|
3811
|
7.5 |
HIGH
Network
|
-
|
-
|
The Contest Gallery plugin for WordPress is vulnerable to SQL Injection via the 'form_input' parameter in versions up to, and including, 28.1.6. This is due to insufficient escaping on the user suppl…
|
CWE-89
SQL Injection
|
CVE-2026-8912
|
2026-05-19 23:38 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3812
|
6.3 |
MEDIUM
Network
|
tencent
|
weknora
|
A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-8786
|
2026-05-19 23:30 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3813
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium se…
|
CWE-664
Improper Control of a Resource Through its Lifetime
|
CVE-2026-8582
|
2026-05-19 23:30 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3814
|
7.5 |
HIGH
Network
|
vercel
|
ai
|
A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manip…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8767
|
2026-05-19 23:29 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3815
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-8552
|
2026-05-19 23:27 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3816
|
3.1 |
LOW
Network
|
google
|
chrome
|
Type Confusion in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted H…
|
CWE-843
Type Confusion
|
CVE-2026-8554
|
2026-05-19 23:27 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3817
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium securi…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-8560
|
2026-05-19 23:27 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3818
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium secu…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-8559
|
2026-05-19 23:26 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3819
|
3.1 |
LOW
Network
|
google
|
chrome
|
Inappropriate implementation in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HT…
|
CWE-119
CWE-284
Incorrect Access of Indexable Resource ('Range Error')
Improper Access Control
|
CVE-2026-8556
|
2026-05-19 23:26 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3820
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-8555
|
2026-05-19 23:26 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
