|
991
|
7.2 |
HIGH
Local
|
palletsprojects
|
click
|
Pallets Click, versions 8.3.2 and below, contain a command injection vulnerability in the click.edit() function, allowing attackers to pass arbitrary OS commands from an unprivileged account.
|
CWE-77
Command Injection
|
CVE-2026-7246
|
2026-05-1 01:39 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
992
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: …
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2026-7354
|
2026-05-1 01:38 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
993
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-416
Use After Free
|
CVE-2026-7355
|
2026-05-1 01:38 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
994
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-7356
|
2026-05-1 01:38 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
995
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chro…
|
CWE-416
Use After Free
|
CVE-2026-7357
|
2026-05-1 01:37 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
996
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-7358
|
2026-05-1 01:37 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
997
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C…
|
CWE-416
Use After Free
|
CVE-2026-7359
|
2026-05-1 01:37 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
998
|
3.1 |
LOW
Network
|
google
|
chrome
|
Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…
|
CWE-20
Improper Input Validation
|
CVE-2026-7360
|
2026-05-1 01:37 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
999
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
|
CWE-416
Use After Free
|
CVE-2026-7361
|
2026-05-1 01:37 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1000
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security s…
|
CWE-416
Use After Free
|
CVE-2026-7363
|
2026-05-1 01:37 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
