Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
7fe1ed8d by security tracker role at 2026-07-01T07:13:27+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,1150 +1,1514 @@
+CVE-2026-9836 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 is 
affecte ...)
+       TODO: check
+CVE-2026-9132 (A missing authorization vulnerability was identified in GitHub 
Enterpr ...)
+       TODO: check
+CVE-2026-9107 (The Kali Forms \u2014 Contact Form & Drag-and-Drop Builder 
plugin for  ...)
+       TODO: check
+CVE-2026-9106 (A UI misrepresentation vulnerability was identified in GitHub 
Enterpri ...)
+       TODO: check
+CVE-2026-9002 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow 
an adj ...)
+       TODO: check
+CVE-2026-7874 (IBM Langflow OSS 1.0.0 through 1.10.0 Langflow could allow 
disclosure  ...)
+       TODO: check
+CVE-2026-7873 (IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated 
attackers t ...)
+       TODO: check
+CVE-2026-7871 (IBM Langflow OSS 1.0.0 through 1.10.0 allows users with Redis 
access t ...)
+       TODO: check
+CVE-2026-7840 (UltraVNC repeater through 1.8.2.2 contains a global buffer 
overflow in ...)
+       TODO: check
+CVE-2026-7839 (UltraVNC repeater through 1.8.2.2 initializes the HTTP 
administration  ...)
+       TODO: check
+CVE-2026-7838 (UltraVNC viewer through 1.8.2.2 contains an integer overflow 
leading t ...)
+       TODO: check
+CVE-2026-7831 (UltraVNC viewer through 1.8.2.2 contains an off-by-one stack 
buffer ov ...)
+       TODO: check
+CVE-2026-7830 (UltraVNC through 1.8.2.2 uses inadequate cryptography in the 
MS-Logon  ...)
+       TODO: check
+CVE-2026-7829 (UltraVNC repeater through 1.8.2.2 contains a 
post-authentication out-o ...)
+       TODO: check
+CVE-2026-7828 (UltraVNC repeater through 1.8.2.2 contains an integer overflow 
in the  ...)
+       TODO: check
+CVE-2026-7803 (IBM Langflow OSS 1.0.0 through 1.10.0 could allow arbitrary 
code execu ...)
+       TODO: check
+CVE-2026-7663 (IBM Langflow OSS 1.0.0 through 1.9.6 could allow 
unauthenticated attac ...)
+       TODO: check
+CVE-2026-7517 (The Custom Payment Gateways for WooCommerce plugin for 
WordPress is vu ...)
+       TODO: check
+CVE-2026-6070 (The WP-BusinessDirectory plugin for WordPress is vulnerable to 
Unauthe ...)
+       TODO: check
+CVE-2026-58519 (Improper neutralization of input during web page generation 
('cross-si ...)
+       TODO: check
+CVE-2026-58518 (Cross-Site request forgery (CSRF) vulnerability in The 
Wikimedia Found ...)
+       TODO: check
+CVE-2026-58450 (Invoice Ninja through 5.13.26 contains an open redirect 
vulnerability  ...)
+       TODO: check
+CVE-2026-58449 (txtai through 9.10.0, fixed in commit 11b32da, exposes an API 
/reindex ...)
+       TODO: check
+CVE-2026-58448 (yudao-cloud before 2026.06 contains a broken access control 
vulnerabil ...)
+       TODO: check
+CVE-2026-58447 (Invidious through 2.20260626.0, fixed in commit 77ad416, 
contains a br ...)
+       TODO: check
+CVE-2026-58446 (Presenton before 0.8.8-beta bundles an MCP server that, on 
server/Dock ...)
+       TODO: check
+CVE-2026-57995 (phpMyFAQ before 4.1.5 contains a privilege escalation 
vulnerability in ...)
+       TODO: check
+CVE-2026-57963 (An attacker who can send HTML chat messages (via Matrix or 
XMPP) can i ...)
+       TODO: check
+CVE-2026-57962 (A malicious LDAP server, which a Thunderbird user is 
configured to que ...)
+       TODO: check
+CVE-2026-57585 (MessagePack is the serializer implementation for Python 
msgpack.org. P ...)
+       TODO: check
+CVE-2026-57204 (pypdf is a free and open-source pure-python PDF library. Prior 
to 6.13 ...)
+       TODO: check
+CVE-2026-56777 (n8n before 2.25.7 and 2.26.x before 2.26.2 contains an 
abstract syntax ...)
+       TODO: check
+CVE-2026-56700 (Grav CMS before 2.0.0-beta.2 contains multiple code-execution 
vulnerab ...)
+       TODO: check
+CVE-2026-56415 (Storage Concentrator (SC & SCVM) contains a command injection 
vulnerab ...)
+       TODO: check
+CVE-2026-56413 (Storage Concentrator (SC & SCVM) contains a command injection 
vulnerab ...)
+       TODO: check
+CVE-2026-56399 (Open WebUI before 0.6.27 contains a server-side request 
forgery vulner ...)
+       TODO: check
+CVE-2026-56377 (ImageMagick before 7.1.2-24 contains an incorrect policy check 
that al ...)
+       TODO: check
+CVE-2026-56369 (ImageMagick before 7.1.2-22 contains an information disclosure 
vulnera ...)
+       TODO: check
+CVE-2026-56365 (ImageMagick before 7.1.2-19 contains a memory leak 
vulnerability in th ...)
+       TODO: check
+CVE-2026-56364 (ImageMagick before 7.1.2-13 contains a memory leak 
vulnerability in Lo ...)
+       TODO: check
+CVE-2026-56363 (ImageMagick before 7.1.2-22 contains a division by zero 
vulnerability  ...)
+       TODO: check
+CVE-2026-56361 (ImageMagick before 7.1.2-19 contains an off-by-one error in 
morphology ...)
+       TODO: check
+CVE-2026-56356 (n8n contains a stored cross-site scripting vulnerability in 
the Chat T ...)
+       TODO: check
+CVE-2026-56350 (n8n before 2.8.0 contains an authentication bypass 
vulnerability allow ...)
+       TODO: check
+CVE-2026-56334 (Capgo before 12.128.2 lacks an UPDATE row-level security 
policy for th ...)
+       TODO: check
+CVE-2026-56333 (Capgo before 12.128.2 contains a server-side validation bypass 
vulnera ...)
+       TODO: check
+CVE-2026-56331 (Capgo before 12.128.2 contains improper error handling in the 
/private ...)
+       TODO: check
+CVE-2026-56328 (Capgo before 12.128.2 allows multiple public channels for the 
same app ...)
+       TODO: check
+CVE-2026-56327 (Capgo before 12.128.2 contains an information disclosure 
vulnerability ...)
+       TODO: check
+CVE-2026-56320 (Capgo before 12.128.2 contains an authorization flaw in POST 
/private/ ...)
+       TODO: check
+CVE-2026-56318 (Capgo before 12.128.2 contains an information disclosure 
vulnerability ...)
+       TODO: check
+CVE-2026-56300 (Capgo before 12.128.2 contains unauthenticated security 
definer RPC fu ...)
+       TODO: check
+CVE-2026-56286 (Capgo before 12.128.2 contains an authentication bypass 
vulnerability  ...)
+       TODO: check
+CVE-2026-56278 (Flowise before 3.1.0 (affected versions 3.0.13 and earlier) 
uses a wea ...)
+       TODO: check
+CVE-2026-56277 (Flowise before 3.1.2 sets Access-Control-Allow-Origin to a 
hardcoded w ...)
+       TODO: check
+CVE-2026-56264 (Crawl4AI before 0.8.7 contains an arbitrary JavaScript 
execution vulne ...)
+       TODO: check
+CVE-2026-56249 (Capgo before 12.128.2 contains an authorization bypass 
vulnerability i ...)
+       TODO: check
+CVE-2026-56247 (Capgo before 12.128.2 allows org admins to assign org-scoped 
RBAC role ...)
+       TODO: check
+CVE-2026-56233 (Capgo before 12.128.2 contains a path traversal vulnerability 
in the b ...)
+       TODO: check
+CVE-2026-56230 (Capgo before 12.128.2 contains a broken object level 
authorization vul ...)
+       TODO: check
+CVE-2026-56224 (Capgo console.capgo.app/login before 12.128.2 accepts 
access_token and ...)
+       TODO: check
+CVE-2026-56219 (Capgo before 12.128.2 contains a NULL-auth bypass 
vulnerability in the ...)
+       TODO: check
+CVE-2026-55721 (Storage Concentrator (SC & SCVM) is vulnerable to SQL 
injection throug ...)
+       TODO: check
+CVE-2026-55223 (c3p0 is a JDBC Connection pooling library. In versions prior 
to 0.14.0 ...)
+       TODO: check
+CVE-2026-54903 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54902 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54901 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54900 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54899 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54898 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54897 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54896 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54696 (Ruby JSON is a JSON implementation for Ruby. Versions 2.9.0 
through 2. ...)
+       TODO: check
+CVE-2026-54673 (electron-updater allows for automatic updates for Electron 
apps. Prior ...)
+       TODO: check
+CVE-2026-54672 (electron-updater allows for automatic updates for Electron 
apps. Prior ...)
+       TODO: check
+CVE-2026-54592 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54502 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-54500 (Oj (Optimized JSON) is a JSON parser and Object marshaller 
packaged as ...)
+       TODO: check
+CVE-2026-52868 (An unauthenticated attacker can read worklist records from a 
directory ...)
+       TODO: check
+CVE-2026-52198 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-52197 (An issue in UTT nv518G nv518GV3v3.2.7-210919-161313 allows a 
remote at ...)
+       TODO: check
+CVE-2026-52196 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-52195 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-52193 (Buffer Overflow vulnerability in UTT nv518G 
nv518GV3v3.2.7-210919-1613 ...)
+       TODO: check
+CVE-2026-50254 (An unauthenticated remote attacker can repeatedly send a 
single crafte ...)
+       TODO: check
+CVE-2026-50110 (Storage Concentrator (SC & SCVM) contains hardcoded 
credentials for nu ...)
+       TODO: check
+CVE-2026-50040 (Storage Concentrator (SC & SCVM) is vulnerable to reflected 
cross-site ...)
+       TODO: check
+CVE-2026-50003 (A malicious or compromised server can make a DCMTK client 
using bit-pr ...)
+       TODO: check
+CVE-2026-44628 (An unauthenticated attacker can crash the worklist server with 
a singl ...)
+       TODO: check
+CVE-2026-44042 (UltraVNC repeater through 1.8.2.2 contains an off-by-one error 
in the  ...)
+       TODO: check
+CVE-2026-44041 (UltraVNC through 1.8.2.2 contains an out-of-bounds read in the 
wide-st ...)
+       TODO: check
+CVE-2026-44040 (UltraVNC through 1.8.2.2 uses a cryptographically weak 
pseudo-random n ...)
+       TODO: check
+CVE-2026-3602 (IBM App Connect Enterprise 13.0.1.0 through 13.0.7.2, and 
12.0.1.0 thr ...)
+       TODO: check
+CVE-2026-37106 (An issue in DokuWiki 2025-05-14b "Librarian" 56.2 allows a 
remote atta ...)
+       TODO: check
+CVE-2026-35505 (An unauthenticated remote attacker can repeatedly send crafted 
connect ...)
+       TODO: check
+CVE-2026-2387 (The Event Organiser plugin for WordPress is vulnerable to 
Stored Cross ...)
+       TODO: check
+CVE-2026-28322 (SolarWinds Database Performance Analyzer was found to be 
affected by a ...)
+       TODO: check
+CVE-2026-20463 (In Modem, there is a possible escalation of privilege due to a 
permiss ...)
+       TODO: check
+CVE-2026-20462 (In Telephony, there is a possible memory corruption due to a 
heap buff ...)
+       TODO: check
+CVE-2026-20461 (In Modem, there is a possible out of bounds write due to a 
missing bou ...)
+       TODO: check
+CVE-2026-20460 (In Modem, there is a possible information disclosure due to 
improper i ...)
+       TODO: check
+CVE-2026-20459 (In Modem, there is a possible system crash due to improper 
input valid ...)
+       TODO: check
+CVE-2026-20458 (In Modem, there is a possible memory corruption due to a 
missing bound ...)
+       TODO: check
+CVE-2026-20457 (In Modem, there is a possible system crash due to improper 
input valid ...)
+       TODO: check
+CVE-2026-1239 (The Ninja Forms \u2013 The Contact Form Builder That Grows With 
You pl ...)
+       TODO: check
+CVE-2026-14193 (DVP80ES300T with Improper Validation of Array Index 
Vulnerability)
+       TODO: check
+CVE-2026-14191 (An out-of-bounds heap write exists in the RAR5 recovery-volume 
(.rev)  ...)
+       TODO: check
+CVE-2026-13773 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 
Approximately 50 g ...)
+       TODO: check
+CVE-2026-13772 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 's Object 
Query La ...)
+       TODO: check
+CVE-2026-13759 (IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 ships 
three Object ...)
+       TODO: check
+CVE-2026-13731 (The WPBot \u2013 AI ChatBot for Live Support, Lead Generation, 
AI Serv ...)
+       TODO: check
+CVE-2026-13468 (The Visualizer \u2013 Tables & Charts Manager with Built-in AI 
Generat ...)
+       TODO: check
+CVE-2026-13449 (IBM Business Automation Manager Open Editions 9.0.0 through 
9.4.2 is v ...)
+       TODO: check
+CVE-2026-13443 (The Tutor LMS \u2013 eLearning and online course solution 
plugin for W ...)
+       TODO: check
+CVE-2026-13246 (The GiveWP \u2013 Donation Plugin and Fundraising Platform 
plugin for  ...)
+       TODO: check
+CVE-2026-13207 (FUXA versions 1.3.1 and prior contain an authentication bypass 
vulnera ...)
+       TODO: check
+CVE-2026-13015 (The Wp Google Places Review Slider plugin for WordPress is 
vulnerable  ...)
+       TODO: check
+CVE-2026-12923 (The Youtube Showcase plugin for WordPress is vulnerable to 
Arbitrary F ...)
+       TODO: check
+CVE-2026-12904 (The Kadence Blocks \u2013 Gutenberg Blocks for Page Builder 
Features p ...)
+       TODO: check
+CVE-2026-12902 (The Kadence Blocks \u2014 Page Builder Toolkit for Gutenberg 
Editor pl ...)
+       TODO: check
+CVE-2026-12579 (AS228T with Authentication Bypass Vulnerability)
+       TODO: check
+CVE-2026-12135 (The FV Flowplayer Video Player plugin for WordPress is 
vulnerable to S ...)
+       TODO: check
+CVE-2026-12133 (The JoomSport \u2013 for Sports: Team & League, Football, 
Hockey & mor ...)
+       TODO: check
+CVE-2026-12127 (The WPForms \u2013 Easy Form Builder for WordPress \u2013 
Contact Form ...)
+       TODO: check
+CVE-2026-12113 (The Appointment Booking Calendar plugin for WordPress is 
vulnerable to ...)
+       TODO: check
+CVE-2026-12110 (The Taskbuilder \u2013 Project Management & Task Management 
Tool With  ...)
+       TODO: check
+CVE-2026-12090 (The Taskbuilder \u2013 Project Management & Task Management 
Tool With  ...)
+       TODO: check
+CVE-2026-12086 (IBM UCD - IBM UrbanCode Deploy 7.2 through 7.2.3.23, and 7.3 
through 7 ...)
+       TODO: check
+CVE-2026-12085 (IBM UCD - IBM UrbanCode Deploy 7.3 through 7.3.2.18 and IBM 
UCD - IBM  ...)
+       TODO: check
+CVE-2026-12084 (IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 
through 8.2.1 ...)
+       TODO: check
+CVE-2026-11988 (The LearnPress \u2013 WordPress LMS Plugin for Create and Sell 
Online  ...)
+       TODO: check
+CVE-2026-11981 (The GiveWP plugin for WordPress is vulnerable to Cross-Site 
Request Fo ...)
+       TODO: check
+CVE-2026-11906 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for 
Linux, UN ...)
+       TODO: check
+CVE-2026-11887 (The Salon Booking System  WordPress plugin before 10.30.20 
does not ha ...)
+       TODO: check
+CVE-2026-11883 (The WebAuthn Provider for Two Factor WordPress plugin before 
2.5.6 doe ...)
+       TODO: check
+CVE-2026-11880 (The Fluent Forms  WordPress plugin before 6.2.1 does not 
properly veri ...)
+       TODO: check
+CVE-2026-11823 (The BookingPress Appointment Booking Pro plugin for WordPress 
is vulne ...)
+       TODO: check
+CVE-2026-11806 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 
26.0.0.6 i ...)
+       TODO: check
+CVE-2026-11794 (The Advanced Form Integration \u2014 Connect Forms to 200+ 
Apps WordPr ...)
+       TODO: check
+CVE-2026-11714 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 
26.0.0.7 i ...)
+       TODO: check
+CVE-2026-11712 (IBM WebSphere Application Server 9.0, and 8.5 is affected by a 
cross-s ...)
+       TODO: check
+CVE-2026-11708 (IBM WebSphere Application Server 9.0, and 8.5 is affected by a 
cross-s ...)
+       TODO: check
+CVE-2026-11595 (IBM WebSphere Application Server 9.0, and 8.5 could allow a 
remote att ...)
+       TODO: check
+CVE-2026-11594 (IBM WebSphere Application Server 9.0, and 8.5 is affected by a 
cross-s ...)
+       TODO: check
+CVE-2026-11570 (The User Submitted Posts  WordPress plugin before 20260608 
does not es ...)
+       TODO: check
+CVE-2026-11568 (The Product Configurator for WooCommerce WordPress plugin 
before 1.7.3 ...)
+       TODO: check
+CVE-2026-11562 (The WS Form LITE  WordPress plugin before 1.11.8 does not have 
a capab ...)
+       TODO: check
+CVE-2026-11546 (IBM WebSphere Application Server - Liberty 17.0.0.3 through 
26.0.0.7 i ...)
+       TODO: check
+CVE-2026-11541 (IBM WebSphere Application Server 9.0, and 8.5 and IBM 
WebSphere Applic ...)
+       TODO: check
+CVE-2026-11380 (The JetWidgets For Elementor plugin for WordPress is 
vulnerable to Sto ...)
+       TODO: check
+CVE-2026-10750 (The Royal MCP  WordPress plugin before 1.4.26 does not perform 
capabil ...)
+       TODO: check
+CVE-2026-10585 (A stored cross-site scripting vulnerability was identified in 
GitHub E ...)
+       TODO: check
+CVE-2026-10564 (IBM Langflow OSS 1.0.0 through 1.9.6 contains a Server-Side 
Request Fo ...)
+       TODO: check
+CVE-2026-10562 (An unauthenticated URL redirection vulnerability has been 
identified i ...)
+       TODO: check
+CVE-2026-10560 (IBM Langflow OSS 1.0.0 through 1.9.6 contains a missing 
authentication ...)
+       TODO: check
+CVE-2026-10546 (IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side 
Request Fo ...)
+       TODO: check
+CVE-2026-10140 (IBM Langflow OSS 1.0.0 through 1.10.0 voice mode contains 
improper sha ...)
+       TODO: check
+CVE-2026-10134 (IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to 
read every  ...)
+       TODO: check
+CVE-2026-10129 (IBM Langflow OSS 1.0.0 through 1.9.3 contains a Server-Side 
Request Fo ...)
+       TODO: check
+CVE-2026-10109 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is 
vulnerable ...)
+       TODO: check
+CVE-2025-71381 (Hono before 4.10.2 (fixed in 4.10.3) contains a flaw in its 
CORS middl ...)
+       TODO: check
+CVE-2025-71374 (picklescan before 0.0.29 fails to detect the built-in python 
profile.P ...)
+       TODO: check
+CVE-2025-71371 (picklescan before 0.0.29 fails to detect malicious pickle 
files using  ...)
+       TODO: check
+CVE-2025-71368 (picklescan before 0.0.30 fails to detect the 
doctest.debug_script func ...)
+       TODO: check
+CVE-2025-71363 (picklescan before 0.0.30 fails to detect cProfile.run function 
calls i ...)
+       TODO: check
+CVE-2025-71355 (Picklescan before 0.0.25 fails to detect unsafe global 
functions in th ...)
+       TODO: check
+CVE-2025-71352 (picklescan before 0.0.29 fails to detect the built-in Python 
trace.Tra ...)
+       TODO: check
+CVE-2025-71350 (picklescan before 0.0.28 fails to detect malicious pickle 
files using  ...)
+       TODO: check
+CVE-2025-71349 (picklescan before 0.0.29 fails to detect the built-in 
trace.Trace.run  ...)
+       TODO: check
+CVE-2025-36372 (IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 for 
Linux, UN ...)
+       TODO: check
+CVE-2025-36359 (IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not 
invalid ...)
+       TODO: check
+CVE-2025-36336 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 
transmits dat ...)
+       TODO: check
+CVE-2025-36333 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could 
allow a ...)
+       TODO: check
+CVE-2025-36328 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could 
allow a ...)
+       TODO: check
+CVE-2025-36327 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could 
allow a ...)
+       TODO: check
+CVE-2025-36324 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 s 
vulnerable  ...)
+       TODO: check
+CVE-2025-36323 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is 
vulnerable ...)
+       TODO: check
+CVE-2025-36321 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is 
vulnerable ...)
+       TODO: check
+CVE-2025-36320 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 is 
vulnerable ...)
+       TODO: check
+CVE-2025-36319 (IBM watsonx.data intelligence 5.2.0, 5.2.1, 5.2.2, 5.3.0 could 
allow a ...)
+       TODO: check
+CVE-2025-15666 (A security vulnerability has been detected in Open Asset 
Import Librar ...)
+       TODO: check
+CVE-2025-12530 (IBM watsonx.data intelligence 5.2.2, 5.3.0, 5.3.1, 5.3.1 
through patch ...)
+       TODO: check
 CVE-2026-56016
        - libcgi-session-perl <unfixed>
        NOTE: https://lists.security.metacpan.org/cve-announce/msg/41439279/
-CVE-2026-13774
+CVE-2026-13774 (Use after free in Extensions in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13775
+CVE-2026-13775 (Use after free in GPU in Google Chrome prior to 150.0.7871.47 
allowed  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13776
+CVE-2026-13776 (Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 
allowed ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13777
+CVE-2026-13777 (Insufficient validation of untrusted input in iOSWeb in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13778
+CVE-2026-13778 (Use after free in WebUSB in Google Chrome on Mac prior to 
150.0.7871.4 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13779
+CVE-2026-13779 (Use after free in Chromoting in Google Chrome on ChromeOS 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13780
+CVE-2026-13780 (Insufficient validation of untrusted input in ANGLE in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13781
+CVE-2026-13781 (Insufficient validation of untrusted input in Skia in Google 
Chrome pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13782
+CVE-2026-13782 (Use after free in Browser in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13783
+CVE-2026-13783 (Use after free in Views in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13784
+CVE-2026-13784 (Use after free in Views in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13785
+CVE-2026-13785 (Use after free in Bluetooth in Google Chrome on Mac prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13786
+CVE-2026-13786 (Use after free in Ozone in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13787
+CVE-2026-13787 (Use after free in Chromoting in Google Chrome on Windows prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13788
+CVE-2026-13788 (Use after free in Fullscreen in Google Chrome on Android prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13789
+CVE-2026-13789 (Use after free in GPU in Google Chrome prior to 150.0.7871.47 
allowed  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13790
+CVE-2026-13790 (Side-channel information leakage in Scroll in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13791
+CVE-2026-13791 (Insufficient validation of untrusted input in Downloads in 
Google Chro ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13792
+CVE-2026-13792 (Use after free in Touchbar in Google Chrome on Mac prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13793
+CVE-2026-13793 (Insufficient policy enforcement in SVG in Google Chrome prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13794
+CVE-2026-13794 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13795
+CVE-2026-13795 (Insufficient policy enforcement in Chrome for iOS in Google 
Chrome on  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13796
+CVE-2026-13796 (Integer overflow in Chromecast in Google Chrome prior to 
150.0.7871.47 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13797
+CVE-2026-13797 (Insufficient validation of untrusted input in Chromecast in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13798
+CVE-2026-13798 (Heap buffer overflow in Chromecast in Google Chrome prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13799
+CVE-2026-13799 (Use after free in QUIC in Google Chrome prior to 150.0.7871.47 
allowed ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13800
+CVE-2026-13800 (Inappropriate implementation in Updater in Google Chrome on 
Windows pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13801
+CVE-2026-13801 (Integer overflow in Chromecast in Google Chrome prior to 
150.0.7871.47 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13802
+CVE-2026-13802 (Use after free in Views in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13803
+CVE-2026-13803 (Type Confusion in Chrome Tabs in Google Chrome prior to 
150.0.7871.47  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13804
+CVE-2026-13804 (Use after free in Chromecast in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13805
+CVE-2026-13805 (Use after free in GFX in Google Chrome on Mac prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13806
+CVE-2026-13806 (Insufficient validation of untrusted input in Accessibility in 
Google  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13807
+CVE-2026-13807 (Use after free in Import in Google Chrome on iOS prior to 
150.0.7871.4 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13808
+CVE-2026-13808 (Insufficient data validation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13809
+CVE-2026-13809 (Side-channel information leakage in Safe Browsing in Google 
Chrome on  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13810
+CVE-2026-13810 (Inappropriate implementation in Input in Google Chrome on 
Linux prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13811
+CVE-2026-13811 (Use after free in IME in Google Chrome prior to 150.0.7871.47 
allowed  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13812
+CVE-2026-13812 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13813
+CVE-2026-13813 (Insufficient policy enforcement in Chrome for iOS in Google 
Chrome on  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13814
+CVE-2026-13814 (Use after free in Views in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13815
+CVE-2026-13815 (Use after free in Blink in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13816
+CVE-2026-13816 (Insufficient validation of untrusted input in File Input in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13817
+CVE-2026-13817 (Insufficient validation of untrusted input in Glic in Google 
Chrome pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13818
+CVE-2026-13818 (Inappropriate implementation in Passwords in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13819
+CVE-2026-13819 (Out of bounds read in ANGLE in Google Chrome on Mac prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13820
+CVE-2026-13820 (Out of bounds read in Skia in Google Chrome on Mac prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13821
+CVE-2026-13821 (Use after free in Canvas in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13822
+CVE-2026-13822 (Inappropriate implementation in Extensions in Google Chrome on 
Android ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13823
+CVE-2026-13823 (Use after free in Glic in Google Chrome prior to 150.0.7871.47 
allowed ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13824
+CVE-2026-13824 (Insufficient policy enforcement in Extensions in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13825
+CVE-2026-13825 (Uninitialized Use in Dawn in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13826
+CVE-2026-13826 (Inappropriate implementation in Autofill in Google Chrome on 
Android p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13827
+CVE-2026-13827 (Use after free in Updater in Google Chrome on Mac prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13828
+CVE-2026-13828 (Inappropriate implementation in Enterprise in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13829
+CVE-2026-13829 (Insufficient validation of untrusted input in Settings in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13830
+CVE-2026-13830 (Use after free in Chromoting in Google Chrome on Linux prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13831
+CVE-2026-13831 (Out of bounds read and write in GPU in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13832
+CVE-2026-13832 (Use after free in Headless in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13833
+CVE-2026-13833 (Uninitialized Use in ANGLE in Google Chrome on Mac prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13834
+CVE-2026-13834 (Insufficient validation of untrusted input in ANGLE in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13835
+CVE-2026-13835 (Inappropriate implementation in XML in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13836
+CVE-2026-13836 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13837
+CVE-2026-13837 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13838
+CVE-2026-13838 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13839
+CVE-2026-13839 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13840
+CVE-2026-13840 (Insufficient policy enforcement in Canvas in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13841
+CVE-2026-13841 (Integer overflow in Skia in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13842
+CVE-2026-13842 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13843
+CVE-2026-13843 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13844
+CVE-2026-13844 (Use after free in Updater in Google Chrome on Windows prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13845
+CVE-2026-13845 (Use after free in DOM in Google Chrome prior to 150.0.7871.47 
allowed  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13846
+CVE-2026-13846 (Use after free in USB in Google Chrome on Mac prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13847
+CVE-2026-13847 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13848
+CVE-2026-13848 (Use after free in Forms in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13849
+CVE-2026-13849 (Insufficient validation of untrusted input in Chromoting in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13850
+CVE-2026-13850 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13851
+CVE-2026-13851 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13852
+CVE-2026-13852 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13853
+CVE-2026-13853 (Use after free in Journeys in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13854
+CVE-2026-13854 (Use after free in Ozone in Google Chrome on Linux prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13855
+CVE-2026-13855 (Use after free in Ozone in Google Chrome on Linux prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13856
+CVE-2026-13856 (Insufficient validation of untrusted input in Speech in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13857
+CVE-2026-13857 (Inappropriate implementation in Geometry in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13858
+CVE-2026-13858 (Out of bounds read in FFmpeg in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13859
+CVE-2026-13859 (Inappropriate implementation in ANGLE in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13860
+CVE-2026-13860 (Incorrect security UI in Autofill in Google Chrome on Windows 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13861
+CVE-2026-13861 (Use after free in Core in Google Chrome prior to 150.0.7871.47 
allowed ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13862
+CVE-2026-13862 (Insufficient policy enforcement in Web Authentication 
(Passkeys & Secu ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13863
+CVE-2026-13863 (Insufficient validation of untrusted input in CustomTabs in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13864
+CVE-2026-13864 (Insufficient policy enforcement in WebHID in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13865
+CVE-2026-13865 (Insufficient validation of untrusted input in Enterprise in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13866
+CVE-2026-13866 (Inappropriate implementation in Input in Google Chrome on 
Android prio ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13867
+CVE-2026-13867 (Inappropriate implementation in Geolocation in Google Chrome 
prior to  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13868
+CVE-2026-13868 (Inappropriate implementation in Network in Google Chrome on 
Android pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13869
+CVE-2026-13869 (Use after free in Device in Google Chrome on Windows prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13870
+CVE-2026-13870 (Use after free in WebView in Google Chrome on Android prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13871
+CVE-2026-13871 (Insufficient policy enforcement in GuestView in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13872
+CVE-2026-13872 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13873
+CVE-2026-13873 (Out of bounds read in Layout in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13874
+CVE-2026-13874 (Race in DataTransfer in Google Chrome prior to 150.0.7871.47 
allowed a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13875
+CVE-2026-13875 (Insufficient validation of untrusted input in GPU in Google 
Chrome on  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13876
+CVE-2026-13876 (Inappropriate implementation in Network in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13877
+CVE-2026-13877 (Insufficient validation of untrusted input in ANGLE in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13878
+CVE-2026-13878 (Use after free in Bluetooth in Google Chrome on Mac prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13879
+CVE-2026-13879 (Use after free in Bluetooth in Google Chrome prior to 
150.0.7871.47 al ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13880
+CVE-2026-13880 (Use after free in USB in Google Chrome on Mac prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13881
+CVE-2026-13881 (Inappropriate implementation in WebAppInstalls in Google 
Chrome prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13882
+CVE-2026-13882 (Race in USB in Google Chrome prior to 150.0.7871.47 allowed a 
remote a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13883
+CVE-2026-13883 (Type Confusion in ANGLE in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13884
+CVE-2026-13884 (Integer overflow in Chromecast in Google Chrome prior to 
150.0.7871.47 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13885
+CVE-2026-13885 (Use after free in Skia in Google Chrome on Android prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13886
+CVE-2026-13886 (Insufficient policy enforcement in Isolated Web Apps in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13887
+CVE-2026-13887 (Inappropriate implementation in NFC in Google Chrome on 
Android prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13888
+CVE-2026-13888 (Use after free in Extensions in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13889
+CVE-2026-13889 (Side-channel information leakage in WebAuthentication in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13890
+CVE-2026-13890 (Out of bounds read in Chromecast in Google Chrome prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13891
+CVE-2026-13891 (Insufficient validation of untrusted input in Extensions in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13892
+CVE-2026-13892 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13893
+CVE-2026-13893 (Insufficient validation of untrusted input in WebUI in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13894
+CVE-2026-13894 (Insufficient policy enforcement in Network in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13895
+CVE-2026-13895 (Inappropriate implementation in Autofill in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13896
+CVE-2026-13896 (Insufficient policy enforcement in Glic in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13897
+CVE-2026-13897 (Insufficient policy enforcement in Chromecast in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13898
+CVE-2026-13898 (Use after free in Cast Receiver in Google Chrome prior to 
150.0.7871.4 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13899
+CVE-2026-13899 (Use after free in HTML in Google Chrome prior to 150.0.7871.47 
allowed ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13900
+CVE-2026-13900 (Inappropriate implementation in Chromecast in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13901
+CVE-2026-13901 (Insufficient policy enforcement in Serial in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13902
+CVE-2026-13902 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13903
+CVE-2026-13903 (Insufficient policy enforcement in Bluetooth in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13904
+CVE-2026-13904 (Inappropriate implementation in Safe Browsing in Google Chrome 
on iOS  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13905
+CVE-2026-13905 (Race in Chrome for iOS in Google Chrome on iOS prior to 
150.0.7871.47  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13906
+CVE-2026-13906 (Out of bounds read in Codecs in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13907
+CVE-2026-13907 (Inappropriate implementation in iOSWeb in Google Chrome on iOS 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13908
+CVE-2026-13908 (Insufficient validation of untrusted input in Omnibox in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13909
+CVE-2026-13909 (Insufficient policy enforcement in DevTools in Google Chrome 
prior to  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13910
+CVE-2026-13910 (Insufficient policy enforcement in WebXR in Google Chrome on 
Android p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13911
+CVE-2026-13911 (Insufficient policy enforcement in Spellcheck in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13912
+CVE-2026-13912 (Inappropriate implementation in Safe Browsing in Google Chrome 
on iOS  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13913
+CVE-2026-13913 (Insufficient policy enforcement in Autofill in Google Chrome 
on iOS pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13914
+CVE-2026-13914 (Inappropriate implementation in Passwords in Google Chrome on 
Mac prio ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13915
+CVE-2026-13915 (Use after free in Chrome for iOS in Google Chrome on iOS prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13916
+CVE-2026-13916 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13917
+CVE-2026-13917 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13918
+CVE-2026-13918 (Use after free in Chrome for iOS in Google Chrome on iOS prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13919
+CVE-2026-13919 (Insufficient policy enforcement in Extensions in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13920
+CVE-2026-13920 (Insufficient validation of untrusted input in Media in Google 
Chrome o ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13921
+CVE-2026-13921 (Insufficient validation of untrusted input in 
DeviceBoundSessionCreden ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13922
+CVE-2026-13922 (Side-channel information leakage in Paint in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13923
+CVE-2026-13923 (Uninitialized Use in GPU in Google Chrome on Android prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13924
+CVE-2026-13924 (Insufficient validation of untrusted input in WebView in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13925
+CVE-2026-13925 (Inappropriate implementation in Downloads in Google Chrome on 
Windows  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13926
+CVE-2026-13926 (Insufficient validation of untrusted input in Network in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13927
+CVE-2026-13927 (Insufficient validation of untrusted input in UI in Google 
Chrome on A ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13928
+CVE-2026-13928 (Insufficient validation of untrusted input in Enterprise in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13929
+CVE-2026-13929 (Insufficient policy enforcement in DevTools in Google Chrome 
on Androi ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13930
+CVE-2026-13930 (Insufficient policy enforcement in Actor in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13931
+CVE-2026-13931 (Inappropriate implementation in Media in Google Chrome on 
Windows prio ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13932
+CVE-2026-13932 (Inappropriate implementation in Sharing in Google Chrome on 
Android pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13933
+CVE-2026-13933 (Insufficient policy enforcement in Passwords in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13934
+CVE-2026-13934 (Insufficient validation of untrusted input in Dawn in Google 
Chrome on ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13935
+CVE-2026-13935 (Side-channel information leakage in ComputePressure in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13936
+CVE-2026-13936 (Inappropriate implementation in Passwords in Google Chrome on 
Android  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13937
+CVE-2026-13937 (Insufficient policy enforcement in Passwords in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13938
+CVE-2026-13938 (Integer overflow in Fonts in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13939
+CVE-2026-13939 (Insufficient validation of untrusted input in WebShare in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13940
+CVE-2026-13940 (Uninitialized Use in Cast in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13941
+CVE-2026-13941 (Inappropriate implementation in SiteSettings in Google Chrome 
on Andro ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13942
+CVE-2026-13942 (Inappropriate implementation in Video Capture in Google Chrome 
on Chro ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13943
+CVE-2026-13943 (Uninitialized Use in CSS in Google Chrome on Android prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13944
+CVE-2026-13944 (Inappropriate implementation in DataTransfer in Google Chrome 
on Mac p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13945
+CVE-2026-13945 (Insufficient policy enforcement in Extensions in Google Chrome 
on Linu ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13946
+CVE-2026-13946 (Inappropriate implementation in ScriptInjections in Google 
Chrome on i ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13947
+CVE-2026-13947 (Uninitialized Use in XR in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13948
+CVE-2026-13948 (Insufficient policy enforcement in Extensions in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13949
+CVE-2026-13949 (Insufficient policy enforcement in Payments in Google Chrome 
on Androi ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13950
+CVE-2026-13950 (Uninitialized Use in GPU in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13951
+CVE-2026-13951 (Insufficient policy enforcement in USB in Google Chrome prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13952
+CVE-2026-13952 (Inappropriate implementation in PerformanceAPIs in Google 
Chrome prior ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13953
+CVE-2026-13953 (Inappropriate implementation in SplitView in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13954
+CVE-2026-13954 (Insufficient policy enforcement in XML in Google Chrome on 
Android pri ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13955
+CVE-2026-13955 (Insufficient validation of untrusted input in CustomTabs in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13956
+CVE-2026-13956 (Incorrect security UI in PageInfo in Google Chrome prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13957
+CVE-2026-13957 (Incorrect security UI in Extensions in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13958
+CVE-2026-13958 (Uninitialized Use in Codecs in Google Chrome on Windows prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13959
+CVE-2026-13959 (Insufficient validation of untrusted input in Blink in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13960
+CVE-2026-13960 (Inappropriate implementation in Passwords in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13961
+CVE-2026-13961 (Insufficient validation of untrusted input in DevTools in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13962
+CVE-2026-13962 (Insufficient data validation in PDF in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13963
+CVE-2026-13963 (Inappropriate implementation in DevTools in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13964
+CVE-2026-13964 (Insufficient policy enforcement in WebView in Google Chrome on 
Android ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13965
+CVE-2026-13965 (Use after free in Oilpan in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13966
+CVE-2026-13966 (Inappropriate implementation in History in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13967
+CVE-2026-13967 (Heap buffer overflow in V8 in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13968
+CVE-2026-13968 (Insufficient validation of untrusted input in DevTools in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13969
+CVE-2026-13969 (Uninitialized Use in UI in Google Chrome on Android prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13970
+CVE-2026-13970 (Uninitialized Use in Media in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13971
+CVE-2026-13971 (Uninitialized Use in Skia in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13972
+CVE-2026-13972 (Inappropriate implementation in Paint in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13973
+CVE-2026-13973 (Inappropriate implementation in UI in Google Chrome prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13974
+CVE-2026-13974 (Integer overflow in Safe Browsing in Google Chrome on Mac 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13975
+CVE-2026-13975 (Out of bounds read in ANGLE in Google Chrome on Mac prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13976
+CVE-2026-13976 (Insufficient data validation in Storage in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13977
+CVE-2026-13977 (Inappropriate implementation in HTMLParser in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13978
+CVE-2026-13978 (Insufficient policy enforcement in PageInfo in Google Chrome 
prior to  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13979
+CVE-2026-13979 (Inappropriate implementation in Paint in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13980
+CVE-2026-13980 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13981
+CVE-2026-13981 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13982
+CVE-2026-13982 (Incorrect security UI in Passwords in Google Chrome prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13983
+CVE-2026-13983 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13984
+CVE-2026-13984 (Incorrect security UI in TabStrip in Google Chrome prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13985
+CVE-2026-13985 (Inappropriate implementation in MediaCapture in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13986
+CVE-2026-13986 (Inappropriate implementation in Media UI in Google Chrome on 
ChromeOS  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13987
+CVE-2026-13987 (Incorrect security UI in Mobile in Google Chrome on Android 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13988
+CVE-2026-13988 (Inappropriate implementation in Paint in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13989
+CVE-2026-13989 (Inappropriate implementation in PageInfo in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13990
+CVE-2026-13990 (Insufficient validation of untrusted input in DataTransfer in 
Google C ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13991
+CVE-2026-13991 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13992
+CVE-2026-13992 (Inappropriate implementation in UI in Google Chrome on Mac 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13993
+CVE-2026-13993 (Incorrect security UI in WebAppInstalls in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13994
+CVE-2026-13994 (Inappropriate implementation in Credential Management in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13995
+CVE-2026-13995 (Insufficient validation of untrusted input in Autofill in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13996
+CVE-2026-13996 (Inappropriate implementation in Permissions in Google Chrome 
prior to  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13997
+CVE-2026-13997 (Incorrect security UI in Extensions in Google Chrome on 
Android prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13998
+CVE-2026-13998 (Incorrect security UI in File Input in Google Chrome on Mac 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-13999
+CVE-2026-13999 (Insufficient validation of untrusted input in Extensions in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14000
+CVE-2026-14000 (Inappropriate implementation in XML in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14001
+CVE-2026-14001 (Inappropriate implementation in Network in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14002
+CVE-2026-14002 (Inappropriate implementation in Geolocation in Google Chrome 
prior to  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14003
+CVE-2026-14003 (Insufficient policy enforcement in Extensions in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14004
+CVE-2026-14004 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14005
+CVE-2026-14005 (Use after free in Omnibox in Google Chrome on Android prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14006
+CVE-2026-14006 (Use after free in Navigation in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14007
+CVE-2026-14007 (Insufficient policy enforcement in PermissionsPolicy in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14008
+CVE-2026-14008 (Uninitialized Use in WebXR in Google Chrome on Android prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14009
+CVE-2026-14009 (Inappropriate implementation in Passwords in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14010
+CVE-2026-14010 (Uninitialized Use in Codecs in Google Chrome on Windows prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14011
+CVE-2026-14011 (Out of bounds read in SurfaceCapture in Google Chrome prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14012
+CVE-2026-14012 (Side-channel information leakage in CSS in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14013
+CVE-2026-14013 (Inappropriate implementation in SVG in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14014
+CVE-2026-14014 (Inappropriate implementation in Paint in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14015
+CVE-2026-14015 (Race in WebRTC in Google Chrome on Windows prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14016
+CVE-2026-14016 (Inappropriate implementation in SVG in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14017
+CVE-2026-14017 (Inappropriate implementation in Navigation in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14018
+CVE-2026-14018 (Use after free in Updater in Google Chrome on Windows prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14019
+CVE-2026-14019 (Inappropriate implementation in Passwords in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14020
+CVE-2026-14020 (Insufficient validation of untrusted input in WebXR in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14021
+CVE-2026-14021 (Insufficient policy enforcement in StorageAccessAPI in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14022
+CVE-2026-14022 (Insufficient validation of untrusted input in Network in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14023
+CVE-2026-14023 (Insufficient validation of untrusted input in SanitizerAPI in 
Google C ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14024
+CVE-2026-14024 (Use after free in Ozone in Google Chrome on Linux prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14025
+CVE-2026-14025 (Use after free in Views in Google Chrome on Mac prior to 
150.0.7871.47 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14026
+CVE-2026-14026 (Incorrect security UI in SplitView in Google Chrome prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14027
+CVE-2026-14027 (Use after free in SignIn in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14028
+CVE-2026-14028 (Incorrect security UI in Chrome for iOS in Google Chrome on 
iOS prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14030
+CVE-2026-14030 (Inappropriate implementation in SplitView in Google Chrome on 
Linux pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14031
+CVE-2026-14031 (Inappropriate implementation in File Input in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14032
+CVE-2026-14032 (Use after free in Bluetooth in Google Chrome on Mac prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14033
+CVE-2026-14033 (Insufficient policy enforcement in Media in Google Chrome on 
Windows p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14034
+CVE-2026-14034 (Inappropriate implementation in WebXR in Google Chrome on 
Android prio ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14035
+CVE-2026-14035 (Insufficient policy enforcement in Bluetooth in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14036
+CVE-2026-14036 (Insufficient policy enforcement in Bluetooth in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14037
+CVE-2026-14037 (Insufficient policy enforcement in GPU in Google Chrome prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14038
+CVE-2026-14038 (Insufficient validation of untrusted input in New Tab Page in 
Google C ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14039
+CVE-2026-14039 (Insufficient policy enforcement in GetUserMedia in Google 
Chrome prior ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14040
+CVE-2026-14040 (Use after free in BrowserTag in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14041
+CVE-2026-14041 (Insufficient policy enforcement in Serial in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14042
+CVE-2026-14042 (Inappropriate implementation in Isolated Web Apps in Google 
Chrome pri ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14043
+CVE-2026-14043 (Use after free in GetUserMedia in Google Chrome prior to 
150.0.7871.47 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14044
+CVE-2026-14044 (Use after free in ANGLE in Google Chrome prior to 
150.0.7871.47 allowe ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14045
+CVE-2026-14045 (Insufficient validation of untrusted input in Network in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14046
+CVE-2026-14046 (Inappropriate implementation in CustomTabs in Google Chrome on 
Android ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14047
+CVE-2026-14047 (Insufficient policy enforcement in Extensions in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14048
+CVE-2026-14048 (Use after free in Chromecast in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14049
+CVE-2026-14049 (Inappropriate implementation in GPU in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14050
+CVE-2026-14050 (Insufficient policy enforcement in Passwords in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14051
+CVE-2026-14051 (Uninitialized Use in GamepadAPI in Google Chrome prior to 
150.0.7871.4 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14052
+CVE-2026-14052 (Insufficient policy enforcement in FileSystem in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14053
+CVE-2026-14053 (Insufficient policy enforcement in Extensions in Google Chrome 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14054
+CVE-2026-14054 (Insufficient policy enforcement in Network in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14055
+CVE-2026-14055 (Insufficient validation of untrusted input in Device Trust in 
Google C ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14056
+CVE-2026-14056 (Insufficient validation of untrusted input in Media in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14057
+CVE-2026-14057 (Inappropriate implementation in FedCM in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14058
+CVE-2026-14058 (Insufficient policy enforcement in Parser in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14059
+CVE-2026-14059 (Insufficient policy enforcement in Related-Website-Sets in 
Google Chro ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14060
+CVE-2026-14060 (Insufficient validation of untrusted input in Chromoting in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14061
+CVE-2026-14061 (Inappropriate implementation in Dawn in Google Chrome prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14062
+CVE-2026-14062 (Inappropriate implementation in Views in Google Chrome on 
ChromeOS pri ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14063
+CVE-2026-14063 (Out of bounds read in Chromecast in Google Chrome prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14064
+CVE-2026-14064 (Use after free in PageInfo in Google Chrome on Android prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14065
+CVE-2026-14065 (Insufficient validation of untrusted input in PageInfo in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14066
+CVE-2026-14066 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14067
+CVE-2026-14067 (Use after free in Chrome for iOS in Google Chrome on iOS prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14068
+CVE-2026-14068 (Inappropriate implementation in Omnibox in Google Chrome on 
iOS prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14069
+CVE-2026-14069 (Integer overflow in WebNN in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14070
+CVE-2026-14070 (Integer overflow in WebNN in Google Chrome prior to 
150.0.7871.47 allo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14071
+CVE-2026-14071 (Side-channel information leakage in WebAudio in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14072
+CVE-2026-14072 (Inappropriate implementation in SplitView in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14073
+CVE-2026-14073 (Insufficient validation of untrusted input in WebXR in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14074
+CVE-2026-14074 (Side-channel information leakage in WebAuthentication in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14075
+CVE-2026-14075 (Insufficient policy enforcement in Chrome for iOS in Google 
Chrome on  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14076
+CVE-2026-14076 (Insufficient policy enforcement in Network in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14077
+CVE-2026-14077 (Inappropriate implementation in Select in Google Chrome on Mac 
prior t ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14078
+CVE-2026-14078 (Insufficient validation of untrusted input in WebRTC in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14079
+CVE-2026-14079 (Insufficient policy enforcement in Network in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14080
+CVE-2026-14080 (Insufficient validation of untrusted input in TabSwitcher in 
Google Ch ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14081
+CVE-2026-14081 (Insufficient policy enforcement in DevTools in Google Chrome 
prior to  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14082
+CVE-2026-14082 (Race in Storage in Google Chrome prior to 150.0.7871.47 
allowed a remo ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14083
+CVE-2026-14083 (Insufficient validation of untrusted input in HTML in Google 
Chrome pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14084
+CVE-2026-14084 (Insufficient validation of untrusted input in Chromoting in 
Google Chr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14085
+CVE-2026-14085 (Side-channel information leakage in CSS in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14086
+CVE-2026-14086 (Insufficient policy enforcement in HID in Google Chrome prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14087
+CVE-2026-14087 (Heap buffer overflow in WebNN in Google Chrome on Windows 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14088
+CVE-2026-14088 (Uninitialized Use in Canvas in Google Chrome on Android prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14089
+CVE-2026-14089 (Insufficient validation of untrusted input in PopupBlocker in 
Google C ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14090
+CVE-2026-14090 (Insufficient validation of untrusted input in CameraCapture in 
Google  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14091
+CVE-2026-14091 (Use after free in DevTools in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14092
+CVE-2026-14092 (Insufficient policy enforcement in Privacy in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14093
+CVE-2026-14093 (Use after free in Cast in Google Chrome prior to 150.0.7871.47 
allowed ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14094
+CVE-2026-14094 (Use after free in Installer in Google Chrome on Windows prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14095
+CVE-2026-14095 (Insufficient policy enforcement in Browser in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14096
+CVE-2026-14096 (Inappropriate implementation in Input in Google Chrome on 
Android prio ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14097
+CVE-2026-14097 (Inappropriate implementation in WebAppInstalls in Google 
Chrome on Mac ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14098
+CVE-2026-14098 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14099
+CVE-2026-14099 (Use after free in Chrome for iOS in Google Chrome on iOS prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14100
+CVE-2026-14100 (Insufficient data validation in NetworkCache in Google Chrome 
prior to ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14101
+CVE-2026-14101 (Insufficient policy enforcement in Sandbox in Google Chrome on 
Mac pri ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14102
+CVE-2026-14102 (Use after free in Passwords in Google Chrome prior to 
150.0.7871.47 al ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14103
+CVE-2026-14103 (Use after free in SSL in Google Chrome on ChromeOS prior to 
150.0.7871 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14104
+CVE-2026-14104 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14105
+CVE-2026-14105 (Insufficient policy enforcement in Speech in Google Chrome 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14106
+CVE-2026-14106 (Insufficient validation of untrusted input in Text in Google 
Chrome on ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14107
+CVE-2026-14107 (Use after free in Scheduling in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14108
+CVE-2026-14108 (Use after free in PDFium in Google Chrome prior to 
150.0.7871.47 allow ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14109
+CVE-2026-14109 (Insufficient policy enforcement in Mojo in Google Chrome prior 
to 150. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14110
+CVE-2026-14110 (Inappropriate implementation in DarkMode in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14111
+CVE-2026-14111 (Use after free in WebProtect in Google Chrome prior to 
150.0.7871.47 a ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14112
+CVE-2026-14112 (Inappropriate implementation in Enterprise in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14113
+CVE-2026-14113 (Use after free in Updater in Google Chrome on Windows prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14114
+CVE-2026-14114 (Inappropriate implementation in WebAppInstalls in Google 
Chrome on And ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14115
+CVE-2026-14115 (Insufficient validation of untrusted input in Cast in Google 
Chrome pr ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14116
+CVE-2026-14116 (Insufficient validation of untrusted input in DevTools in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14117
+CVE-2026-14117 (Insufficient validation of untrusted input in DevTools in 
Google Chrom ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14118
+CVE-2026-14118 (Insufficient data validation in DevTools in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14119
+CVE-2026-14119 (Type Confusion in Bluetooth in Google Chrome on Windows prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14120
+CVE-2026-14120 (Inappropriate implementation in DevTools in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14121
+CVE-2026-14121 (Use after free in Chromoting in Google Chrome on Linux prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14122
+CVE-2026-14122 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14123
+CVE-2026-14123 (Incorrect security UI in Chrome for iOS in Google Chrome on 
iOS prior  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14124
+CVE-2026-14124 (Inappropriate implementation in CredentialProvider in Google 
Chrome on ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14125
+CVE-2026-14125 (Uninitialized Use in ANGLE in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14126
+CVE-2026-14126 (Incorrect security UI in UI in Google Chrome on Android prior 
to 150.0 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14127
+CVE-2026-14127 (Inappropriate implementation in Printing in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14128
+CVE-2026-14128 (Inappropriate implementation in Chrome for iOS in Google 
Chrome on iOS ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14129
+CVE-2026-14129 (Inappropriate implementation in PreviewTab in Google Chrome on 
Android ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14130
+CVE-2026-14130 (Incorrect security UI in Omnibox in Google Chrome prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14131
+CVE-2026-14131 (Insufficient validation of untrusted input in WebAppInstalls 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14132
+CVE-2026-14132 (Inappropriate implementation in WebXR in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14133
+CVE-2026-14133 (Race in History Embeddings in Google Chrome prior to 
150.0.7871.47 all ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14134
+CVE-2026-14134 (Inappropriate implementation in Autofill in Google Chrome on 
Android p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14135
+CVE-2026-14135 (Insufficient validation of untrusted input in Network in 
Google Chrome ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14136
+CVE-2026-14136 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14137
+CVE-2026-14137 (Insufficient validation of untrusted input in Chrome for iOS 
in Google ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14138
+CVE-2026-14138 (Inappropriate implementation in WebAppInstalls in Google 
Chrome on Win ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14139
+CVE-2026-14139 (Inappropriate implementation in TabStrip in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14140
+CVE-2026-14140 (Insufficient validation of untrusted input in Input in Google 
Chrome o ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14141
+CVE-2026-14141 (Incorrect security UI in Document Picture-in-Picture in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14142
+CVE-2026-14142 (Inappropriate implementation in Extensions in Google Chrome 
prior to 1 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14143
+CVE-2026-14143 (Incorrect security UI in Passwords in Google Chrome on iOS 
prior to 15 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14144
+CVE-2026-14144 (Incorrect security UI in Views in Google Chrome prior to 
150.0.7871.47 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14145
+CVE-2026-14145 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14146
+CVE-2026-14146 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14147
+CVE-2026-14147 (Inappropriate implementation in CSS in Google Chrome prior to 
150.0.78 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14148
+CVE-2026-14148 (Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 
allowed  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14149
+CVE-2026-14149 (Use after free in Audio in Google Chrome on Linux prior to 
150.0.7871. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14150
+CVE-2026-14150 (Insufficient validation of untrusted input in Speech in Google 
Chrome  ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14151
+CVE-2026-14151 (Inappropriate implementation in AI in Google Chrome prior to 
150.0.787 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14152
+CVE-2026-14152 (Out of bounds read and write in ANGLE in Google Chrome prior 
to 150.0. ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14153
+CVE-2026-14153 (Inappropriate implementation in Glic in Google Chrome prior to 
150.0.7 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14154
+CVE-2026-14154 (Inappropriate implementation in DevTools in Google Chrome 
prior to 150 ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14155
+CVE-2026-14155 (Insufficient policy enforcement in StorageAccessAPI in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-14156
+CVE-2026-14156 (Insufficient policy enforcement in StorageAccessAPI in Google 
Chrome p ...)
        - chromium <unfixed>
        [bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2026-9711 (The EventON - WordPress Virtual Event Calendar Plugin plugin 
for WordP ...)
@@ -8653,7 +9017,7 @@ CVE-2026-53492
        [bookworm] - containerd <not-affected> (Vulnerable code not present, 
only affects 2.x)
        [bullseye] - containerd <not-affected> (Vulnerable code not present, 
only affects 2.x)
        NOTE: 
https://github.com/containerd/containerd/security/advisories/GHSA-33vj-92qq-66hc
-CVE-2026-53488
+CVE-2026-53488 (containerd is an open-source container runtime. In versions 
prior to 1 ...)
        - containerd 2.1.9+ds1-1 (bug #1140385)
        NOTE: 
https://github.com/containerd/containerd/security/advisories/GHSA-xhf5-7wjv-pqxp
 CVE-2026-50195
@@ -9431,6 +9795,7 @@ CVE-2026-48818 (Starlette is a lightweight ASGI 
framework/toolkit. In versions 1
 CVE-2026-48591 (Improper Neutralization of Script in Attributes in a Web Page 
vulnerab ...)
        NOT-FOR-US: pragdave earmark
 CVE-2026-48142 (NGINX Plus and NGINX Open Source have a vulnerability in the 
ngx_http_ ...)
+       {DSA-6374-1 DLA-4660-1}
        - nginx 1.30.1-5 (bug #1140361)
        NOTE: https://my.f5.com/manage/s/article/K000161585
        NOTE: 
https://github.com/nginx/nginx/commit/319a0bff157b15d9061f4712b2edbe6fdd2dee66 
(release-1.31.2)
@@ -9456,6 +9821,7 @@ CVE-2026-42380 (Unauthenticated PHP Object Injection in 
AI Lab < 5.4.2 versions.
 CVE-2026-42357 (Incorrect Authorization vulnerability allows users to access 
workflow  ...)
        NOT-FOR-US: Apache software not packaged in Debian
 CVE-2026-42055 (NGINX Plus and NGINX Open Source have a vulnerability in the 
ngx_http_ ...)
+       {DSA-6374-1 DLA-4660-1}
        - nginx 1.30.1-5 (bug #1140359)
        NOTE: https://my.f5.com/manage/s/article/K000161584
        NOTE: 
https://github.com/nginx/nginx/commit/58a7bc3406ac8b9dc0e0afafc69ba42df56009e3 
(master)
@@ -25385,7 +25751,7 @@ CVE-2026-47770 (jq is a command-line JSON processor. 
Prior to 1.8.2, comparing t
        - jq 1.8.1-7
        NOTE: 
https://github.com/jqlang/jq/commit/7122866869960b55cea3646bc91334ef55787831
        NOTE: https://github.com/jqlang/jq/pull/3539
-CVE-2026-41579
+CVE-2026-41579 (runc is a CLI tool for spawning and running containers 
according to th ...)
        - runc <unfixed> (bug #1140000)
        NOTE: https://www.openwall.com/lists/oss-security/2026/06/13/2
        NOTE: 
https://github.com/opencontainers/runc/security/advisories/GHSA-xjvp-4fhw-gc47
@@ -52575,7 +52941,7 @@ CVE-2026-30999 (A heap buffer overflow in the 
av_bprint_finalize() function of F
 CVE-2026-30998 (An improper resource deallocation and closure vulnerability in 
the too ...)
        NOTE: Bogus CVE assignment for ffmpeg, gets cleaned up by the OS anyway
 CVE-2026-30997 (An out-of-bounds read in the read_global_param() function 
(libavcodec/ ...)
-       {DSA-6361-1}
+       {DSA-6361-1 DSA-6276-1}
        - ffmpeg 7:8.1.1-1
        [bullseye] - ffmpeg <postponed> (Minor issue)
        NOTE: 
https://excellent-oatmeal-319.notion.site/CVE-2026-30997-Out-of-Bounds-Access-a7929817b9794568b2f7774397c7d65f
@@ -210505,7 +210871,8 @@ CVE-2024-57055 (Server-Side Access Control Bypass 
vulnerability in WombatDialer
        NOT-FOR-US: WombatDialer
 CVE-2024-57050
        REJECTED
-CVE-2024-57049 (A vulnerability in the TP-Link Archer c20 router with firmware 
version ...)
+CVE-2024-57049
+       REJECTED
        NOT-FOR-US: TP-Link
 CVE-2024-57046 (A vulnerability in the Netgear DGN2200 router with firmware 
version v1 ...)
        NOT-FOR-US: Netgear



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fe1ed8d4b259bf2cab08c9032fd13f5e795bed3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fe1ed8d4b259bf2cab08c9032fd13f5e795bed3
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to