Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2026-13787

CVE-2026-13787_CVE-2026-13787

Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious n...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13786

CVE-2026-13786_CVE-2026-13786

Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chrom...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13779

CVE-2026-13779_CVE-2026-13779

Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious ...

Google Chrome 150.0.7871.47 CVE
HIGH 7.8 CVE-2026-13778

CVE-2026-13778_CVE-2026-13778

Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripher...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13774

CVE-2026-13774_CVE-2026-13774

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to e...

Google Chrome 150.0.7871.47 CVE
HIGH 7.6 CVE-2026-6687

FatFs Stack Buffer Overflow via Uncapped exFAT Label Length_CVE-2026-6687

FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without enforcing spec ...

ChaN FatFs CVE
HIGH 7.6 CVE-2026-6682

FatFs Integer Overflow in FAT32 Volume Mount_CVE-2026-6682

In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leading to attacker-control...

ChaN FatFs CVE
HIGH 8.7 CVE-2026-58399

@acastellon/auth has an authentication bypass via spoofable headers in validateToken()_CVE-2026-58399

@acastellon/auth is an authentication control system for microservices. Versions prior to 2.3.0 appear to allow an unauthenticated authentication b...

antonio-castellon module-auth < 2.3.0 CVE
HIGH 8.2 CVE-2026-2891

Poly Voice Devices (CCX, Trio, Edge E) – Potential Denial of Service_CVE-2026-2891

The following Poly Voice IP devices, CCX, Trio, and Edge E, might be inoperable if they connect to a malicious SIP server and receive malformed dat...

HP Inc CCX CVE
HIGH 7.7 CVE-2026-13602

Session takeover vulnerability_CVE-2026-13602

We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data...

pretix pretix 4.14.0 CVE