8.4

CVSS4.0

CVE-2026-40024 - Sleuth Kit tsk_recover Path Traversal

The Sleuth Kit through 4.14.0 contains a path traversal vulnerability in tsk_recover that allows an attacker to write files to arbitrary locations outside the intended recovery directory via crafted filenames or directory paths with path traversal sequences in a filesystem image. An attacker can cr…

πŸ“… Published: April 8, 2026, 9:35 p.m. πŸ”„ Last Modified: April 9, 2026, 6:13 p.m.

5.3

CVSS4.0

CVE-2026-5808 - openstatusHQ openstatus Onboarding Endpoint client.tsx cross site scripting

A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/(dashboard)/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results in…

πŸ“… Published: April 8, 2026, 9:30 p.m. πŸ”„ Last Modified: April 9, 2026, 2:55 p.m.

6.4

CVSS3.1

CVE-2026-5711 - Post Blocks & Tools <= 1.3.0 - Authenticated (Author+) Stored Cross-Site Scripting via 'sliderStyle…

The Post Blocks & Tools plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'sliderStyle' block attribute in the Posts Slider block in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…

πŸ“… Published: April 8, 2026, 9:25 p.m. πŸ”„ Last Modified: April 9, 2026, 4:16 p.m.

6.5

CVSS3.1

CVE-2026-5919 -

Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:33 a.m.

4.3

CVSS3.1

CVE-2026-5918 -

Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:33 a.m.

8.1

CVSS3.1

CVE-2026-5915 -

Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:40 a.m.

8.8

CVSS3.1

CVE-2026-5914 -

Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:40 a.m.

8.8

CVSS3.1

CVE-2026-5912 -

Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:40 a.m.

4.3

CVSS3.1

CVE-2026-5911 -

Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:40 a.m.

8.8

CVSS3.1

CVE-2026-5910 -

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

πŸ“… Published: April 8, 2026, 9:21 p.m. πŸ”„ Last Modified: April 10, 2026, 9:40 a.m.
Total resulsts: 343919
Page 56 of 34,392
Β« previous page Β» next page
Filters