Recent Advisories

Severity ID Title Vendor Product Date Type
LOW 3.3 CVE-2026-13955

CVE-2026-13955_CVE-2026-13955

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI ...

Google Chrome 150.0.7871.47 CVE
MEDIUM 4.3 CVE-2026-13952

CVE-2026-13952_CVE-2026-13952

Inappropriate implementation in PerformanceAPIs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a c...

Google Chrome 150.0.7871.47 CVE
MEDIUM 4.3 CVE-2026-13946

CVE-2026-13946_CVE-2026-13946

Inappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data...

Google Chrome 150.0.7871.47 CVE
LOW 3.1 CVE-2026-13944

CVE-2026-13944_CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engag...

Google Chrome 150.0.7871.47 CVE
LOW 3.3 CVE-2026-13942

CVE-2026-13942_CVE-2026-13942

Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing v...

Google Chrome 150.0.7871.47 CVE
LOW 3.1 CVE-2026-13939

CVE-2026-13939_CVE-2026-13939

Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had comprom...

Google Chrome 150.0.7871.47 CVE
CRITICAL 9.3 CVE-2026-34112

Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac.php_CVE-2026-34112

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac.php (line 18) without sanitization: exec(\"php jo...

guardian language-system CVE
CRITICAL 9.3 CVE-2026-34109

Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.php_CVE-2026-34109

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech.php (line 18) without sanitization: exec(\"php jobs/...

guardian language-system CVE
HIGH 7.4 CVE-2026-57736

WordPress HubSpot plugin <= 11.3.51 - Sensitive Data Exposure vulnerability_CVE-2026-57736

Insertion of Sensitive Information Into Sent Data vulnerability in HubSpot allows Retrieve Embedded Sensitive Data. This issue affects HubSpot: fr...

HubSpot HubSpot n/a CVE
HIGH 7.4 CVE-2026-57723

WordPress VikBooking Hotel Booking Engine & PMS plugin <= 1.8.12 - CSRF to Arbitrary File Deletion vulnerability_CVE-2026-57723

Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Path Traversal. This issue affects VikBoo...

e4jvikwp VikBooking Hotel Booking Engine & PMS n/a CVE