8.8

CVSS3.1

CVE-2026-6318 - chromium-browser: Use after free in Codecs

Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 7:08 p.m.

9.8

CVSS3.1

CVE-2026-30993 - Remote Code Execution via Session Function in Slah CMS

Slah CMS v1.5.0 and below was discovered to contain a remote code execution (RCE) vulnerability in the session() function at config.php. This vulnerability is exploitable via a crafted input.

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 3:37 p.m.

4.3

CVSS3.1

CVE-2026-6298 - chromium-browser: Heap buffer overflow in Skia

Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 3:41 p.m.

8.3

CVSS3.1

CVE-2026-30461 - Authenticated Remote Code Execution in FuelCMS via Git Submodule Function

Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the /controllers/Installer.php and the function add_git_submodule.

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 20, 2026, 8:16 p.m.

8.4

CVSS3.1

CVE-2024-53412 - Command Injection via Port Field in NietThijmen ShoppingCart Leading to Remote Code Execution

Command injection in the connect function in NietThijmen ShoppingCart 0.0.2 allows an attacker to execute arbitrary shell commands and achieve remote code execution via injection of malicious payloads into the Port field

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 3:09 p.m.

8.8

CVSS3.1

CVE-2026-6306 - chromium-browser: Heap buffer overflow in PDFium

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 3:40 p.m.

8.8

CVSS3.1

CVE-2026-6302 - chromium-browser: Use after free in Video

Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 5:27 p.m.

8.6

CVSS3.1

CVE-2026-30624 - Remote Code Execution via Malicious MCP Server Configuration in Agent Zero 0.9.8

Agent Zero 0.9.8 contains a remote code execution vulnerability in its External MCP Servers configuration feature. The application allows users to define MCP servers using a JSON configuration containing arbitrary command and args values. These values are executed by the application when the config…

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 20, 2026, 8:17 p.m.

8.8

CVSS3.1

CVE-2026-6301 - chromium-browser: Type Confusion in Turbofan

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 17, 2026, 3:41 p.m.

8.8

CVSS3.1

CVE-2026-6859 - Instructlab: instructlab: arbitrary code execution due to hardcoded `trust_remote_code=true`

A flaw was found in InstructLab. The `linux_train.py` script hardcodes `trust_remote_code=True` when loading models from HuggingFace. This allows a remote attacker to achieve arbitrary Python code execution by convincing a user to run `ilab train/download/generate` with a specially crafted maliciou…

πŸ“… Published: April 15, 2026, midnight πŸ”„ Last Modified: April 24, 2026, 3:55 a.m.
Total resulsts: 348625
Page 395 of 34,863
Β« previous page Β» next page
Filters