|
1861
|
8.6 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
acrobat
|
Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could re…
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2026-34621
|
2026-04-14 06:23 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1862
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandb…
|
CWE-20
Improper Input Validation
|
CVE-2026-5884
|
2026-04-14 06:19 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1863
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chrom…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-5886
|
2026-04-14 06:19 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1864
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted H…
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-5896
|
2026-04-14 06:18 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1865
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. (Chromium security …
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-5895
|
2026-04-14 06:18 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1866
|
6.8 |
MEDIUM
Network
|
google
|
chrome
|
Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-362
Race Condition
|
CVE-2026-5893
|
2026-04-14 06:17 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1867
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a …
|
CWE-20
Improper Input Validation
|
CVE-2026-5885
|
2026-04-14 06:17 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1868
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium…
|
CWE-20
Improper Input Validation
|
CVE-2026-5887
|
2026-04-14 06:17 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1869
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium sec…
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-5888
|
2026-04-14 06:17 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1870
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML p…
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-5897
|
2026-04-14 06:17 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
