Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.8 CVE-2026-13786

CVE-2026-13786_CVE-2026-13786

Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chrom...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13779

CVE-2026-13779_CVE-2026-13779

Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious ...

Google Chrome 150.0.7871.47 CVE
HIGH 7.8 CVE-2026-13778

CVE-2026-13778_CVE-2026-13778

Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripher...

Google Chrome 150.0.7871.47 CVE
HIGH 8.1 CVE-2026-13774

CVE-2026-13774_CVE-2026-13774

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to e...

Google Chrome 150.0.7871.47 CVE
MEDIUM 6.5 CVE-2026-57963

Chat UI manipulation by injection_CVE-2026-57963

An attacker who can send HTML chat messages (via Matrix or XMPP) can inject arbitrary styled content, phishing links, and CSS that manipulates the ...

Mozilla Thunderbird 140.12.1 CVE
MEDIUM 5.3 CVE-2026-57962

Denial-of-service via malicious LDAP address-book server_CVE-2026-57962

A malicious LDAP server, which a Thunderbird user is configured to query for address-book autocomplete, can stash arbitrarily large amounts of atta...

Mozilla Thunderbird 140.12.1 CVE
MEDIUM 5.9 CVE-2026-56016

CGI::Session::ID::md5 versions before 4.49 for Perl generate predictable session ids from low-entropy sources_CVE-2026-56016

CGI::Session::ID::md5 versions before 4.49 for Perl generate predictable session ids from low-entropy sources. The generate_id method builds the s...

MARKSTOS CGI::Session::ID::md5 CVE
HIGH 7.6 CVE-2026-6687

FatFs Stack Buffer Overflow via Uncapped exFAT Label Length_CVE-2026-6687

FatFs R0.16 and earlier contains a stack overflow bug in f_getlabel() because exFAT label length (XDIR_NumLabel) is trusted without enforcing spec ...

ChaN FatFs CVE
MEDIUM 4.6 CVE-2026-6686

FatFs Use of Uninitialized Clusters After Seek Past EOF_CVE-2026-6686

FatFs R0.16 and earlier contains an uninitialized cluster exposure when f_lseek() extends files beyond EOF without zero-filling newly allocated clu...

ChaN FatFs CVE
MEDIUM 6.1 CVE-2026-6685

FatFs Integer Underflow in Dirty-Sector Cache Flush_CVE-2026-6685

FatFs R0.16 and earlier exhibits a stale dirty-cache skip via unsigned-subtraction wrap in f_read() / f_write() (fp->sect - sect < cc) during inter...

ChaN FatFs CVE