Overview
Description
Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
Statistics
- 1 Post
- 1 Interaction
Last activity: 9 hours ago
Fediverse
https://www.wacoca.com/news/2796427/ 【セキュリティ ニュース】「Chrome」アップデート、クリティカル含む脆弱性26件を修正(1ページ目 / 全1ページ):Security NEXT #Chrome #Chrome146 #CVE20264439 #CVE20264441 #Google #Science&Technology #ScienceNews #Security #TechnologyNews #UseAfterFree #V8 #WebGL #クリティカル脆弱性 #セキュリティ #セキュリティアップデート #テクノロジー #ニュース #対策 #科学 #科学&テクノロジー
Overview
- Microsoft
- Microsoft 365 Copilot
19 Mar 2026
Published
21 Mar 2026
Updated
CVSS v3.1
MEDIUM (5.3)
EPSS
0.04%
KEV
Description
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
Statistics
- 1 Post
- 1 Interaction
Last activity: 13 hours ago
Overview
Description
telnetd in GNU inetutils through 2.7 allows privilege escalation that can be exploited by abusing systemd service credentials support added to the login(1) implementation of util-linux in release 2.40. This is related to client control over the CREDENTIALS_DIRECTORY environment variable, and requires an unprivileged local user to create a login.noauth file.
Statistics
- 1 Post
Last activity: 1 hour ago
Description
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Statistics
- 1 Post
Last activity: 17 hours ago
Description
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
Statistics
- 1 Post
Last activity: 17 hours ago