|
881
|
6.5 |
MEDIUM
Network
|
open5gs
|
open5gs
|
A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfI…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8730
|
2026-05-19 10:32 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
882
|
3.1 |
LOW
Network
|
google
|
chrome
|
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Ch…
|
CWE-416
Use After Free
|
CVE-2026-8553
|
2026-05-19 10:31 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
883
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (C…
|
CWE-416
Use After Free
|
CVE-2026-8557
|
2026-05-19 10:31 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
884
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-787
Out-of-bounds Write
|
CVE-2026-8558
|
2026-05-19 10:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
885
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: H…
|
CWE-942
Permissive Cross-domain Policy with Untrusted Domains
|
CVE-2026-8537
|
2026-05-19 10:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
886
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-8532
|
2026-05-19 10:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
887
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
|
CWE-416
Use After Free
|
CVE-2026-8533
|
2026-05-19 10:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
888
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a craf…
|
CWE-20
Improper Input Validation
|
CVE-2026-8538
|
2026-05-19 10:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
889
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-843
Type Confusion
|
CVE-2026-8540
|
2026-05-19 10:29 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
890
|
6.5 |
MEDIUM
Network
|
openwebui
|
open_webui
|
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.8.0, GET /api/v1/memories/ef is accessible without authentication and executes request.ap…
|
CWE-862
Missing Authorization
|
CVE-2026-45667
|
2026-05-19 10:28 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
