Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-52188 — UTT nv518G Buffer Overflow

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead//sub_497498 component

| Memory Corruption
Jul 02, 2026 Jul 02, 2026
Jul 02, 2026
Jul 02, 2026
0.0 NA
CVE-2026-38971 — ArduPilot GCS_MAVLINK Out-of-Bounds Read

ardupilot through Plane-4.6.3 was found to contain an out-of-bounds read issue in libraries/GCS_MAVLink/GCS_serial_control.cpp in GCS_MAVLINK::handle_serial_control().

| Memory Corruption
Jul 02, 2026 Jul 02, 2026
Jul 02, 2026
Jul 02, 2026
0.0 NA
CVE-2026-38968 — ntopng Predictable Session Identifier Vulnerability

ntopng through 6.6 is vulnerable to Predictable Session Identifier which can lead to Session Hijacking. HTTP session identifiers in src/HTTPserver.cpp use weak time-seeded pseudo-randomness during se…

| Authentication
Jul 02, 2026 Jul 02, 2026
Jul 02, 2026
Jul 02, 2026
0.0 NA
CVE-2026-52187 — UTT nv518G Buffer Overflow Denial of Service

Buffer Overflow vulnerability in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a remote attacker to cause a denial of service via the gohead/sub_483ba0 component

| Memory Corruption
Jul 02, 2026 Jul 02, 2026
Jul 02, 2026
Jul 02, 2026
7.4 HIGH
CVE-2026-55790 — Craft CMS: DOM XSS via GitHub issue title in CraftSupport widget

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms…

craft_cms | Remote | Cross-Site Scripting
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
7.1 HIGH
CVE-2026-50284 — Craft CMS: Missing peer-permission check in `AssetsController::actionDeleteFolder` allows…

Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-ui…

craft_cms | Remote | Authorization
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
5.3 MEDIUM
CVE-2026-50283 — Craft CMS: Unauthorized Deletion of Source Assets During File Replacement

Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can del…

craft_cms | Remote | Authorization
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
8.3 HIGH
CVE-2026-14429 — Skia Sandbox Escape

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
8.3 HIGH
CVE-2026-14428 — Google Chrome Dawn Sandbox Escape

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb…

android chrome chrome | Remote | Information Disclosure
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
8.3 HIGH
CVE-2026-14427 — Google Chrome Skia Heap Buffer Overflow Sandbox Escape

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14425 — ANGLE Use-After-Free Sandbox Escape

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14424 — Google Chrome Use-After-Free Sandbox Escape

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

chrome macos chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14423 — Google Chrome Type Confusion Sandbox Escape

Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-14421 — Google Chrome Uninitialized Memory Disclosure

Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chrom…

chrome chrome_os chrome | Remote | Information Disclosure
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14420 — Google Chrome: Out-of-Bounds Read/Write leading to Sandbox Escape

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Cr…

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14419 — Google Chrome Use-After-Free Sandbox Escape

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
4.3 MEDIUM
CVE-2026-14418 — Google Chrome ANGLE Uninitialized Use Information Leak

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

chrome chrome | Remote | Information Disclosure
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14417 — Google Chrome Use-After-Free Sandbox Escape

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-14416 — Google Chrome Out-of-Bounds Read Sandbox Escape

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

chrome chrome | Remote | Memory Corruption
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
5.3 MEDIUM
CVE-2026-14414 — Skia Information Disclosure

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informati…

chrome chrome | Remote | Information Disclosure
Jul 01, 2026 Jul 02, 2026
Jul 01, 2026
Jul 02, 2026
Showing 20 of 7990 Results