Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7fe1ed8d by security tracker role at 2026-07-01T07:13:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,1150 +1,1514 @@
+CVE-2026-9836 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is
affecte ...)
+ TODO: check
+CVE-2026-9132 (A missing authorization vulnerability was identified in GitHub
Enterpr ...)
+ TODO: check
+CVE-2026-9107 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder
plugin for ...)
+ TODO: check
+CVE-2026-9106 (A UI misrepresentation vulnerability was identified in GitHub
Enterpri ...)
+ TODO: check
+CVE-2026-9002 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow
an adj ...)
+ TODO: check
+CVE-2026-7874 (IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow
disclosure ...)
+ TODO: check
+CVE-2026-7873 (IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated
attackers t ...)
+ TODO: check
+CVE-2026-7871 (IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis
access t ...)
+ TODO: check
+CVE-2026-7840 (UltraVNC repeater through 1.8.2.2 contains a global buffer
overflow in ...)
+ TODO: check
+CVE-2026-7839 (UltraVNC repeater through 1.8.2.2 initializes the HTTP
administration ...)
+ TODO: check
+CVE-2026-7838 (UltraVNC viewer through 1.8.2.2 contains an integer overflow
leading t ...)
+ TODO: check
+CVE-2026-7831 (UltraVNC viewer through 1.8.2.2 contains an off-by-one stack
buffer ov ...)
+ TODO: check
+CVE-2026-7830 (UltraVNC through 1.8.2.2 uses inadequate cryptography in the
MS-Logon ...)
+ TODO: check
+CVE-2026-7829 (UltraVNC repeater through 1.8.2.2 contains a
post-authentication out-o ...)
+ TODO: check
+CVE-2026-7828 (UltraVNC repeater through 1.8.2.2 contains an integer overflow
in the ...)
+ TODO: check
+CVE-2026-7803 (IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary
code execu ...)
+ TODO: check
+CVE-2026-7663 (IBM Langflow OSS 1.0.0 through 1.9.6 could allow
unauthenticated attac ...)
+ TODO: check
+CVE-2026-7517 (The Custom Payment Gateways for WooCommerce plugin for
WordPress is vu ...)
+ TODO: check
+CVE-2026-6070 (The WP-BusinessDirectory plugin for WordPress is vulnerable to
Unauthe ...)
+ TODO: check
+CVE-2026-58519 (Improper neutralization of input during web page generation
('cross-si ...)
+ TODO: check
+CVE-2026-58518 (Cross-Site request forgery (CSRF) vulnerability in The
Wikimedia Found ...)
+ TODO: check
+CVE-2026-58450 (Invoice Ninja through 5.13.26 contains an open redirect
vulnerability ...)
+ TODO: check
+CVE-2026-58449 (txtai through 9.10.0, fixed in commit 11b32da, exposes an API
/reindex ...)
+ TODO: check
+CVE-2026-58448 (yudao-cloud before 2026.06 contains a broken access control
vulnerabil ...)
+ TODO: check
+CVE-2026-58447 (Invidious through 2.20260626.0, fixed in commit 77ad416,
contains a br ...)
+ TODO: check
+CVE-2026-58446 (Presenton before 0.8.8-beta bundles an MCP server that, on
server/Dock ...)
+ TODO: check
+CVE-2026-57995 (phpMyFAQ before 4.1.5 contains a privilege escalation
vulnerability in ...)
+ TODO: check
+CVE-2026-57963 (An attacker who can send HTML chat messages (via Matrix or
XMPP) can i ...)
+ TODO: check
+CVE-2026-57962 (A malicious LDAP server, which a Thunderbird user is
configured to que ...)
+ TODO: check
+CVE-2026-57585 (MessagePack is the serializer implementation for Python
msgpack.org. P ...)
+ TODO: check
+CVE-2026-57204 (pypdf is a free and open-source pure-python PDF library. Prior
to 6.13 ...)
+ TODO: check
+CVE-2026-56777 (n8n before 2.25.7 and 2.26.x before 2.26.2 contains an
abstract syntax ...)
+ TODO: check
+CVE-2026-56700 (Grav CMS before 2.0.0-beta.2 contains multiple code-execution
vulnerab ...)
+ TODO: check
+CVE-2026-56415 (Storage Concentrator (SC & SCVM) contains a command injection
vulnerab ...)
+ TODO: check
+CVE-2026-56413 (Storage Concentrator (SC & SCVM) contains a command injection
vulnerab ...)
+ TODO: check
+CVE-2026-56399 (Open WebUI before 0.6.27 contains a server-side request
forgery vulner ...)
+ TODO: check
+CVE-2026-56377 (ImageMagick before 7.1.2-24 contains an incorrect policy check
that al ...)
+ TODO: check
+CVE-2026-56369 (ImageMagick before 7.1.2-22 contains an information disclosure
vulnera ...)
+ TODO: check
+CVE-2026-56365 (ImageMagick before 7.1.2-19 contains a memory leak
vulnerability in th ...)
+ TODO: check
+CVE-2026-56364 (ImageMagick before 7.1.2-13 contains a memory leak
vulnerability in Lo ...)
+ TODO: check
+CVE-2026-56363 (ImageMagick before 7.1.2-22 contains a division by zero
vulnerability ...)
+ TODO: check
+CVE-2026-56361 (ImageMagick before 7.1.2-19 contains an off-by-one error in
morphology ...)
+ TODO: check
+CVE-2026-56356 (n8n contains a stored cross-site scripting vulnerability in
the Chat T ...)
+ TODO: check
+CVE-2026-56350 (n8n before 2.8.0 contains an authentication bypass
vulnerability allow ...)
+ TODO: check
+CVE-2026-56334 (Capgo before 12.128.2 lacks an UPDATE row-level security
policy for th ...)
+ TODO: check
+CVE-2026-56333 (Capgo before 12.128.2 contains a server-side validation bypass
vulnera ...)
+ TODO: check
+CVE-2026-56331 (Capgo before 12.128.2 contains improper error handling in the
/private ...)
+ TODO: check
+CVE-2026-56328 (Capgo before 12.128.2 allows multiple public channels for the
same app ...)
+ TODO: check
+CVE-2026-56327 (Capgo before 12.128.2 contains an information disclosure
vulnerability ...)
+ TODO: check
+CVE-2026-56320 (Capgo before 12.128.2 contains an authorization flaw in POST
/private/ ...)
+ TODO: check
+CVE-2026-56318 (Capgo before 12.128.2 contains an information disclosure
vulnerability ...)
+ TODO: check
+CVE-2026-56300 (Capgo before 12.128.2 contains unauthenticated security
definer RPC fu ...)
+ TODO: check
+CVE-2026-56286 (Capgo before 12.128.2 contains an authentication bypass
vulnerability ...)
+ TODO: check
+CVE-2026-56278 (Flowise before 3.1.0 (affected versions 3.0.13 and earlier)
uses a wea ...)
+ TODO: check
+CVE-2026-56277 (Flowise before 3.1.2 sets Access-Control-Allow-Origin to a
hardcoded w ...)
+ TODO: check
+CVE-2026-56264 (Crawl4AI before 0.8.7 contains an arbitrary JavaScript
execution vulne ...)
+ TODO: check
+CVE-2026-56249 (Capgo before 12.128.2 contains an authorization bypass
vulnerability i ...)
+ TODO: check
+CVE-2026-56247 (Capgo before 12.128.2 allows org admins to assign org-scoped
RBAC role ...)
+ TODO: check
+CVE-2026-56233 (Capgo before 12.128.2 contains a path traversal vulnerability
in the b ...)
+ TODO: check
+CVE-2026-56230 (Capgo before 12.128.2 contains a broken object level
authorization vul ...)
+ TODO: check
+CVE-2026-56224 (Capgo console.capgo.app/login before 12.128.2 accepts
access_token and ...)
+ TODO: check
+CVE-2026-56219 (Capgo before 12.128.2 contains a NULL-auth bypass
vulnerability in the ...)
+ TODO: check
+CVE-2026-55721 (Storage Concentrator (SC & SCVM) is vulnerable to SQL
injection throug ...)
+ TODO: check
+CVE-2026-55223 (c3p0 is a JDBC Connection pooling library. In versions prior
to 0.14.0 ...)
+ TODO: check
+CVE-2026-54903 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54902 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54901 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54900 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54899 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54898 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54897 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54896 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54696 (Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0
through 2. ...)
+ TODO: check
+CVE-2026-54673 (electron-updater allows for automatic updates for Electron
apps. Prior ...)
+ TODO: check
+CVE-2026-54672 (electron-updater allows for automatic updates for Electron
apps. Prior ...)
+ TODO: check
+CVE-2026-54592 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54502 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-54500 (Oj (Optimized JSON) is a JSON parser and Object marshaller
packaged as ...)
+ TODO: check
+CVE-2026-52868 (An unauthenticated attacker can read worklist records from a
directory ...)
+ TODO: check
+CVE-2026-52198 (Buffer Overflow vulnerability in UTT nv518G
nv518GV3v3.2.7-210919-1613 ...)
+ TODO: check
+CVE-2026-52197 (An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a
remote at ...)
+ TODO: check
+CVE-2026-52196 (Buffer Overflow vulnerability in UTT nv518G
nv518GV3v3.2.7-210919-1613 ...)
+ TODO: check
+CVE-2026-52195 (Buffer Overflow vulnerability in UTT nv518G
nv518GV3v3.2.7-210919-1613 ...)
+ TODO: check
+CVE-2026-52193 (Buffer Overflow vulnerability in UTT nv518G
nv518GV3v3.2.7-210919-1613 ...)
+ TODO: check
+CVE-2026-50254 (An unauthenticated remote attacker can repeatedly send a
single crafte ...)
+ TODO: check
+CVE-2026-50110 (Storage Concentrator (SC & SCVM) contains hardcoded
credentials for nu ...)
+ TODO: check
+CVE-2026-50040 (Storage Concentrator (SC & SCVM) is vulnerable to reflected
cross-site ...)
+ TODO: check
+CVE-2026-50003 (A malicious or compromised server can make a DCMTK client
using bit-pr ...)
+ TODO: check
+CVE-2026-44628 (An unauthenticated attacker can crash the worklist server with
a singl ...)
+ TODO: check
+CVE-2026-44042 (UltraVNC repeater through 1.8.2.2 contains an off-by-one error
in the ...)
+ TODO: check
+CVE-2026-44041 (UltraVNC through 1.8.2.2 contains an out-of-bounds read in the
wide-st ...)
+ TODO: check
+CVE-2026-44040 (UltraVNC through 1.8.2.2 uses a cryptographically weak
pseudo-random n ...)
+ TODO: check
+CVE-2026-3602 (IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and
12.0.1.0 thr ...)
+ TODO: check
+CVE-2026-37106 (An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a
remote atta ...)
+ TODO: check
+CVE-2026-35505 (An unauthenticated remote attacker can repeatedly send crafted
connect ...)
+ TODO: check
+CVE-2026-2387 (The Event Organiser plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2026-28322 (SolarWinds Database Performance Analyzer was found to be
affected by a ...)
+ TODO: check
+CVE-2026-20463 (In Modem, there is a possible escalation of privilege due to a
permiss ...)
+ TODO: check
+CVE-2026-20462 (In Telephony, there is a possible memory corruption due to a
heap buff ...)
+ TODO: check
+CVE-2026-20461 (In Modem, there is a possible out of bounds write due to a
missing bou ...)
+ TODO: check
+CVE-2026-20460 (In Modem, there is a possible information disclosure due to
improper i ...)
+ TODO: check
+CVE-2026-20459 (In Modem, there is a possible system crash due to improper
input valid ...)
+ TODO: check
+CVE-2026-20458 (In Modem, there is a possible memory corruption due to a
missing bound ...)
+ TODO: check
+CVE-2026-20457 (In Modem, there is a possible system crash due to improper
input valid ...)
+ TODO: check
+CVE-2026-1239 (The Ninja Forms \u2013 The Contact Form Builder That Grows With
You pl ...)
+ TODO: check
+CVE-2026-14193 (DVP80ES300T with Improper Validation of Array Index
Vulnerability)
+ TODO: check
+CVE-2026-14191 (An out-of-bounds heap write exists in the RAR5 recovery-volume
(.rev) ...)
+ TODO: check
+CVE-2026-13773 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6
Approximately 50 g ...)
+ TODO: check
+CVE-2026-13772 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object
Query La ...)
+ TODO: check
+CVE-2026-13759 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships
three Object ...)
+ TODO: check
+CVE-2026-13731 (The WPBot \u2013 AI ChatBot for Live Support, Lead Generation,
AI Serv ...)
+ TODO: check
+CVE-2026-13468 (The Visualizer \u2013 Tables & Charts Manager with Built-in AI
Generat ...)
+ TODO: check
+CVE-2026-13449 (IBM Business Automation Manager Open Editions 9.0.0 through
9.4.2 is v ...)
+ TODO: check
+CVE-2026-13443 (The Tutor LMS \u2013 eLearning and online course solution
plugin for W ...)
+ TODO: check
+CVE-2026-13246 (The GiveWP \u2013 Donation Plugin and Fundraising Platform
plugin for ...)
+ TODO: check
+CVE-2026-13207 (FUXA versions 1.3.1 and prior contain an authentication bypass
vulnera ...)
+ TODO: check
+CVE-2026-13015 (The Wp Google Places Review Slider plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2026-12923 (The Youtube Showcase plugin for WordPress is vulnerable to
Arbitrary F ...)
+ TODO: check
+CVE-2026-12904 (The Kadence Blocks \u2013 Gutenberg Blocks for Page Builder
Features p ...)
+ TODO: check
+CVE-2026-12902 (The Kadence Blocks \u2014 Page Builder Toolkit for Gutenberg
Editor pl ...)
+ TODO: check
+CVE-2026-12579 (AS228T with Authentication Bypass Vulnerability)
+ TODO: check
+CVE-2026-12135 (The FV Flowplayer Video Player plugin for WordPress is
vulnerable to S ...)
+ TODO: check
+CVE-2026-12133 (The JoomSport \u2013 for Sports: Team & League, Football,
Hockey & mor ...)
+ TODO: check
+CVE-2026-12127 (The WPForms \u2013 Easy Form Builder for WordPress \u2013
Contact Form ...)
+ TODO: check
+CVE-2026-12113 (The Appointment Booking Calendar plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2026-12110 (The Taskbuilder \u2013 Project Management & Task Management
Tool With ...)
+ TODO: check
+CVE-2026-12090 (The Taskbuilder \u2013 Project Management & Task Management
Tool With ...)
+ TODO: check
+CVE-2026-12086 (IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3
through 7 ...)
+ TODO: check
+CVE-2026-12085 (IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM
UCD - IBM ...)
+ TODO: check
+CVE-2026-12084 (IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2
through 8.2.1 ...)
+ TODO: check
+CVE-2026-11988 (The LearnPress \u2013 WordPress LMS Plugin for Create and Sell
Online ...)
+ TODO: check
+CVE-2026-11981 (The GiveWP plugin for WordPress is vulnerable to Cross-Site
Request Fo ...)
+ TODO: check
+CVE-2026-11906 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for
Linux, UN ...)
+ TODO: check
+CVE-2026-11887 (The Salon Booking System WordPress plugin before 10.30.20
does not ha ...)
+ TODO: check
+CVE-2026-11883 (The WebAuthn Provider for Two Factor WordPress plugin before
2.5.6 doe ...)
+ TODO: check
+CVE-2026-11880 (The Fluent Forms WordPress plugin before 6.2.1 does not
properly veri ...)
+ TODO: check
+CVE-2026-11823 (The BookingPress Appointment Booking Pro plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2026-11806 (IBM WebSphere Application Server - Liberty 17.0.0.3 through
26.0.0.6 i ...)
+ TODO: check
+CVE-2026-11794 (The Advanced Form Integration \u2014 Connect Forms to 200+
Apps WordPr ...)
+ TODO: check
+CVE-2026-11714 (IBM WebSphere Application Server - Liberty 17.0.0.3 through
26.0.0.7 i ...)
+ TODO: check
+CVE-2026-11712 (IBM WebSphere Application Server 9.0, and 8.5 is affected by a
cross-s ...)
+ TODO: check
+CVE-2026-11708 (IBM WebSphere Application Server 9.0, and 8.5 is affected by a
cross-s ...)
+ TODO: check
+CVE-2026-11595 (IBM WebSphere Application Server 9.0, and 8.5 could allow a
remote att ...)
+ TODO: check
+CVE-2026-11594 (IBM WebSphere Application Server 9.0, and 8.5 is affected by a
cross-s ...)
+ TODO: check
+CVE-2026-11570 (The User Submitted Posts WordPress plugin before 20260608
does not es ...)
+ TODO: check
+CVE-2026-11568 (The Product Configurator for WooCommerce WordPress plugin
before 1.7.3 ...)
+ TODO: check
+CVE-2026-11562 (The WS Form LITE WordPress plugin before 1.11.8 does not have
a capab ...)
+ TODO: check
+CVE-2026-11546 (IBM WebSphere Application Server - Liberty 17.0.0.3 through
26.0.0.7 i ...)
+ TODO: check
+CVE-2026-11541 (IBM WebSphere Application Server 9.0, and 8.5 and IBM
WebSphere Applic ...)
+ TODO: check
+CVE-2026-11380 (The JetWidgets For Elementor plugin for WordPress is
vulnerable to Sto ...)
+ TODO: check
+CVE-2026-10750 (The Royal MCP WordPress plugin before 1.4.26 does not perform
capabil ...)
+ TODO: check
+CVE-2026-10585 (A stored cross-site scripting vulnerability was identified in
GitHub E ...)
+ TODO: check
+CVE-2026-10564 (IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side
Request Fo ...)
+ TODO: check
+CVE-2026-10562 (An unauthenticated URL redirection vulnerability has been
identified i ...)
+ TODO: check
+CVE-2026-10560 (IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing
authentication ...)
+ TODO: check
+CVE-2026-10546 (IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side
Request Fo ...)
+ TODO: check
+CVE-2026-10140 (IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains
improper sha ...)
+ TODO: check
+CVE-2026-10134 (IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to
read every ...)
+ TODO: check
+CVE-2026-10129 (IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side
Request Fo ...)
+ TODO: check
+CVE-2026-10109 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is
vulnerable ...)
+ TODO: check
+CVE-2025-71381 (Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its
CORS middl ...)
+ TODO: check
+CVE-2025-71374 (picklescan before 0.0.29 fails to detect the built-in python
profile.P ...)
+ TODO: check
+CVE-2025-71371 (picklescan before 0.0.29 fails to detect malicious pickle
files using ...)
+ TODO: check
+CVE-2025-71368 (picklescan before 0.0.30 fails to detect the
doctest.debug_script func ...)
+ TODO: check
+CVE-2025-71363 (picklescan before 0.0.30 fails to detect cProfile.run function
calls i ...)
+ TODO: check
+CVE-2025-71355 (Picklescan before 0.0.25 fails to detect unsafe global
functions in th ...)
+ TODO: check
+CVE-2025-71352 (picklescan before 0.0.29 fails to detect the built-in Python
trace.Tra ...)
+ TODO: check
+CVE-2025-71350 (picklescan before 0.0.28 fails to detect malicious pickle
files using ...)
+ TODO: check
+CVE-2025-71349 (picklescan before 0.0.29 fails to detect the built-in
trace.Trace.run ...)
+ TODO: check
+CVE-2025-36372 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for
Linux, UN ...)
+ TODO: check
+CVE-2025-36359 (IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not
invalid ...)
+ TODO: check
+CVE-2025-36336 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0
transmits dat ...)
+ TODO: check
+CVE-2025-36333 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could
allow a ...)
+ TODO: check
+CVE-2025-36328 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could
allow a ...)
+ TODO: check
+CVE-2025-36327 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could
allow a ...)
+ TODO: check
+CVE-2025-36324 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s
vulnerable ...)
+ TODO: check
+CVE-2025-36323 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is
vulnerable ...)
+ TODO: check
+CVE-2025-36321 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is
vulnerable ...)
+ TODO: check
+CVE-2025-36320 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is
vulnerable ...)
+ TODO: check
+CVE-2025-36319 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could
allow a ...)
+ TODO: check
+CVE-2025-15666 (A security vulnerability has been detected in Open Asset
Import Librar ...)
+ TODO: check
+CVE-2025-12530 (IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1
through patch ...)
+ TODO: check
CVE-2026-56016
- libcgi-session-perl <unfixed>
NOTE: https://lists.security.metacpan.org/cve-announce/msg/41439279/
-CVE-2026-13774
+CVE-2026-13774 (Use after free in Extensions in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13775
+CVE-2026-13775 (Use after free in GPU in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13776
+CVE-2026-13776 (Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13777
+CVE-2026-13777 (Insufficient validation of untrusted input in iOSWeb in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13778
+CVE-2026-13778 (Use after free in WebUSB in Google Chrome on Mac prior to
150.0.7871.4 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13779
+CVE-2026-13779 (Use after free in Chromoting in Google Chrome on ChromeOS
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13780
+CVE-2026-13780 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13781
+CVE-2026-13781 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13782
+CVE-2026-13782 (Use after free in Browser in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13783
+CVE-2026-13783 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13784
+CVE-2026-13784 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13785
+CVE-2026-13785 (Use after free in Bluetooth in Google Chrome on Mac prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13786
+CVE-2026-13786 (Use after free in Ozone in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13787
+CVE-2026-13787 (Use after free in Chromoting in Google Chrome on Windows prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13788
+CVE-2026-13788 (Use after free in Fullscreen in Google Chrome on Android prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13789
+CVE-2026-13789 (Use after free in GPU in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13790
+CVE-2026-13790 (Side-channel information leakage in Scroll in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13791
+CVE-2026-13791 (Insufficient validation of untrusted input in Downloads in
Google Chro ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13792
+CVE-2026-13792 (Use after free in Touchbar in Google Chrome on Mac prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13793
+CVE-2026-13793 (Insufficient policy enforcement in SVG in Google Chrome prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13794
+CVE-2026-13794 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13795
+CVE-2026-13795 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13796
+CVE-2026-13796 (Integer overflow in Chromecast in Google Chrome prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13797
+CVE-2026-13797 (Insufficient validation of untrusted input in Chromecast in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13798
+CVE-2026-13798 (Heap buffer overflow in Chromecast in Google Chrome prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13799
+CVE-2026-13799 (Use after free in QUIC in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13800
+CVE-2026-13800 (Inappropriate implementation in Updater in Google Chrome on
Windows pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13801
+CVE-2026-13801 (Integer overflow in Chromecast in Google Chrome prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13802
+CVE-2026-13802 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13803
+CVE-2026-13803 (Type Confusion in Chrome Tabs in Google Chrome prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13804
+CVE-2026-13804 (Use after free in Chromecast in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13805
+CVE-2026-13805 (Use after free in GFX in Google Chrome on Mac prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13806
+CVE-2026-13806 (Insufficient validation of untrusted input in Accessibility in
Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13807
+CVE-2026-13807 (Use after free in Import in Google Chrome on iOS prior to
150.0.7871.4 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13808
+CVE-2026-13808 (Insufficient data validation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13809
+CVE-2026-13809 (Side-channel information leakage in Safe Browsing in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13810
+CVE-2026-13810 (Inappropriate implementation in Input in Google Chrome on
Linux prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13811
+CVE-2026-13811 (Use after free in IME in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13812
+CVE-2026-13812 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13813
+CVE-2026-13813 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13814
+CVE-2026-13814 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13815
+CVE-2026-13815 (Use after free in Blink in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13816
+CVE-2026-13816 (Insufficient validation of untrusted input in File Input in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13817
+CVE-2026-13817 (Insufficient validation of untrusted input in Glic in Google
Chrome pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13818
+CVE-2026-13818 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13819
+CVE-2026-13819 (Out of bounds read in ANGLE in Google Chrome on Mac prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13820
+CVE-2026-13820 (Out of bounds read in Skia in Google Chrome on Mac prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13821
+CVE-2026-13821 (Use after free in Canvas in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13822
+CVE-2026-13822 (Inappropriate implementation in Extensions in Google Chrome on
Android ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13823
+CVE-2026-13823 (Use after free in Glic in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13824
+CVE-2026-13824 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13825
+CVE-2026-13825 (Uninitialized Use in Dawn in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13826
+CVE-2026-13826 (Inappropriate implementation in Autofill in Google Chrome on
Android p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13827
+CVE-2026-13827 (Use after free in Updater in Google Chrome on Mac prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13828
+CVE-2026-13828 (Inappropriate implementation in Enterprise in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13829
+CVE-2026-13829 (Insufficient validation of untrusted input in Settings in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13830
+CVE-2026-13830 (Use after free in Chromoting in Google Chrome on Linux prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13831
+CVE-2026-13831 (Out of bounds read and write in GPU in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13832
+CVE-2026-13832 (Use after free in Headless in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13833
+CVE-2026-13833 (Uninitialized Use in ANGLE in Google Chrome on Mac prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13834
+CVE-2026-13834 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13835
+CVE-2026-13835 (Inappropriate implementation in XML in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13836
+CVE-2026-13836 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13837
+CVE-2026-13837 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13838
+CVE-2026-13838 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13839
+CVE-2026-13839 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13840
+CVE-2026-13840 (Insufficient policy enforcement in Canvas in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13841
+CVE-2026-13841 (Integer overflow in Skia in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13842
+CVE-2026-13842 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13843
+CVE-2026-13843 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13844
+CVE-2026-13844 (Use after free in Updater in Google Chrome on Windows prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13845
+CVE-2026-13845 (Use after free in DOM in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13846
+CVE-2026-13846 (Use after free in USB in Google Chrome on Mac prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13847
+CVE-2026-13847 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13848
+CVE-2026-13848 (Use after free in Forms in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13849
+CVE-2026-13849 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13850
+CVE-2026-13850 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13851
+CVE-2026-13851 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13852
+CVE-2026-13852 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13853
+CVE-2026-13853 (Use after free in Journeys in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13854
+CVE-2026-13854 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13855
+CVE-2026-13855 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13856
+CVE-2026-13856 (Insufficient validation of untrusted input in Speech in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13857
+CVE-2026-13857 (Inappropriate implementation in Geometry in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13858
+CVE-2026-13858 (Out of bounds read in FFmpeg in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13859
+CVE-2026-13859 (Inappropriate implementation in ANGLE in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13860
+CVE-2026-13860 (Incorrect security UI in Autofill in Google Chrome on Windows
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13861
+CVE-2026-13861 (Use after free in Core in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13862
+CVE-2026-13862 (Insufficient policy enforcement in Web Authentication
(Passkeys & Secu ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13863
+CVE-2026-13863 (Insufficient validation of untrusted input in CustomTabs in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13864
+CVE-2026-13864 (Insufficient policy enforcement in WebHID in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13865
+CVE-2026-13865 (Insufficient validation of untrusted input in Enterprise in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13866
+CVE-2026-13866 (Inappropriate implementation in Input in Google Chrome on
Android prio ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13867
+CVE-2026-13867 (Inappropriate implementation in Geolocation in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13868
+CVE-2026-13868 (Inappropriate implementation in Network in Google Chrome on
Android pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13869
+CVE-2026-13869 (Use after free in Device in Google Chrome on Windows prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13870
+CVE-2026-13870 (Use after free in WebView in Google Chrome on Android prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13871
+CVE-2026-13871 (Insufficient policy enforcement in GuestView in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13872
+CVE-2026-13872 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13873
+CVE-2026-13873 (Out of bounds read in Layout in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13874
+CVE-2026-13874 (Race in DataTransfer in Google Chrome prior to 150.0.7871.47
allowed a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13875
+CVE-2026-13875 (Insufficient validation of untrusted input in GPU in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13876
+CVE-2026-13876 (Inappropriate implementation in Network in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13877
+CVE-2026-13877 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13878
+CVE-2026-13878 (Use after free in Bluetooth in Google Chrome on Mac prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13879
+CVE-2026-13879 (Use after free in Bluetooth in Google Chrome prior to
150.0.7871.47 al ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13880
+CVE-2026-13880 (Use after free in USB in Google Chrome on Mac prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13881
+CVE-2026-13881 (Inappropriate implementation in WebAppInstalls in Google
Chrome prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13882
+CVE-2026-13882 (Race in USB in Google Chrome prior to 150.0.7871.47 allowed a
remote a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13883
+CVE-2026-13883 (Type Confusion in ANGLE in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13884
+CVE-2026-13884 (Integer overflow in Chromecast in Google Chrome prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13885
+CVE-2026-13885 (Use after free in Skia in Google Chrome on Android prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13886
+CVE-2026-13886 (Insufficient policy enforcement in Isolated Web Apps in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13887
+CVE-2026-13887 (Inappropriate implementation in NFC in Google Chrome on
Android prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13888
+CVE-2026-13888 (Use after free in Extensions in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13889
+CVE-2026-13889 (Side-channel information leakage in WebAuthentication in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13890
+CVE-2026-13890 (Out of bounds read in Chromecast in Google Chrome prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13891
+CVE-2026-13891 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13892
+CVE-2026-13892 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13893
+CVE-2026-13893 (Insufficient validation of untrusted input in WebUI in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13894
+CVE-2026-13894 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13895
+CVE-2026-13895 (Inappropriate implementation in Autofill in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13896
+CVE-2026-13896 (Insufficient policy enforcement in Glic in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13897
+CVE-2026-13897 (Insufficient policy enforcement in Chromecast in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13898
+CVE-2026-13898 (Use after free in Cast Receiver in Google Chrome prior to
150.0.7871.4 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13899
+CVE-2026-13899 (Use after free in HTML in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13900
+CVE-2026-13900 (Inappropriate implementation in Chromecast in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13901
+CVE-2026-13901 (Insufficient policy enforcement in Serial in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13902
+CVE-2026-13902 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13903
+CVE-2026-13903 (Insufficient policy enforcement in Bluetooth in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13904
+CVE-2026-13904 (Inappropriate implementation in Safe Browsing in Google Chrome
on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13905
+CVE-2026-13905 (Race in Chrome for iOS in Google Chrome on iOS prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13906
+CVE-2026-13906 (Out of bounds read in Codecs in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13907
+CVE-2026-13907 (Inappropriate implementation in iOSWeb in Google Chrome on iOS
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13908
+CVE-2026-13908 (Insufficient validation of untrusted input in Omnibox in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13909
+CVE-2026-13909 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13910
+CVE-2026-13910 (Insufficient policy enforcement in WebXR in Google Chrome on
Android p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13911
+CVE-2026-13911 (Insufficient policy enforcement in Spellcheck in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13912
+CVE-2026-13912 (Inappropriate implementation in Safe Browsing in Google Chrome
on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13913
+CVE-2026-13913 (Insufficient policy enforcement in Autofill in Google Chrome
on iOS pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13914
+CVE-2026-13914 (Inappropriate implementation in Passwords in Google Chrome on
Mac prio ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13915
+CVE-2026-13915 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13916
+CVE-2026-13916 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13917
+CVE-2026-13917 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13918
+CVE-2026-13918 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13919
+CVE-2026-13919 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13920
+CVE-2026-13920 (Insufficient validation of untrusted input in Media in Google
Chrome o ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13921
+CVE-2026-13921 (Insufficient validation of untrusted input in
DeviceBoundSessionCreden ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13922
+CVE-2026-13922 (Side-channel information leakage in Paint in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13923
+CVE-2026-13923 (Uninitialized Use in GPU in Google Chrome on Android prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13924
+CVE-2026-13924 (Insufficient validation of untrusted input in WebView in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13925
+CVE-2026-13925 (Inappropriate implementation in Downloads in Google Chrome on
Windows ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13926
+CVE-2026-13926 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13927
+CVE-2026-13927 (Insufficient validation of untrusted input in UI in Google
Chrome on A ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13928
+CVE-2026-13928 (Insufficient validation of untrusted input in Enterprise in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13929
+CVE-2026-13929 (Insufficient policy enforcement in DevTools in Google Chrome
on Androi ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13930
+CVE-2026-13930 (Insufficient policy enforcement in Actor in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13931
+CVE-2026-13931 (Inappropriate implementation in Media in Google Chrome on
Windows prio ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13932
+CVE-2026-13932 (Inappropriate implementation in Sharing in Google Chrome on
Android pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13933
+CVE-2026-13933 (Insufficient policy enforcement in Passwords in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13934
+CVE-2026-13934 (Insufficient validation of untrusted input in Dawn in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13935
+CVE-2026-13935 (Side-channel information leakage in ComputePressure in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13936
+CVE-2026-13936 (Inappropriate implementation in Passwords in Google Chrome on
Android ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13937
+CVE-2026-13937 (Insufficient policy enforcement in Passwords in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13938
+CVE-2026-13938 (Integer overflow in Fonts in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13939
+CVE-2026-13939 (Insufficient validation of untrusted input in WebShare in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13940
+CVE-2026-13940 (Uninitialized Use in Cast in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13941
+CVE-2026-13941 (Inappropriate implementation in SiteSettings in Google Chrome
on Andro ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13942
+CVE-2026-13942 (Inappropriate implementation in Video Capture in Google Chrome
on Chro ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13943
+CVE-2026-13943 (Uninitialized Use in CSS in Google Chrome on Android prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13944
+CVE-2026-13944 (Inappropriate implementation in DataTransfer in Google Chrome
on Mac p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13945
+CVE-2026-13945 (Insufficient policy enforcement in Extensions in Google Chrome
on Linu ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13946
+CVE-2026-13946 (Inappropriate implementation in ScriptInjections in Google
Chrome on i ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13947
+CVE-2026-13947 (Uninitialized Use in XR in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13948
+CVE-2026-13948 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13949
+CVE-2026-13949 (Insufficient policy enforcement in Payments in Google Chrome
on Androi ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13950
+CVE-2026-13950 (Uninitialized Use in GPU in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13951
+CVE-2026-13951 (Insufficient policy enforcement in USB in Google Chrome prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13952
+CVE-2026-13952 (Inappropriate implementation in PerformanceAPIs in Google
Chrome prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13953
+CVE-2026-13953 (Inappropriate implementation in SplitView in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13954
+CVE-2026-13954 (Insufficient policy enforcement in XML in Google Chrome on
Android pri ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13955
+CVE-2026-13955 (Insufficient validation of untrusted input in CustomTabs in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13956
+CVE-2026-13956 (Incorrect security UI in PageInfo in Google Chrome prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13957
+CVE-2026-13957 (Incorrect security UI in Extensions in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13958
+CVE-2026-13958 (Uninitialized Use in Codecs in Google Chrome on Windows prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13959
+CVE-2026-13959 (Insufficient validation of untrusted input in Blink in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13960
+CVE-2026-13960 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13961
+CVE-2026-13961 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13962
+CVE-2026-13962 (Insufficient data validation in PDF in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13963
+CVE-2026-13963 (Inappropriate implementation in DevTools in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13964
+CVE-2026-13964 (Insufficient policy enforcement in WebView in Google Chrome on
Android ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13965
+CVE-2026-13965 (Use after free in Oilpan in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13966
+CVE-2026-13966 (Inappropriate implementation in History in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13967
+CVE-2026-13967 (Heap buffer overflow in V8 in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13968
+CVE-2026-13968 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13969
+CVE-2026-13969 (Uninitialized Use in UI in Google Chrome on Android prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13970
+CVE-2026-13970 (Uninitialized Use in Media in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13971
+CVE-2026-13971 (Uninitialized Use in Skia in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13972
+CVE-2026-13972 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13973
+CVE-2026-13973 (Inappropriate implementation in UI in Google Chrome prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13974
+CVE-2026-13974 (Integer overflow in Safe Browsing in Google Chrome on Mac
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13975
+CVE-2026-13975 (Out of bounds read in ANGLE in Google Chrome on Mac prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13976
+CVE-2026-13976 (Insufficient data validation in Storage in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13977
+CVE-2026-13977 (Inappropriate implementation in HTMLParser in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13978
+CVE-2026-13978 (Insufficient policy enforcement in PageInfo in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13979
+CVE-2026-13979 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13980
+CVE-2026-13980 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13981
+CVE-2026-13981 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13982
+CVE-2026-13982 (Incorrect security UI in Passwords in Google Chrome prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13983
+CVE-2026-13983 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13984
+CVE-2026-13984 (Incorrect security UI in TabStrip in Google Chrome prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13985
+CVE-2026-13985 (Inappropriate implementation in MediaCapture in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13986
+CVE-2026-13986 (Inappropriate implementation in Media UI in Google Chrome on
ChromeOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13987
+CVE-2026-13987 (Incorrect security UI in Mobile in Google Chrome on Android
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13988
+CVE-2026-13988 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13989
+CVE-2026-13989 (Inappropriate implementation in PageInfo in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13990
+CVE-2026-13990 (Insufficient validation of untrusted input in DataTransfer in
Google C ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13991
+CVE-2026-13991 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13992
+CVE-2026-13992 (Inappropriate implementation in UI in Google Chrome on Mac
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13993
+CVE-2026-13993 (Incorrect security UI in WebAppInstalls in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13994
+CVE-2026-13994 (Inappropriate implementation in Credential Management in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13995
+CVE-2026-13995 (Insufficient validation of untrusted input in Autofill in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13996
+CVE-2026-13996 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13997
+CVE-2026-13997 (Incorrect security UI in Extensions in Google Chrome on
Android prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13998
+CVE-2026-13998 (Incorrect security UI in File Input in Google Chrome on Mac
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13999
+CVE-2026-13999 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14000
+CVE-2026-14000 (Inappropriate implementation in XML in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14001
+CVE-2026-14001 (Inappropriate implementation in Network in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14002
+CVE-2026-14002 (Inappropriate implementation in Geolocation in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14003
+CVE-2026-14003 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14004
+CVE-2026-14004 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14005
+CVE-2026-14005 (Use after free in Omnibox in Google Chrome on Android prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14006
+CVE-2026-14006 (Use after free in Navigation in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14007
+CVE-2026-14007 (Insufficient policy enforcement in PermissionsPolicy in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14008
+CVE-2026-14008 (Uninitialized Use in WebXR in Google Chrome on Android prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14009
+CVE-2026-14009 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14010
+CVE-2026-14010 (Uninitialized Use in Codecs in Google Chrome on Windows prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14011
+CVE-2026-14011 (Out of bounds read in SurfaceCapture in Google Chrome prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14012
+CVE-2026-14012 (Side-channel information leakage in CSS in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14013
+CVE-2026-14013 (Inappropriate implementation in SVG in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14014
+CVE-2026-14014 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14015
+CVE-2026-14015 (Race in WebRTC in Google Chrome on Windows prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14016
+CVE-2026-14016 (Inappropriate implementation in SVG in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14017
+CVE-2026-14017 (Inappropriate implementation in Navigation in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14018
+CVE-2026-14018 (Use after free in Updater in Google Chrome on Windows prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14019
+CVE-2026-14019 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14020
+CVE-2026-14020 (Insufficient validation of untrusted input in WebXR in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14021
+CVE-2026-14021 (Insufficient policy enforcement in StorageAccessAPI in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14022
+CVE-2026-14022 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14023
+CVE-2026-14023 (Insufficient validation of untrusted input in SanitizerAPI in
Google C ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14024
+CVE-2026-14024 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14025
+CVE-2026-14025 (Use after free in Views in Google Chrome on Mac prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14026
+CVE-2026-14026 (Incorrect security UI in SplitView in Google Chrome prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14027
+CVE-2026-14027 (Use after free in SignIn in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14028
+CVE-2026-14028 (Incorrect security UI in Chrome for iOS in Google Chrome on
iOS prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14030
+CVE-2026-14030 (Inappropriate implementation in SplitView in Google Chrome on
Linux pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14031
+CVE-2026-14031 (Inappropriate implementation in File Input in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14032
+CVE-2026-14032 (Use after free in Bluetooth in Google Chrome on Mac prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14033
+CVE-2026-14033 (Insufficient policy enforcement in Media in Google Chrome on
Windows p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14034
+CVE-2026-14034 (Inappropriate implementation in WebXR in Google Chrome on
Android prio ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14035
+CVE-2026-14035 (Insufficient policy enforcement in Bluetooth in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14036
+CVE-2026-14036 (Insufficient policy enforcement in Bluetooth in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14037
+CVE-2026-14037 (Insufficient policy enforcement in GPU in Google Chrome prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14038
+CVE-2026-14038 (Insufficient validation of untrusted input in New Tab Page in
Google C ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14039
+CVE-2026-14039 (Insufficient policy enforcement in GetUserMedia in Google
Chrome prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14040
+CVE-2026-14040 (Use after free in BrowserTag in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14041
+CVE-2026-14041 (Insufficient policy enforcement in Serial in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14042
+CVE-2026-14042 (Inappropriate implementation in Isolated Web Apps in Google
Chrome pri ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14043
+CVE-2026-14043 (Use after free in GetUserMedia in Google Chrome prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14044
+CVE-2026-14044 (Use after free in ANGLE in Google Chrome prior to
150.0.7871.47 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14045
+CVE-2026-14045 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14046
+CVE-2026-14046 (Inappropriate implementation in CustomTabs in Google Chrome on
Android ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14047
+CVE-2026-14047 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14048
+CVE-2026-14048 (Use after free in Chromecast in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14049
+CVE-2026-14049 (Inappropriate implementation in GPU in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14050
+CVE-2026-14050 (Insufficient policy enforcement in Passwords in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14051
+CVE-2026-14051 (Uninitialized Use in GamepadAPI in Google Chrome prior to
150.0.7871.4 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14052
+CVE-2026-14052 (Insufficient policy enforcement in FileSystem in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14053
+CVE-2026-14053 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14054
+CVE-2026-14054 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14055
+CVE-2026-14055 (Insufficient validation of untrusted input in Device Trust in
Google C ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14056
+CVE-2026-14056 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14057
+CVE-2026-14057 (Inappropriate implementation in FedCM in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14058
+CVE-2026-14058 (Insufficient policy enforcement in Parser in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14059
+CVE-2026-14059 (Insufficient policy enforcement in Related-Website-Sets in
Google Chro ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14060
+CVE-2026-14060 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14061
+CVE-2026-14061 (Inappropriate implementation in Dawn in Google Chrome prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14062
+CVE-2026-14062 (Inappropriate implementation in Views in Google Chrome on
ChromeOS pri ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14063
+CVE-2026-14063 (Out of bounds read in Chromecast in Google Chrome prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14064
+CVE-2026-14064 (Use after free in PageInfo in Google Chrome on Android prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14065
+CVE-2026-14065 (Insufficient validation of untrusted input in PageInfo in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14066
+CVE-2026-14066 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14067
+CVE-2026-14067 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14068
+CVE-2026-14068 (Inappropriate implementation in Omnibox in Google Chrome on
iOS prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14069
+CVE-2026-14069 (Integer overflow in WebNN in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14070
+CVE-2026-14070 (Integer overflow in WebNN in Google Chrome prior to
150.0.7871.47 allo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14071
+CVE-2026-14071 (Side-channel information leakage in WebAudio in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14072
+CVE-2026-14072 (Inappropriate implementation in SplitView in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14073
+CVE-2026-14073 (Insufficient validation of untrusted input in WebXR in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14074
+CVE-2026-14074 (Side-channel information leakage in WebAuthentication in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14075
+CVE-2026-14075 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14076
+CVE-2026-14076 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14077
+CVE-2026-14077 (Inappropriate implementation in Select in Google Chrome on Mac
prior t ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14078
+CVE-2026-14078 (Insufficient validation of untrusted input in WebRTC in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14079
+CVE-2026-14079 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14080
+CVE-2026-14080 (Insufficient validation of untrusted input in TabSwitcher in
Google Ch ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14081
+CVE-2026-14081 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14082
+CVE-2026-14082 (Race in Storage in Google Chrome prior to 150.0.7871.47
allowed a remo ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14083
+CVE-2026-14083 (Insufficient validation of untrusted input in HTML in Google
Chrome pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14084
+CVE-2026-14084 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14085
+CVE-2026-14085 (Side-channel information leakage in CSS in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14086
+CVE-2026-14086 (Insufficient policy enforcement in HID in Google Chrome prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14087
+CVE-2026-14087 (Heap buffer overflow in WebNN in Google Chrome on Windows
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14088
+CVE-2026-14088 (Uninitialized Use in Canvas in Google Chrome on Android prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14089
+CVE-2026-14089 (Insufficient validation of untrusted input in PopupBlocker in
Google C ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14090
+CVE-2026-14090 (Insufficient validation of untrusted input in CameraCapture in
Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14091
+CVE-2026-14091 (Use after free in DevTools in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14092
+CVE-2026-14092 (Insufficient policy enforcement in Privacy in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14093
+CVE-2026-14093 (Use after free in Cast in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14094
+CVE-2026-14094 (Use after free in Installer in Google Chrome on Windows prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14095
+CVE-2026-14095 (Insufficient policy enforcement in Browser in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14096
+CVE-2026-14096 (Inappropriate implementation in Input in Google Chrome on
Android prio ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14097
+CVE-2026-14097 (Inappropriate implementation in WebAppInstalls in Google
Chrome on Mac ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14098
+CVE-2026-14098 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14099
+CVE-2026-14099 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14100
+CVE-2026-14100 (Insufficient data validation in NetworkCache in Google Chrome
prior to ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14101
+CVE-2026-14101 (Insufficient policy enforcement in Sandbox in Google Chrome on
Mac pri ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14102
+CVE-2026-14102 (Use after free in Passwords in Google Chrome prior to
150.0.7871.47 al ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14103
+CVE-2026-14103 (Use after free in SSL in Google Chrome on ChromeOS prior to
150.0.7871 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14104
+CVE-2026-14104 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14105
+CVE-2026-14105 (Insufficient policy enforcement in Speech in Google Chrome
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14106
+CVE-2026-14106 (Insufficient validation of untrusted input in Text in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14107
+CVE-2026-14107 (Use after free in Scheduling in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14108
+CVE-2026-14108 (Use after free in PDFium in Google Chrome prior to
150.0.7871.47 allow ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14109
+CVE-2026-14109 (Insufficient policy enforcement in Mojo in Google Chrome prior
to 150. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14110
+CVE-2026-14110 (Inappropriate implementation in DarkMode in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14111
+CVE-2026-14111 (Use after free in WebProtect in Google Chrome prior to
150.0.7871.47 a ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14112
+CVE-2026-14112 (Inappropriate implementation in Enterprise in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14113
+CVE-2026-14113 (Use after free in Updater in Google Chrome on Windows prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14114
+CVE-2026-14114 (Inappropriate implementation in WebAppInstalls in Google
Chrome on And ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14115
+CVE-2026-14115 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14116
+CVE-2026-14116 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14117
+CVE-2026-14117 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14118
+CVE-2026-14118 (Insufficient data validation in DevTools in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14119
+CVE-2026-14119 (Type Confusion in Bluetooth in Google Chrome on Windows prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14120
+CVE-2026-14120 (Inappropriate implementation in DevTools in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14121
+CVE-2026-14121 (Use after free in Chromoting in Google Chrome on Linux prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14122
+CVE-2026-14122 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14123
+CVE-2026-14123 (Incorrect security UI in Chrome for iOS in Google Chrome on
iOS prior ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14124
+CVE-2026-14124 (Inappropriate implementation in CredentialProvider in Google
Chrome on ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14125
+CVE-2026-14125 (Uninitialized Use in ANGLE in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14126
+CVE-2026-14126 (Incorrect security UI in UI in Google Chrome on Android prior
to 150.0 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14127
+CVE-2026-14127 (Inappropriate implementation in Printing in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14128
+CVE-2026-14128 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14129
+CVE-2026-14129 (Inappropriate implementation in PreviewTab in Google Chrome on
Android ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14130
+CVE-2026-14130 (Incorrect security UI in Omnibox in Google Chrome prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14131
+CVE-2026-14131 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14132
+CVE-2026-14132 (Inappropriate implementation in WebXR in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14133
+CVE-2026-14133 (Race in History Embeddings in Google Chrome prior to
150.0.7871.47 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14134
+CVE-2026-14134 (Inappropriate implementation in Autofill in Google Chrome on
Android p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14135
+CVE-2026-14135 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14136
+CVE-2026-14136 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14137
+CVE-2026-14137 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14138
+CVE-2026-14138 (Inappropriate implementation in WebAppInstalls in Google
Chrome on Win ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14139
+CVE-2026-14139 (Inappropriate implementation in TabStrip in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14140
+CVE-2026-14140 (Insufficient validation of untrusted input in Input in Google
Chrome o ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14141
+CVE-2026-14141 (Incorrect security UI in Document Picture-in-Picture in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14142
+CVE-2026-14142 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14143
+CVE-2026-14143 (Incorrect security UI in Passwords in Google Chrome on iOS
prior to 15 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14144
+CVE-2026-14144 (Incorrect security UI in Views in Google Chrome prior to
150.0.7871.47 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14145
+CVE-2026-14145 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14146
+CVE-2026-14146 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14147
+CVE-2026-14147 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14148
+CVE-2026-14148 (Type Confusion in CSS in Google Chrome prior to 150.0.7871.47
allowed ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14149
+CVE-2026-14149 (Use after free in Audio in Google Chrome on Linux prior to
150.0.7871. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14150
+CVE-2026-14150 (Insufficient validation of untrusted input in Speech in Google
Chrome ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14151
+CVE-2026-14151 (Inappropriate implementation in AI in Google Chrome prior to
150.0.787 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14152
+CVE-2026-14152 (Out of bounds read and write in ANGLE in Google Chrome prior
to 150.0. ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14153
+CVE-2026-14153 (Inappropriate implementation in Glic in Google Chrome prior to
150.0.7 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14154
+CVE-2026-14154 (Inappropriate implementation in DevTools in Google Chrome
prior to 150 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14155
+CVE-2026-14155 (Insufficient policy enforcement in StorageAccessAPI in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14156
+CVE-2026-14156 (Insufficient policy enforcement in StorageAccessAPI in Google
Chrome p ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9711 (The EventON - WordPress Virtual Event Calendar Plugin plugin
for WordP ...)
@@ -8653,7 +9017,7 @@ CVE-2026-53492
[bookworm] - containerd <not-affected> (Vulnerable code not present,
only affects 2.x)
[bullseye] - containerd <not-affected> (Vulnerable code not present,
only affects 2.x)
NOTE:
https://github.com/containerd/containerd/security/advisories/GHSA-33vj-92qq-66hc
-CVE-2026-53488
+CVE-2026-53488 (containerd is an open-source container runtime. In versions
prior to 1 ...)
- containerd 2.1.9+ds1-1 (bug #1140385)
NOTE:
https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp
CVE-2026-50195
@@ -9431,6 +9795,7 @@ CVE-2026-48818 (Starlette is a lightweight ASGI
framework/toolkit. In versions 1
CVE-2026-48591 (Improper Neutralization of Script in Attributes in a Web Page
vulnerab ...)
NOT-FOR-US: pragdave earmark
CVE-2026-48142 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_http_ ...)
+ {DSA-6374-1 DLA-4660-1}
- nginx 1.30.1-5 (bug #1140361)
NOTE: https://my.f5.com/manage/s/article/K000161585
NOTE:
https://github.com/nginx/nginx/commit/319a0bff157b15d9061f4712b2edbe6fdd2dee66
(release-1.31.2)
@@ -9456,6 +9821,7 @@ CVE-2026-42380 (Unauthenticated PHP Object Injection in
AI Lab < 5.4.2 versions.
CVE-2026-42357 (Incorrect Authorization vulnerability allows users to access
workflow ...)
NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-42055 (NGINX Plus and NGINX Open Source have a vulnerability in the
ngx_http_ ...)
+ {DSA-6374-1 DLA-4660-1}
- nginx 1.30.1-5 (bug #1140359)
NOTE: https://my.f5.com/manage/s/article/K000161584
NOTE:
https://github.com/nginx/nginx/commit/58a7bc3406ac8b9dc0e0afafc69ba42df56009e3
(master)
@@ -25385,7 +25751,7 @@ CVE-2026-47770 (jq is a command-line JSON processor.
Prior to 1.8.2, comparing t
- jq 1.8.1-7
NOTE:
https://github.com/jqlang/jq/commit/7122866869960b55cea3646bc91334ef55787831
NOTE: https://github.com/jqlang/jq/pull/3539
-CVE-2026-41579
+CVE-2026-41579 (runc is a CLI tool for spawning and running containers
according to th ...)
- runc <unfixed> (bug #1140000)
NOTE: https://www.openwall.com/lists/oss-security/2026/06/13/2
NOTE:
https://github.com/opencontainers/runc/security/advisories/GHSA-xjvp-4fhw-gc47
@@ -52575,7 +52941,7 @@ CVE-2026-30999 (A heap buffer overflow in the
av_bprint_finalize() function of F
CVE-2026-30998 (An improper resource deallocation and closure vulnerability in
the too ...)
NOTE: Bogus CVE assignment for ffmpeg, gets cleaned up by the OS anyway
CVE-2026-30997 (An out-of-bounds read in the read_global_param() function
(libavcodec/ ...)
- {DSA-6361-1}
+ {DSA-6361-1 DSA-6276-1}
- ffmpeg 7:8.1.1-1
[bullseye] - ffmpeg <postponed> (Minor issue)
NOTE:
https://excellent-oatmeal-319.notion.site/CVE-2026-30997-Out-of-Bounds-Access-a7929817b9794568b2f7774397c7d65f
@@ -210505,7 +210871,8 @@ CVE-2024-57055 (Server-Side Access Control Bypass
vulnerability in WombatDialer
NOT-FOR-US: WombatDialer
CVE-2024-57050
REJECTED
-CVE-2024-57049 (A vulnerability in the TP-Link Archer c20 router with firmware
version ...)
+CVE-2024-57049
+ REJECTED
NOT-FOR-US: TP-Link
CVE-2024-57046 (A vulnerability in the Netgear DGN2200 router with firmware
version v1 ...)
NOT-FOR-US: Netgear
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fe1ed8d4b259bf2cab08c9032fd13f5e795bed3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fe1ed8d4b259bf2cab08c9032fd13f5e795bed3
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits