in commit phase
Published on: 2026-06-28 01:53:58
Link: View Details
Information published.

CVE-2026-57454 Vim: Out-of-bounds Read with Text Properties
Published on: 2026-06-28 01:55:13
Link: View Details
Information published.

CVE-2026-46243 smb: client: reject userspace cifs.spnego descriptions
Published on: 2026-06-28 01:53:04
Link: View Details
Information published.

CVE-2026-8643 pip can extract console_scripts and gui_scripts outside installation directory
Published on: 2026-06-28 01:53:21
Link: View Details
Information published.

CVE-2026-46254 AppArmor: Allow apparmor to handle unaligned dfa tables
Published on: 2026-06-28 01:53:52
Link: View Details
Information published.

CVE-2025-71313 PCI: endpoint: Add missing NULL check for alloc_workqueue()
Published on: 2026-06-28 01:54:07
Link: View Details
Information published.

CVE-2026-42507 Arbitrary inputs are included in errors without any escaping in net/textproto
Published on: 2026-06-28 01:55:29
Link: View Details
Information published.

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow
Published on: 2026-06-28 01:55:48
Link: View Details
Information published.

CVE-2026-27145 Inefficient candidate hostname parsing in crypto/x509
Published on: 2026-06-28 01:56:13
Link: View Details
Information published.

CVE-2026-3276 Potential DoS via quadratic complexity in unicodedata.normalize()
Published on: 2026-06-28 01:56:28
Link: View Details
Information published.

CVE-2026-7774 tarfile.data_filter path traversal bypass allows writing outside the extraction directory
Published on: 2026-06-28 01:56:44
Link: View Details
Information published.

CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service
Published on: 2026-06-28 01:58:48
Link: View Details
Information published.

CVE-2026-46325 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE
Published on: 2026-06-28 01:59:35
Link: View Details
Information published.

CVE-2026-46330 Revert "net/smc: Introduce TCP ULP support"
Published on: 2026-06-28 01:59:50
Link: View Details
Information published.

CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption
Published on: 2026-06-28 02:00:06
Link: View Details
Information published.

CVE-2026-43973 gun HTTP/1.1 response buffer has no size limit allowing server-controlled memory exhaustion
Published on: 2026-06-28 02:00:37
Link: View Details
Information published.

CVE-2026-52948 i2c: dev: prevent integer overflow in I2C_TIMEOUT ioctl
Published on: 2026-06-28 01:54:41
Link: View Details
Information published.

CVE-2026-53136 drm/amd/display: Clamp VBIOS HDMI retimer register count to array size
Published on: 2026-06-28 01:56:08
Link: View Details
Information published.

CVE-2026-53227 net: openvswitch: fix possible kfree_skb of ERR_PTR
Published on: 2026-06-28 01:45:42
Link: View Details
Information published.

CVE-2026-56407 libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen.
Published on: 2026-06-28 01:58:18
Link: View Details
Information published.

CVE-2026-56404 libexpat before 2.8.2 has an integer overflow in addBinding.
Published on: 2026-06-28 01:56:43
Link: View Details
Information published.

CVE-2026-53207 mm/memory-failure: fix hugetlb_lock AA deadlock in get_huge_page_for_hwpoison
Published on: 2026-06-28 01:56:41
Link: View Details
Information published.

CVE-2026-52913 batman-adv: v: stop OGMv2 on disabled interface
Published on: 2026-06-28 01:46:22
Link: View Details
Information published.

CVE-2026-53027 fs/ntfs3: fix missing run load for vcn0 in attr_data_get_block_locked()
Published on: 2026-06-28 01:57:28
Link: View Details
Information published.

CVE-2026-56403 libexpat before 2.8.2 has an integer overflow in storeAtts.
Published on: 2026-06-28 01:57:55
Link: View Details
Information published.

CVE-2026-53238 netlabel: validate unlabeled address and mask attribute lengths
Published on: 2026-06-28 01:46:43
Link: View Details
Information published.

CVE-2026-52921 netfilter: ipset: stop hash:* range iteration at end
Published on: 2026-06-28 01:57:14
Link: View Details
Information published.

CVE-2026-53024 greybus: raw: fix use-after-free if write is called after disconnect
Published on: 2026-06-28 01:58:55
Link: View Details
Information published.

CVE-2026-53270 ipvs: clear the svc scheduler ptr early on edit
Published on: 2026-06-28 01:57:45
Link: View Details
Information published.

CVE-2026-11525 undici vulnerable to Set-Cookie SameSite attribute downgrade via permissive substring matching
Published on: 2026-06-28 02:00:42
Link: View Details
Information published.

CVE-2026-56132 In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers.
Published on: 2026-06-28 01:57:07
Link: View Details
Information published.

CVE-2026-53129 fs/mbcache: cancel shrink work before destroying the cache
Published on: 2026-06-28 01:56:56
Link: View Details
Information published.

CVE-2026-48142 NGINX ngx_http_charset_module vulnerability
Published on: 2026-06-28 01:59:55
Link: View Details
Information published.

CVE-2026-53242 ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams
Published on: 2026-06-28 01:46:06
Link: View Details
Information published.

CVE-2026-53236 tcp: restrict SO_ATTACH_FILTER to priv users
Published on: 2026-06-28 01:59:13
Link: View Details
Information published.

CVE-2026-53118 vdpa: use generic driver_override infrastructure
Published on: 2026-06-28 01:47:19
Link: View Details
Information published.

CVE-2026-56412 libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219.
Published on: 2026-06-28 01:59:25
Link: View Details
Information published.

CVE-2026-53266 netfilter: bridge: make ebt_snat ARP rewrite writable
Published on: 2026-06-28 01:58:40
Link: View Details
Information published.

CVE-2026-53138 drm/amd/display: Bound VBIOS record-chain walk loops
Published on: 2026-06-28 02:00:27
Link: View Details
Information published.

CVE-2026-53146 thunderbolt: Limit XDomain response copy to actual frame size
Published on: 2026-06-28 02:00:12
Link: View Details
Information published.

CVE-2026-53264 net/sched: act_api: use RCU with deferred freeing for action lifecycle
Published on: 2026-06-28 01:47:58
Link: View Details
Information published.

CVE-2026-3195 Qemu-kvm: virtio-snd: heap buffer overflow in virtio_snd_pcm_in_cb (incomplete fix for cve-2024-7730)
Published on: 2026-06-28 02:05:37
Link: View Details
Information published.

CVE-2026-3196 Qemu-kvm: virtio-snd: integer overflow leading to unbounded memory allocation
Published on: 2026-06-28 02:05:46
Link: View Details
Information published.

CVE-2026-53182 wifi: nl80211: reject oversized EMA RNR lists
Published on: 2026-06-28 01:48:17
Link: View Details
Information published.

CVE-2026-11972 tarfile opened in streaming mode mishandles EOF
Published on: 2026-06-28 02:05:02
Link: View Details
Information published.

CVE-2026-52924 sctp: purge outqueue on stale COOKIE-ECHO handling
Published on: 2026-06-28 02:01:01
Link: View Details
Information published.

CVE-2026-0864 Configuration Injection via Carriage Return (\r) in write() method
Published on: 2026-06-28 02:05:23
Link: View Details
Information published.

CVE-2026-55199 libssh2 - Pre-Authentication DoS via SSH_MSG_EXT_INFO Handler
Published on: 2026-06-28 01:49:09
Link: View Details
Information published.

CVE-2026-55200 libssh2 - Out-of-Bounds Write via Unchecked packet_length in transport.c
Published on: 2026-06-28 01:49:43
Link: View Details
Information published.

CVE-2026-53246 sctp: validate cached peer INIT chunk length in COOKIE_ECHO processing
Published on: 2026-06-28 02:01:48
Link: View Details
Information published.

CVE-2026-53150 thunderbolt: Reject zero-length property entries in validator
Published on: 2026-06-28 02:01:19
Link: View Details
Information published.

CVE-2026-53149 thunderbolt: Bound root directory content to block size
Published on: 2026-06-28 02:03:51
Link: View Details
Information published.

CVE-2026-53181 vsock/vmci: fix sk_ack_backlog leak on failed handshake
Published on: 2026-06-28 02:02:07
Link: View Details
Information published.

CVE-2026-53018 f2fs: avoid reading already updated pages during GC
Published on: 2026-06-28 02:04:27
Link: View Details
Information published.

CVE-2025-15661 libssh2 - Heap Buffer Over-read via sftp_symlink() in sftp.c
Published on: 2026-06-28 01:49:59
Link: View Details
Information published.

CVE-2026-53184 udp: clear skb->dev before running a sockmap verdict
Published on: 2026-06-28 01:50:39
Link: View Details
Information published.

CVE-2026-52923 ipc: limit next_id allocation to the valid ID range
Published on: 2026-06-28 02:02:57
Link: View Details
Information published.

CVE-2026-53178 staging: rtl8723bs: rtw_mlme: add bounds checks before ie_length subtraction
Published on: 2026-06-28 01:40:40
Link: View Details
Information published.

CVE-2026-53143 drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11
Published on: 2026-06-28 01:50:58
Link: View Details
Information published.

CVE-2026-53209 Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend
Published on: 2026-06-28 01:41:33
Link: View Details
Information published.

CVE-2026-53275 ipv6: mcast: Fix use-after-free when processing MLD queries
Published on: 2026-06-28 02:03:47
Link: View Details
Information published.

CVE-2026-53192 ALSA: timer: Fix UAF at snd_timer_user_params()
Published on: 2026-06-28 02:04:02
Link: View Details
Information published.

CVE-2026-52960 ceph: put folios not suitable for writeback
Published on: 2026-06-28 01:41:47
Link: View Details
Information published.

CVE-2026-53133 RDMA/umem: Fix truncation for block sizes >= 4G
Published on: 2026-06-28 01:51:34
Link: View Details
Information published.

CVE-2026-52919 batman-adv: fix tp_meter counter underflow during shutdown
Published on: 2026-06-28 01:42:22
Link: View Details
Information published.

CVE-2026-53078 bpf: Fix same-register dst/src OOB read and pointer leak in sock_ops
Published on: 2026-06-28 02:04:25
Link: View Details
Information published.

CVE-2026-53009 ice: fix double-free of tx_buf skb
Published on: 2026-06-28 02:04:39
Link: View Details
Information published.

CVE-2026-52946 fs/fcntl: fix SOFTIRQ-unsafe lock order in fasync signaling
Published on: 2026-06-28 02:05:11
Link: View Details
Information published.

CVE-2026-53255 Bluetooth: MGMT: validate advertising TLV before type checks
Published on: 2026-06-28 02:04:56
Link: View Details
Information published.

CVE-2026-53113 wifi: ath11k: fix memory leaks in beacon template setup
Published on: 2026-06-28 01:43:45
Link: View Details
Information published.

CVE-2026-53015 erofs: unify lcn as u64 for 32-bit platforms
Published on: 2026-06-28 01:42:38
Link: View Details
Information published.

CVE-2026-53265 dm cache policy smq: check allocation under invalidate lock
Published on: 2026-06-28 01:51:53
Link: View Details
Information published.

CVE-2026-52922 batman-adv: dat: handle forward allocation error
Published on: 2026-06-28 01:52:13
Link: View Details
Information published.

CVE-2026-53237 gpio: mvebu: fix NULL pointer dereference in suspend/resume
Published on: 2026-06-28 02:05:51
Link: View Details
Information published.

CVE-2026-52954 libceph: handle rbtree insertion error in decode_choose_args()
Published on: 2026-06-28 02:05:25
Link: View Details
Information published.

CVE-2026-53148 thunderbolt: Clamp XDomain response data copy to allocation size
Published on: 2026-06-28 02:05:41
Link: View Details
Information published.

CVE-2026-53000 netfilter: nat: use kfree_rcu to release ops
Published on: 2026-06-28 01:44:38
Link: View Details
Information published.

CVE-2026-53225 sctp: fix uninit-value in __sctp_rcv_asconf_lookup()
Published on: 2026-06-28 02:06:33
Link: View Details
Information published.

CVE-2026-53262 l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl()
Published on: 2026-06-28 02:06:20
Link: View Details
Information published.

CVE-2026-53245 net/802/mrp: fix vector attribute parsing in mrp_pdu_parse_vecattr
Published on: 2026-06-28 01:45:13
Link: View Details
Information published.

CVE-2026-53199 hv_netvsc: use kmap_local_page in netvsc_copy_to_send_buf
Published on: 2026-06-28 01:41:25
Link: View Details
Information published.

CVE-2026-53258 wifi: fix leak if split 6 GHz scanning fails
Published on: 2026-06-28 01:46:17
Link: View Details
Information published.

CVE-2026-53160 misc: fastrpc: fix use-after-free race in fastrpc_map_create
Published on: 2026-06-28 01:40:33
Link: View Details
Information published.

CVE-2026-53183 mptcp: allow subflow rcv wnd to shrink
Published on: 2026-06-28 01:46:50
Link: View Details
Information published.

CVE-2026-53226 gpio: rockchip: fix generic IRQ chip leak on remove
Published on: 2026-06-28 01:47:06
Link: View Details
Information published.

CVE-2026-52930 ipc/shm: serialize orphan cleanup with shm_nattch updates
Published on: 2026-06-28 01:48:01
Link: View Details
Information published.

CVE-2026-53135 drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs
Published on: 2026-06-28 01:41:59
Link: View Details
Information published.

CVE-2026-53080 net/sched: cls_fw: fix NULL dereference of "old" filters before change()
Published on: 2026-06-28 01:42:19
Link: View Details
Information published.

CVE-2026-53108 powerpc/64s: Fix unmap race with PMD migration entries
Published on: 2026-06-28 01:50:00
Link: View Details
Information published.

CVE-2026-53091 net: pull headers in qdisc_pkt_len_segs_init()
Published on: 2026-06-28 01:48:53
Link: View Details
Information published.

CVE-2026-53232 net: phy: clean the sfp upstream if phy probing fails
Published on: 2026-06-28 01:41:39
Link: View Details
Information published.

CVE-2026-52962 ceph: fix a buffer leak in __ceph_setxattr()
Published on: 2026-06-28 01:42:34
Link: View Details
Information published.

CVE-2026-53176 IB/isert: Reject login PDUs shorter than ISER_HEADERS_LEN
Published on: 2026-06-28 01:51:37
Link: View Details
Information published.

CVE-2026-53070 sctp: disable BH before calling udp_tunnel_xmit_skb()
Published on: 2026-06-28 01:51:19
Link: View Details
Information published.

CVE-2026-53156 nvmem: core: fix use-after-free bugs in error paths
Published on: 2026-06-28 01:52:14
Link: View Details
Information published.

CVE-2026-57451 Vim: Out-of-bounds Read in Text Property Count
Published on: 2026-06-28 01:54:43
Link: View Details
Information published.

CVE-2026-53252 Bluetooth: fix memory leak in error path of hci_alloc_dev()
Published on: 2026-06-28 01:53:30
Link: View Details
Information published.

CVE-2026-53320 nilfs2: reject zero bd_oblocknr in nilfs_ioctl_mark_blocks_dirty()
Published on: 2026-06-28 01:02:29
Link: View Details
Information published.

CVE-2026-53296 mailbox: mailbox-test: free channels on probe error
Published on: 2026-06-28 01:02:35
Link: View Details
Information published.

CVE-2026-53292 net: phonet: do not BUG_ON() in pn_socket_autobind() on failed bind
Published on: 2026-06-28 01:02:55
Link: View Details
Information published.

CVE-2026-53284 btrfs: only release the dirty pages io tree after successful writes
Published on: 2026-06-28 01:03:01
Link: View Details
Information published.

CVE-2026-53309 ocfs2/dlm: fix off-by-one in dlm_match_regions() region comparison
Published on: 2026-06-28 01:02:42
Link: View Details
Information published.

CVE-2026-53304 scsi: sg: Resolve soft lockup issue when opening /dev/sgX
Published on: 2026-06-28 01:02:48
Link: View Details
Information published.

CVE-2026-53313 drm/amd/display: Avoid NULL dereference in dc_dmub_srv error paths
Published on: 2026-06-28 01:03:14
Link: View Details
Information published.

CVE-2026-53306 tty: hvc_iucv: fix off-by-one in number of supported devices
Published on: 2026-06-28 01:03:20
Link: View Details
Information published.

CVE-2026-53291 ALSA: hda/conexant: Fix missing error check for jack detection
Published on: 2026-06-28 01:03:52
Link: View Details
Information published.

CVE-2026-53297 net: mana: Guard mana_remove against double invocation
Published on: 2026-06-28 01:03:27
Link: View Details
Information published.

CVE-2026-53293 drm/amdgpu: fix AMDGPU_INFO_READ_MMR_REG
Published on: 2026-06-28 01:03:33
Link: View Details
Information published.

CVE-2026-53294 mailbox: mailbox-test: don't free the reused channel
Published on: 2026-06-28 01:03:58
Link: View Details
Information published.

CVE-2026-53289 ice: fix NULL pointer dereference in ice_reset_all_vfs()
Published on: 2026-06-28 01:03:39
Link: View Details
Information published.

CVE-2026-53287 audit: fix incorrect inheritable capability in CAPSET records
Published on: 2026-06-28 01:03:45
Link: View Details
Information published.

CVE-2026-53303 f2fs: protect extension_list reading with sb_lock in f2fs_sbi_show()
Published on: 2026-06-28 01:04:04
Link: View Details
Information published.

CVE-2026-53314 padata: Put CPU offline callback in ONLINE section to allow failure
Published on: 2026-06-28 01:04:10
Link: View Details
Information published.

CVE-2026-44889 WebOb: Location header normalization during redirect leads to open redirect
Published on: 2026-06-28 01:04:29
Link: View Details
Information published.

CVE-2026-53295 mailbox: add sanity check for channel array
Published on: 2026-06-28 01:04:17
Link: View Details
Information published.

CVE-2026-53279 drm/gma500/oaktrail_lvds: fix hang on init failure
Published on: 2026-06-28 01:04:23
Link: View Details
Information published.

CVE-2026-53655 node-tar applies PAX size override to intermediary GNU long-name/long-link headers, causing tar parser interpretation differential (file smuggling)
Published on: 2026-06-28 01:04:35
Link: View Details
Information published.

Chromium: CVE-2026-13027 Use after free in FileSystem
Published on: 2026-06-26 17:46:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13026 Use after free in Digital Credentials
Published on: 2026-06-26 17:46:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13025 Insufficient validation of untrusted input in DevTools
Published on: 2026-06-26 17:46:34
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13024 Insufficient validation of untrusted input in Navigation
Published on: 2026-06-26 17:46:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13023 Uninitialized Use in GPU
Published on: 2026-06-26 17:46:32
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13022 Inappropriate implementation in Autofill
Published on: 2026-06-26 17:46:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13021 Inappropriate implementation in DeviceBoundSessionCredentials
Published on: 2026-06-26 17:46:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13036 Use after free in Blink
Published on: 2026-06-26 17:46:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13035 Use after free in Bluetooth
Published on: 2026-06-26 17:46:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13034 Inappropriate implementation in Passwords
Published on: 2026-06-26 17:46:41
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13033 Out of bounds read in Blink>InterestGroups
Published on: 2026-06-26 17:46:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13031 Use after free in Blink
Published on: 2026-06-26 17:46:39
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13029 Use after free in Web Authentication
Published on: 2026-06-26 17:46:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-13038 Use after free in Autofill
Published on: 2026-06-26 17:46:45
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2025-68736 landlock: Fix handling of disconnected directories
Published on: 2026-06-26 01:39:56
Link: View Details
Information published.

CVE-2025-68296 drm, fbcon, vga_switcheroo: Avoid race condition in fbcon setup
Published on: 2026-06-26 01:39:42
Link: View Details
Information published.

CVE-2026-45930 net: mctp: ensure our nlmsg responses are initialised
Published on: 2026-06-26 01:40:44
Link: View Details
Information published.

CVE-2026-45850 ipvs: skip ipv6 extension headers for csum checks
Published on: 2026-06-26 01:40:31
Link: View Details
Information published.

CVE-2026-46321 tun: free page on short-frame rejection in tun_xdp_one()
Published on: 2026-06-26 01:41:11
Link: View Details
Information published.

CVE-2026-46320 tap: free page on error paths in tap_get_user_xdp()
Published on: 2026-06-26 01:41:26
Link: View Details
Information published.

CVE-2026-46322 tun: free page on build_skb failure in tun_xdp_one()
Published on: 2026-06-26 01:41:18
Link: View Details
Information published.

CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing
Published on: 2026-06-26 01:41:41
Link: View Details
Information published.

CVE-2026-41086 Windows Admin Center in Azure Portal Elevation of Privilege Vulnerability
Published on: 2026-06-25 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-45637 Microsoft DWM Core Library Elevation of Privilege Vulnerability
Published on: 2026-06-25 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-46140 Bluetooth: btmtk: validate WMT event SKB length before struct access
Published on: 2026-06-25 01:03:39
Link: View Details
Information published.

CVE-2026-11816 Path Traversal in keras-team/keras
Published on: 2026-06-25 01:03:45
Link: View Details
Information published.

CVE-2026-4367 Libxpm: libxpm: denial of service via out-of-bounds read in xpm file parsing
Published on: 2026-06-25 01:03:53
Link: View Details
Information published.

CVE-2026-46285 mtd: docg3: fix use-after-free in docg3_release()
Published on: 2026-06-24 02:43:33
Link: View Details
Information published.

CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability
Published on: 2026-06-23 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-45504 Microsoft Exchange Server Elevation of Privilege Vulnerability
Published on: 2026-06-23 07:00:00
Link: View Details
Acknowledgement added. This is an informational change only.

CVE-2026-33840 Win32k Elevation of Privilege Vulnerability
Published on: 2026-06-23 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2025-5791 Users: `root` appended to group listings
Published on: 2026-06-20 01:40:10
Link: View Details
Information published.

CVE-2025-4574 Crossbeam-channel: crossbeam-channel vulnerable to double free on drop
Published on: 2026-06-20 01:39:58
Link: View Details
Information published.

CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path
Published on: 2026-06-20 01:40:55
Link: View Details
Information published.

CVE-2026-34183 Unbounded Memory Growth in the QUIC PATH_CHALLENGE Handler
Published on: 2026-06-20 01:41:20
Link: View Details
Information published.

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion
Published on: 2026-06-20 01:43:24
Link: View Details
Information published.

CVE-2026-42768 Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
Published on: 2026-06-20 01:41:45
Link: View Details
Information published.

CVE-2026-9076 Out-of-Bounds Read in CMS Password-Based Decryption
Published on: 2026-06-20 01:42:01
Link: View Details
Information published.

CVE-2026-45446 Incorrect Tag Processing for Empty Messages in AES-GCM-SIV and AES-SIV modes
Published on: 2026-06-20 01:42:18
Link: View Details
Information published.

CVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption
Published on: 2026-06-20 01:42:43
Link: View Details
Information published.

CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption
Published on: 2026-06-20 01:43:00
Link: View Details
Information published.

CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing
Published on: 2026-06-20 01:43:31
Link: View Details
Information published.

CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response
Published on: 2026-06-20 01:43:49
Link: View Details
Information published.

CVE-2026-46331 net/sched: fix pedit partial COW leading to page cache corruption
Published on: 2026-06-20 01:43:41
Link: View Details
Information published.

CVE-2026-45469 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45472 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-45471 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45474 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-45486 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45485 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44817 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44818 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44819 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44820 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44821 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44823 Microsoft Excel Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-44824 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45456 Microsoft Outlook and Word Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45458 Microsoft Outlook and Word Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45460 Microsoft Office Information Disclosure Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-45461 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-45466 Microsoft Word Information Disclosure Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45643 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45645 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45649 Office for Android Spoofing Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-44822 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45455 Microsoft Excel Information Disclosure Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45457 Microsoft Word Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45459 Microsoft Excel Security Feature Bypass Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Mac. Customers running affected Mac software should install the update for their product to be protected from this vulnerability. Customers running other Microsoft Office software do not need to take any action. See the [Release Notes](https://go.microsoft.com/fwlink/p/?linkid=831049) for more information and download links.

CVE-2026-45463 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Office for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

Chromium: CVE-2026-12439 Use after free in Digital Credentials
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12440 Use after free in DigitalCredentials
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12445 Use after free in Extensions
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12446 Insufficient data validation in Passwords
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12451 Use after free in DigitalCredentials
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12441 Use after free in File Input
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12447 Heap buffer overflow in WebRTC
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12443 Use after free in Web Authentication
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12452 Use after free in Downloads
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12453 Insufficient validation of untrusted input in Input
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12455 Use after free in Tab Strip
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12456 Insufficient validation of untrusted input in Extensions
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12458 Incorrect security UI in Passwords
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12457 Insufficient data validation in Extensions
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12459 Inappropriate implementation in Serial
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12460 Insufficient policy enforcement in File System Access
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12462 Use after free in Media
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12464 Use after free in Browser
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12463 Inappropriate implementation in Views
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12465 Insufficient validation of untrusted input in Metrics
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12454 Race in Safe Browsing
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12467 Use after free in Extensions
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12468 Inappropriate implementation in Updater
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12449 Use after free in Chromoting
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12444 Out of bounds read in Chromoting
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12437 Use after free in WebShare
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12461 Out of bounds read in WebRTC
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

Chromium: CVE-2026-12466 Heap buffer overflow in WebRTC
Published on: 2026-06-19 07:00:00
Link: View Details
Corrected CVE title. This is an informational change only.

CVE-2026-42903 Windows Kerberos Denial of Service Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-44803 Windows Graphics Component Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-44812 Windows Graphics Component Remote Code Execution Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Microsoft is announcing the availability of the security updates for Microsoft Word, PowerPoint, Excel for Android. Customers running affected Microsoft Office for Android software should install the update for their product to be protected from this vulnerability.

CVE-2026-12439 Use after free in Digital Credentials
Published on: 2026-06-19 13:52:19
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12440 Use after free in DigitalCredentials
Published on: 2026-06-19 13:52:22
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12445 Use after free in Extensions
Published on: 2026-06-19 13:52:26
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12446 Insufficient data validation in Passwords
Published on: 2026-06-19 13:52:27
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12451 Use after free in DigitalCredentials
Published on: 2026-06-19 13:52:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12441 Use after free in File Input
Published on: 2026-06-19 13:52:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12447 Heap buffer overflow in WebRTC
Published on: 2026-06-19 13:52:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12443 Use after free in Web Authentication
Published on: 2026-06-19 13:52:25
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12452 Use after free in Downloads
Published on: 2026-06-19 13:52:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12453 Insufficient validation of untrusted input in Input
Published on: 2026-06-19 13:52:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12455 Use after free in Tab Strip
Published on: 2026-06-19 13:52:34
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12456 Insufficient validation of untrusted input in Extensions
Published on: 2026-06-19 13:52:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12458 Incorrect security UI in Passwords
Published on: 2026-06-19 13:52:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12457 Insufficient data validation in Extensions
Published on: 2026-06-19 13:52:37
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12459 Inappropriate implementation in Serial
Published on: 2026-06-19 13:52:39
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12460 Insufficient policy enforcement in File System Access
Published on: 2026-06-19 13:52:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12462 Use after free in Media
Published on: 2026-06-19 13:52:42
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12464 Use after free in Browser
Published on: 2026-06-19 13:52:44
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12463 Inappropriate implementation in Views
Published on: 2026-06-19 13:52:43
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12465 Insufficient validation of untrusted input in Metrics
Published on: 2026-06-19 13:52:46
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12454 Race in Safe Browsing
Published on: 2026-06-19 13:52:50
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12467 Use after free in Extensions
Published on: 2026-06-19 13:52:48
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12468 Inappropriate implementation in Updater
Published on: 2026-06-19 13:52:52
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12449 Use after free in Chromoting
Published on: 2026-06-19 13:52:56
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12444 Out of bounds read in Chromoting
Published on: 2026-06-19 13:52:55
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12437 Use after free in WebShare
Published on: 2026-06-19 13:52:53
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12461 Out of bounds read in WebRTC
Published on: 2026-06-19 13:52:57
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-12466 Heap buffer overflow in WebRTC
Published on: 2026-06-19 13:52:59
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

CVE-2026-24289 Windows Kernel Elevation of Privilege Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Acknowledgement added. This is an informational change only.

CVE-2026-32177 .NET Elevation of Privilege Vulnerability
Published on: 2026-06-19 07:00:00
Link: View Details
Removed incorrectly added rows from the Security Updates table. This is an informational change only.

CVE-2025-6965 Integer Truncation on SQLite
Published on: 2026-06-19 07:00:00
Link: View Details
Added Visual Studio software to the Security Updates table. Customers that are running supported version of Visual Studio are encouraged to update to the indicated version to be protected from this vulnerability.

CVE-2026-8376 Perl versions through 5.43.10 have a heap buffer overflow when compiling regular expressions with a repeated fixed string on 32-bit builds
Published on: 2026-06-19 01:40:20
Link: View Details
Information published.

CVE-2026-48914 Qemu-kvm: heap buffer overflow in virtio-blk scsi request handling
Published on: 2026-06-19 01:43:42
Link: View Details
Information published.

CVE-2026-42014 Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin
Published on: 2026-06-19 01:01:29
Link: View Details
Information published.

CVE-2026-53689
Published on: 2026-06-19 01:01:36
Link: View Details
Information published.

CVE-2026-12087 Socket versions before 2.041 for Perl have an out-of-bounds heap read
Published on: 2026-06-19 01:01:42
Link: View Details
Information published.

CVE-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow
Published on: 2026-06-19 01:01:47
Link: View Details
Information published.

CVE-2026-43966 HTTP Response Splitting via Non-VCHAR Bytes in cow_http_struct_hd:escape_string/2
Published on: 2026-06-19 01:01:53
Link: View Details
Information published.

CVE-2026-10275 OpenSC pkcs11-tool Key Generation pkcs11-tool.c test_kpgen_certwrite buffer overflow
Published on: 2026-06-19 01:40:27
Link: View Details
Information published.

CVE-2026-44967 opentelemetry-cpp: OTLP HTTP exporters read unbounded HTTP response
Published on: 2026-06-19 01:01:22
Link: View Details
Information published.

CVE-2026-47633 Microsoft Cost Management Information Disclosure Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Exposure of sensitive information to an unauthorized actor in Cost Management Interactive Experiences allows an unauthorized attacker to disclose information over a network.

CVE-2026-32208 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an authorized attacker to perform spoofing over a network.

CVE-2026-32174 Azure Bot Service Elevation of Privilege Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Improper authentication in Azure Bot Service allows an authorized attacker to elevate privileges over a network.

CVE-2026-45480 Azure Active Directory Elevation of Privilege Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Improper authentication in Azure Active Directory allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-42895 Microsoft Copilot Tampering Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an unauthorized attacker to perform tampering over a network.

CVE-2026-54130 M365 Copilot Information Disclosure Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

CVE-2026-47647 Dynamics 365 Elevation of Privilege Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Improper access control in Microsoft Dynamics 365 allows an authorized attacker to elevate privileges over a network.

CVE-2026-48584 Microsoft Azure Synapse Elevation of Privilege Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Execution with unnecessary privileges in Azure Synapse allows an authorized attacker to elevate privileges over a network.

CVE-2026-48582 Microsoft Exchange Online Elevation of Privilege Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Missing authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Url redirection to untrusted site ('open redirect') in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network.

CVE-2026-47646 Dynamics 365 Customer Voice Spoofing Vulnerability
Published on: 2026-06-18 07:00:00
Link: View Details
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-71073 Input: lkkbd - disable pending work before freeing device
Published on: 2026-06-18 01:48:00
Link: View Details
Information published.

CVE-2025-71072 shmem: fix recovery on rename failures
Published on: 2026-06-18 01:48:17
Link: View Details
Information published.

CVE-2026-28387 Potential Use-after-free in DANE Client Code
Published on: 2026-06-18 01:50:00
Link: View Details
Information published.

CVE-2026-43308 btrfs: don't BUG() on unexpected delayed ref type in run_one_delayed_ref()
Published on: 2026-06-18 01:48:34
Link: View Details
Information published.

CVE-2026-25681 Invoking incorrect handling of character references in DOCTYPE nodes in golang.org/x/net/html
Published on: 2026-06-18 01:40:41
Link: View Details
Information published.

CVE-2026-25680 Invoking denial of service when parsing arbitrary HTML in golang.org/x/net/html
Published on: 2026-06-18 01:40:25
Link: View Details
Information published.

CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path
Published on: 2026-06-18 01:46:59
Link: View Details
Information published.

CVE-2026-45447 Heap Use-After-Free in the PKCS7_verify() Function
Published on: 2026-06-18 01:41:13
Link: View Details
Information published.

CVE-2026-48854 Unbounded request body accumulation causes memory exhaustion in elixir-grpc/grpc
Published on: 2026-06-18 01:01:50
Link: View Details
Information published.

CVE-2026-46292 pmdomain: core: Fix detach procedure for virtual devices in genpd
Published on: 2026-06-18 01:49:51
Link: View Details
Information published.

CVE-2026-46274 io-wq: check that the predecessor is hashed in io_wq_remove_pending()
Published on: 2026-06-18 01:50:04
Link: View Details
Information published.

CVE-2026-46291 crypto: caam - guard HMAC key hex dumps in hash_digest_key
Published on: 2026-06-18 01:50:14
Link: View Details
Information published.

CVE-2026-46293 clk: microchip: mpfs-ccc: fix out of bounds access during output registration
Published on: 2026-06-18 01:50:27
Link: View Details
Information published.

CVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages
Published on: 2026-06-18 01:41:57
Link: View Details
Information published.

CVE-2026-7383 Possible Heap Buffer Overflow in ASN.1 Multibyte String Conversion
Published on: 2026-06-18 01:42:51
Link: View Details
Information published.

CVE-2026-9076 Out-of-Bounds Read in CMS Password-Based Decryption
Published on: 2026-06-18 01:46:38
Link: View Details
Information published.

CVE-2026-42766 Possible NULL Dereference in Password-Based CMS Decryption
Published on: 2026-06-18 01:44:21
Link: View Details
Information published.

CVE-2026-42767 NULL Pointer Dereference in CRMF EncryptedValue Decryption
Published on: 2026-06-18 01:45:04
Link: View Details
Information published.

CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing
Published on: 2026-06-18 01:45:56
Link: View Details
Information published.

CVE-2026-35433 .NET Elevation of Privilege Vulnerability
Published on: 2026-06-17 07:00:00
Link: View Details
This CVE was updated to remove Windows 11 (21H1 and 22H2) as impacted

CVE-2026-47636 Microsoft SharePoint Server Spoofing Vulnerability
Published on: 2026-06-17 07:00:00
Link: View Details
Acknowledgement added. This is an informational change only.

CVE-2026-45475 Microsoft Office Remote Code Execution Vulnerability
Published on: 2026-06-17 07:00:00
Link: View Details
Acknowledgement added. This is an informational change only.

CVE-2026-42828 Windows Projected File System Elevation of Privilege Vulnerability
Published on: 2026-06-17 07:00:00
Link: View Details
Acknowledgement added. This is an informational change only.

CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability
Published on: 2026-06-16 07:00:00
Link: View Details
Updated the fixed version information and download link. The fix was previously believed to be included in Dynamics 365 Server (on-premises) version 6.2; however, it has been confirmed that the fix is included in Dynamics 365 Server v9.1 (on-premises) Update 1.45 (version 9.1.0045.0011). The download link, release notes, and build number has been updated accordingly in the Updates Table.

CVE-2026-45602 Windows Dynamic Host Configuration Protocol (DHCP) Tampering Vulnerability
Published on: 2026-06-16 07:00:00
Link: View Details
Updated CWE value. This is an informational change only.

CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability
Published on: 2026-06-16 07:00:00
Link: View Details
Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as "RoguePlanet ". We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

CVE-2026-42915 Microsoft Windows VMSwitch Denial of Service Vulnerability
Published on: 2026-06-16 07:00:00
Link: View Details
Corrected the CVE description and title. This is an informational change only.

CVE-2026-34182 CMS AuthEnvelopedData Processing May Accept Forged Messages
Published on: 2026-06-16 02:14:59
Link: View Details
Information published.

CVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module's plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate's length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext.
Published on: 2026-06-16 01:01:29
Link: View Details
Information published.

Chromium: CVE-2026-12012 Use after free  Network
Published on: 2026-06-15 07:00:31
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12008 Use after free  DigitalCredentials
Published on: 2026-06-15 07:00:26
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12019 Out of bounds write  Codecs
Published on: 2026-06-15 07:00:40
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12016 Insufficient validation of untrusted input  DevTools
Published on: 2026-06-15 07:00:36
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12015 Use after free  Autofill
Published on: 2026-06-15 07:00:35
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-11628 Use after free in Ozone
Published on: 2026-06-15 19:13:29
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11629 Use after free in Ozone
Published on: 2026-06-15 19:13:31
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11631 Use after free in Aura
Published on: 2026-06-15 19:13:34
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11630 Use after free in File Input
Published on: 2026-06-15 19:13:33
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11632 Use after free in TabStrip
Published on: 2026-06-15 19:13:35
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11633 Use after free in Bluetooth
Published on: 2026-06-15 19:13:37
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11634 Use after free in Gamepad
Published on: 2026-06-15 19:13:38
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11635 Use after free in Bluetooth
Published on: 2026-06-15 19:13:40
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11639 Use after free in Compositing
Published on: 2026-06-15 19:13:45
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11637 Use after free in Views
Published on: 2026-06-15 19:13:42
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11636 Use after free in Autofill
Published on: 2026-06-15 19:13:41
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11638 Use after free in Printing
Published on: 2026-06-15 19:13:44
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11641 Use after free in Bluetooth
Published on: 2026-06-15 19:13:48
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11640 Integer overflow in libyuv
Published on: 2026-06-15 19:13:47
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11642 Use after free in Web Apps
Published on: 2026-06-15 19:13:49
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11645 Out of bounds memory access in V8
Published on: 2026-06-15 19:13:53
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11643 Use after free in Proxy
Published on: 2026-06-15 19:13:50
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11644 Use after free in Views
Published on: 2026-06-15 19:13:52
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11646 Use after free in ViewTransitions
Published on: 2026-06-15 19:13:54
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11657 Use after free in Payments
Published on: 2026-06-15 19:14:10
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11658 Insufficient validation of untrusted input in Extensions
Published on: 2026-06-15 19:14:12
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page
Published on: 2026-06-15 19:14:15
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11661 Use after free in Views
Published on: 2026-06-15 19:14:16
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11659 Insufficient validation of untrusted input in UI
Published on: 2026-06-15 19:14:13
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11663 Use after free in Skia
Published on: 2026-06-15 19:14:19
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11662 Type Confusion in Bindings
Published on: 2026-06-15 19:14:18
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11664 Use after free in Payments
Published on: 2026-06-15 19:14:20
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11665 Out of bounds read in Dawn
Published on: 2026-06-15 19:14:22
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11666 Insufficient validation of untrusted input in Input
Published on: 2026-06-15 19:14:23
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11668 Uninitialized Use in Codecs
Published on: 2026-06-15 19:14:26
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11669 Integer overflow in Media
Published on: 2026-06-15 19:14:27
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11667 Out of bounds read in WebRTC
Published on: 2026-06-15 19:14:24
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11670 Use after free in PDF
Published on: 2026-06-15 19:14:28
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11671 Use after free in Navigation
Published on: 2026-06-15 19:14:30
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11672 Out of bounds write in GPU
Published on: 2026-06-15 19:14:31
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11673 Use after free in InterestGroups
Published on: 2026-06-15 19:14:32
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11675 Insufficient validation of untrusted input in Skia
Published on: 2026-06-15 19:14:35
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11674 Use after free in Guest View
Published on: 2026-06-15 19:14:34
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11676 Insufficient validation of untrusted input in Dawn
Published on: 2026-06-15 19:14:36
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11677 Race in Network
Published on: 2026-06-15 19:14:37
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11678 Integer overflow in libyuv
Published on: 2026-06-15 19:14:39
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11679 Use after free in Codecs
Published on: 2026-06-15 19:14:40
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11681 Use after free in Ozone
Published on: 2026-06-15 19:14:43
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11682 Insufficient validation of untrusted input in Views
Published on: 2026-06-15 19:14:44
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11680 Use after free in Media
Published on: 2026-06-15 19:14:41
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11683 Use after free in WebCodecs
Published on: 2026-06-15 19:14:45
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11684 Insufficient policy enforcement in Network
Published on: 2026-06-15 19:14:46
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11687 Use after free in Dawn
Published on: 2026-06-15 19:14:50
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11686 Insufficient validation of untrusted input in Dawn
Published on: 2026-06-15 19:14:49
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11688 Object lifecycle issue in SVG
Published on: 2026-06-15 19:14:52
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11685 Insufficient data validation in MediaCapture
Published on: 2026-06-15 19:14:48
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11689 Insufficient validation of untrusted input in Passwords
Published on: 2026-06-15 19:14:53
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11690 Out of bounds read and write in Media
Published on: 2026-06-15 19:14:54
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11691 Insufficient validation of untrusted input in New Tab Page
Published on: 2026-06-15 19:14:55
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11692 Use after free in Read Anything
Published on: 2026-06-15 19:14:57
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11693 Inappropriate implementation in Plugins
Published on: 2026-06-15 19:14:58
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11694 Use after free in ServiceWorker
Published on: 2026-06-15 19:14:59
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11695 Inappropriate implementation in Passwords
Published on: 2026-06-15 19:15:01
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11696 Uninitialized Use in Video
Published on: 2026-06-15 19:15:02
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11697 Insufficient validation of untrusted input in UI
Published on: 2026-06-15 19:15:03
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11698 Use after free in Bluetooth
Published on: 2026-06-15 19:15:05
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11699 Use after free in Bluetooth
Published on: 2026-06-15 19:15:06
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11700 Use after free in Tracing
Published on: 2026-06-15 19:15:07
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-12018 Inappropriate implementation  Mojo
Published on: 2026-06-15 07:00:38
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12007 Use after free  Core
Published on: 2026-06-15 07:00:24
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12017 Insufficient validation of untrusted input  Extensions
Published on: 2026-06-15 07:00:37
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12014 Use after free  Cast
Published on: 2026-06-15 07:00:33
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12013 Use after free  Media
Published on: 2026-06-15 07:00:32
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12010 Heap buffer overflow  GPU
Published on: 2026-06-15 07:00:29
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-12009 Insufficient validation of untrusted input  Accessibility
Published on: 2026-06-15 07:00:27
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

Chromium: CVE-2026-11647 Use after free in Printing
Published on: 2026-06-15 19:13:56
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11648 Use after free in FullScreen
Published on: 2026-06-15 19:13:57
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11651 Use after free in Network
Published on: 2026-06-15 19:14:01
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11649 Use after free in V8
Published on: 2026-06-15 19:13:58
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11652 Use after free in Extensions
Published on: 2026-06-15 19:14:03
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11650 Use after free in V8
Published on: 2026-06-15 19:14:00
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11653 Insufficient validation of untrusted input in Extensions
Published on: 2026-06-15 19:14:04
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11654 Use after free in CameraCapture
Published on: 2026-06-15 19:14:06
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11656 Use after free in ServiceWorker
Published on: 2026-06-15 19:14:09
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-11655 Integer overflow in Media
Published on: 2026-06-15 19:14:07
Link: View Details
This CVE was assigned by Chrome.  Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2025) for more information.

Chromium: CVE-2026-12011 Use after free  WebMIDI
Published on: 2026-06-15 07:00:30
Link: View Details
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/search/label/Desktop%20Update) for more information.

CVE-2026-33118 Microsoft Edge (Chromium-based) Spoofing Vulnerability
Published on: 2026-06-15 07:00:00
Link: View Details
Updated an acknowledgement. This is an informational change only.

CVE-2026-6429 netrc credential leak with reused proxy connection
Published on: 2026-06-15 01:40:40
Link: View Details
Information published.

CVE-2026-5545 wrong reuse of HTTP Negotiate connection
Published on: 2026-06-15 01:40:49
Link: View Details
Information published.

CVE-2026-6253 proxy credentials leak over redirect-to proxy
Published on: 2026-06-15 01:40:58
Link: View Details
Information published.

CVE-2026-45445 AES-OCB IV Ignored on EVP_Cipher() Path
Published on: 2026-06-15 01:02:18
Link: View Details
Information published.

CVE-2026-7774 tarfile.data_filter path traversal bypass allows writing outside the extraction directory
Published on: 2026-06-15 01:41:21
Link: View Details
Information published.

CVE-2026-49762 Unbounded integer parsing in the Version module enables CPU and memory exhaustion denial of service
Published on: 2026-06-15 01:42:16
Link: View Details
Information published.

CVE-2026-46433 lldpd: Heap OOB Read in VLAN Decapsulation memmove
Published on: 2026-06-15 01:42:41
Link: View Details
Information published.

CVE-2026-42768 Multi-RecipientInfo Bleichenbacher Oracle in CMS_decrypt() and PKCS7_decrypt()
Published on: 2026-06-15 01:01:25
Link: View Details
Information published.

CVE-2026-11526 GD versions before 2.86 for Perl allow OS command injection and file overwrite via a 2-arg open() of filename arguments in _make_filehandle
Published on: 2026-06-15 01:02:31
Link: View Details
Information published.