Recent Advisories

Severity ID Title Vendor Product Date Type
MEDIUM 6.5 CVE-2026-13954

CVE-2026-13954_CVE-2026-13954

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.5 CVE-2026-13949

CVE-2026-13949_CVE-2026-13949

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sens...

Google Chrome 150.0.7871.47 CVE
MEDIUM 5.3 CVE-2026-13933

CVE-2026-13933_CVE-2026-13933

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer pro...

Google Chrome 150.0.7871.47 CVE
MEDIUM 5.5 CVE-2026-13914

CVE-2026-13914_CVE-2026-13914

Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive i...

Google Chrome 150.0.7871.47 CVE
MEDIUM 5.3 CVE-2026-13911

CVE-2026-13911_CVE-2026-13911

Insufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer pr...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.5 CVE-2026-13873

CVE-2026-13873_CVE-2026-13873

Out of bounds read in Layout in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from pro...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.5 CVE-2026-13810

CVE-2026-13810_CVE-2026-13810

Inappropriate implementation in Input in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive in...

Google Chrome 150.0.7871.47 CVE
MEDIUM 4.6 CVE-2026-13808

CVE-2026-13808_CVE-2026-13808

Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensit...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.3 CVE-2026-54900

Oj: Negative-Size memcpy in Oj::Parser create_id Attribute Handling_CVE-2026-54900

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. In versions prior to 3.17.2, when in usual mode with create_id e...

ohler55 oj < 3.17.2 CVE
MEDIUM 6.3 CVE-2026-54899

Oj: Use-After-Free in Oj::Parser Symbol Key Cache Toggle_CVE-2026-54899

Oj (Optimized JSON) is a JSON parser and Object marshaller packaged as a Ruby gem. Prior to version 3.17.2, disabling symbol_keys on a reused Oj::P...

ohler55 oj < 3.17.2 CVE