6.4
CVE-2026-5711 - Post Blocks & Tools <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyleβ¦
The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes itβ¦
0.0
CVE-2026-5919 - Remote WebSocket Origin Policy Bypass via Renderer Compromise in Chrome
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
0.0
CVE-2026-5918 - Crossβorigin Data Leak via Navigation Implementation in Chrome
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
0.0
CVE-2026-5915 - Out-of-Bounds Memory Write in Chrome WebML via Crafted HTML
Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)
0.0
CVE-2026-5914 - Type Confusion in CSS Leading to Heap Corruption via Malicious Chrome Extension
Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)
0.0
CVE-2026-5913 -
Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low)
8.8
CVE-2026-5912 - OutβofβBounds Memory Write via WebRTC Integer Overflow
Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)
4.3
CVE-2026-5911 - Policy Bypass in Chrome ServiceWorkers Enables CSP Circumvention
Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
0.0
CVE-2026-5910 - Integer Overflow in Media Handling Leading to Potential Heap Corruption in Chrome
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
0.0
CVE-2026-5909 - Integer Overflow in Chrome Media Engine Enables Heap Corruption via Malicious Video
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)