Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.8 CVE-2026-13827

CVE-2026-13827_CVE-2026-13827

Use after free in Updater in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious f...

Google Chrome 150.0.7871.47 CVE
HIGH 7.5 CVE-2026-13824

CVE-2026-13824_CVE-2026-13824

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer pr...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13821

CVE-2026-13821_CVE-2026-13821

Use after free in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

Google Chrome 150.0.7871.47 CVE
HIGH 7.5 CVE-2026-14181

@fastify/middie standalone engine vulnerable to Denial of Service via malformed percent-encoded paths_CVE-2026-14181

@fastify/middie versions 9.1.0 through 9.3.2 fail to guard the URL normalization step used by the standalone engine when incoming request paths con...

@fastify/middie @fastify/middie 9.1.0 CVE
HIGH 8.1 CVE-2026-5120

Race Condition vulnerability affecting BIOVIA Workbook from Release 2021 through Release 2026_CVE-2026-5120

A Race Condition vulnerability affecting BIOVIA Workbook from Release 2021 through Release 2026 could allow a user to access unauthorized data from...

Dassault Systèmes BIOVIA Workbook Release 2021 Golden CVE
HIGH 7.1 CVE-2026-53902

Privilege Escalation in MCO_CVE-2026-53902

MCO does not properly enforce authorization checks in the /customer/servlet/mco/webapi/profile-sections/group-membership endpoint. An authenticated...

MyComplianceOffice MCO 25.3.3.1 CVE
HIGH 8.8 CVE-2026-5136

Foreman: foreman: privilege escalation to administrator-level access via usergroup role assignment manipulation_CVE-2026-5136

A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. Thi...

Red Hat Red Hat Satellite 6 CVE
HIGH 8.8 THN:45DBF678A05...

AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android_THN:45DBF678A05E043F3FDBB5FE129695AB

![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg4BJdHYquuxXoz8n0LhMEmm9KPcWcMC57w4LnqbMNCPXMAFdS95ys3zE6F5jZOvSKwsVWp6t3z8pVImRJ3Nv...

N/A N/A THN
HIGH 8.1 E4BC4653-1B76-

harfbuzz-stch-oob-write_E4BC4653-1B76-59F0-83C7-DDDABD36A472

HarfBuzz applystch — Integer Overflow → Heap OOB Write Crash harness, trigger font, and browser PoC for the integer overflow in HarfBuzz's applystc...

N/A N/A GITHUBEXPLOIT
HIGH 8.1 D7683152-09DF-

Exploit for Cross-Site Request Forgery (CSRF) in Apple Safari_D7683152-09DF-5A98-A55B-3490F8CFF60E

CVE-2026-43735 WebKit cross-domain information leakage. Safari = 26.5.2: PATCHED NavigateEvent.sourceElement is null...

N/A N/A GITHUBEXPLOIT