Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-13850

CVE-2026-13850_CVE-2026-13850

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arb...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13848

CVE-2026-13848_CVE-2026-13848

Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted ...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13845

CVE-2026-13845_CVE-2026-13845

Use after free in DOM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HT...

Google Chrome 150.0.7871.47 CVE
HIGH 7.8 CVE-2026-13844

CVE-2026-13844_CVE-2026-13844

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via ...

Google Chrome 150.0.7871.47 CVE
HIGH 7.5 CVE-2026-13831

CVE-2026-13831_CVE-2026-13831

Out of bounds read and write in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to e...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13830

CVE-2026-13830_CVE-2026-13830

Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious net...

Google Chrome 150.0.7871.47 CVE
HIGH 7.8 CVE-2026-13827

CVE-2026-13827_CVE-2026-13827

Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious f...

Google Chrome 150.0.7871.47 CVE
HIGH 7.5 CVE-2026-13824

CVE-2026-13824_CVE-2026-13824

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer pr...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13821

CVE-2026-13821_CVE-2026-13821

Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Google Chrome 150.0.7871.47 CVE
HIGH 7.5 CVE-2026-14181

@fastify/middie standalone engine vulnerable to Denial of Service via malformed percent-encoded paths_CVE-2026-14181

@fastify/middie versions 9.1.0 through 9.3.2 fail to guard the URL normalization step used by the standalone engine when incoming request paths con...

@fastify/middie @fastify/middie 9.1.0 CVE