Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.5 CVE-2026-13794

CVE-2026-13794_CVE-2026-13794

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convi...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13791

CVE-2026-13791_CVE-2026-13791

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13788

CVE-2026-13788_CVE-2026-13788

Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted H...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13787

CVE-2026-13787_CVE-2026-13787

Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious n...

Google Chrome 150.0.7871.47 CVE
HIGH 8.8 CVE-2026-13786

CVE-2026-13786_CVE-2026-13786

Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chrom...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13779

CVE-2026-13779_CVE-2026-13779

Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious ...

Google Chrome 150.0.7871.47 CVE
HIGH 7.8 CVE-2026-13778

CVE-2026-13778_CVE-2026-13778

Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripher...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13774

CVE-2026-13774_CVE-2026-13774

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to e...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.5 CVE-2026-57963

Chat UI manipulation by injection_CVE-2026-57963

An attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the ...

Mozilla Thunderbird 140.12.1 CVE
MEDIUM 5.3 CVE-2026-57962

Denial-of-service via malicious LDAP address-book server_CVE-2026-57962

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of atta...

Mozilla Thunderbird 140.12.1 CVE