Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
Typeapk
Namespacealpine
Nameqt6-qtwebengine
Version6.11.0-r4
Qualifiers
arch riscv64
distroversion edge
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.11.0-r5
Latest_non_vulnerable_version6.11.0-r5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2k46-261h-y3bd
vulnerability_id VCID-2k46-261h-y3bd
summary Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5873
reference_id
reference_type
scores
0
value 0.00038
scoring_system epss
scoring_elements 0.11334
published_at 2026-04-13T12:55:00Z
1
value 0.00038
scoring_system epss
scoring_elements 0.11391
published_at 2026-04-09T12:55:00Z
2
value 0.00038
scoring_system epss
scoring_elements 0.11397
published_at 2026-04-11T12:55:00Z
3
value 0.00038
scoring_system epss
scoring_elements 0.11363
published_at 2026-04-12T12:55:00Z
4
value 0.00102
scoring_system epss
scoring_elements 0.27892
published_at 2026-04-24T12:55:00Z
5
value 0.00102
scoring_system epss
scoring_elements 0.28039
published_at 2026-04-16T12:55:00Z
6
value 0.00102
scoring_system epss
scoring_elements 0.28022
published_at 2026-04-18T12:55:00Z
7
value 0.00102
scoring_system epss
scoring_elements 0.27974
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5873
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456808
reference_id 2456808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456808
4
reference_url https://issues.chromium.org/issues/496301615
reference_id 496301615
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/
url https://issues.chromium.org/issues/496301615
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
reference_id stable-channel-update-for-desktop.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-5873
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2k46-261h-y3bd
1
url VCID-3c8j-6wcw-83ax
vulnerability_id VCID-3c8j-6wcw-83ax
summary Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6305.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6305.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6305
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.06673
published_at 2026-04-16T12:55:00Z
1
value 0.00029
scoring_system epss
scoring_elements 0.08135
published_at 2026-04-18T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09114
published_at 2026-04-24T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.0907
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6305
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6305
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6305
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458782
reference_id 2458782
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458782
4
reference_url https://issues.chromium.org/issues/496618639
reference_id 496618639
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:24:18Z/
url https://issues.chromium.org/issues/496618639
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:24:18Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6305
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3c8j-6wcw-83ax
2
url VCID-47az-428z-bkar
vulnerability_id VCID-47az-428z-bkar
summary Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6304.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6304.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6304
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05984
published_at 2026-04-16T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.1042
published_at 2026-04-18T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11548
published_at 2026-04-24T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11595
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6304
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6304
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6304
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458805
reference_id 2458805
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458805
4
reference_url https://issues.chromium.org/issues/496393742
reference_id 496393742
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:54:42Z/
url https://issues.chromium.org/issues/496393742
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:54:42Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6304
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-47az-428z-bkar
3
url VCID-7x3z-8d6t-vfen
vulnerability_id VCID-7x3z-8d6t-vfen
summary Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted video file. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6362.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6362.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6362
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04316
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04299
published_at 2026-04-21T12:55:00Z
2
value 0.00035
scoring_system epss
scoring_elements 0.10232
published_at 2026-04-16T12:55:00Z
3
value 0.00051
scoring_system epss
scoring_elements 0.15637
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6362
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6362
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458802
reference_id 2458802
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458802
4
reference_url https://issues.chromium.org/issues/500066234
reference_id 500066234
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:20:55Z/
url https://issues.chromium.org/issues/500066234
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:20:55Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6362
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7x3z-8d6t-vfen
4
url VCID-8j9g-6zs1-13am
vulnerability_id VCID-8j9g-6zs1-13am
summary Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6314.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6314.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6314
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05984
published_at 2026-04-16T12:55:00Z
1
value 0.00026
scoring_system epss
scoring_elements 0.07258
published_at 2026-04-18T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.1056
published_at 2026-04-24T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10611
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6314
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6314
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6314
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458790
reference_id 2458790
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458790
4
reference_url https://issues.chromium.org/issues/498782145
reference_id 498782145
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:02:42Z/
url https://issues.chromium.org/issues/498782145
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:02:42Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6314
risk_score 3.6
exploitability 0.5
weighted_severity 7.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8j9g-6zs1-13am
5
url VCID-97y1-b8j2-xfb5
vulnerability_id VCID-97y1-b8j2-xfb5
summary Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6298.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6298.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6298
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01137
published_at 2026-04-24T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00692
published_at 2026-04-16T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00924
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6298
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6298
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6298
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458798
reference_id 2458798
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458798
4
reference_url https://issues.chromium.org/issues/495700484
reference_id 495700484
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:25:33Z/
url https://issues.chromium.org/issues/495700484
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:25:33Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6298
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97y1-b8j2-xfb5
6
url VCID-9amk-6z38-qbb1
vulnerability_id VCID-9amk-6z38-qbb1
summary Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6313.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6313.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6313
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01089
published_at 2026-04-24T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00672
published_at 2026-04-16T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00886
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6313
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6313
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6313
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458781
reference_id 2458781
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458781
4
reference_url https://issues.chromium.org/issues/498765210
reference_id 498765210
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:00:37Z/
url https://issues.chromium.org/issues/498765210
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:00:37Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6313
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9amk-6z38-qbb1
7
url VCID-dzf3-492x-budu
vulnerability_id VCID-dzf3-492x-budu
summary Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6303
reference_id
reference_type
scores
0
value 0.00048
scoring_system epss
scoring_elements 0.1471
published_at 2026-04-24T12:55:00Z
1
value 0.00048
scoring_system epss
scoring_elements 0.14679
published_at 2026-04-21T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.2357
published_at 2026-04-16T12:55:00Z
3
value 0.00128
scoring_system epss
scoring_elements 0.3218
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6303
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458804
reference_id 2458804
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458804
4
reference_url https://issues.chromium.org/issues/496282147
reference_id 496282147
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/
url https://issues.chromium.org/issues/496282147
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6303
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzf3-492x-budu
8
url VCID-erxp-a8pr-zyff
vulnerability_id VCID-erxp-a8pr-zyff
summary Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6296
reference_id
reference_type
scores
0
value 0.00021
scoring_system epss
scoring_elements 0.05735
published_at 2026-04-16T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.06911
published_at 2026-04-18T12:55:00Z
2
value 0.00027
scoring_system epss
scoring_elements 0.07695
published_at 2026-04-24T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07751
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6296
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458783
reference_id 2458783
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458783
4
reference_url https://issues.chromium.org/issues/490170083
reference_id 490170083
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:12:28Z/
url https://issues.chromium.org/issues/490170083
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 9.6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:12:28Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6296
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-erxp-a8pr-zyff
9
url VCID-fk6m-8k4f-hyhz
vulnerability_id VCID-fk6m-8k4f-hyhz
summary Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6302.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6302.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6302
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.07722
published_at 2026-04-16T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13367
published_at 2026-04-18T12:55:00Z
2
value 0.00048
scoring_system epss
scoring_elements 0.1471
published_at 2026-04-24T12:55:00Z
3
value 0.00048
scoring_system epss
scoring_elements 0.14679
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6302
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6302
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6302
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458793
reference_id 2458793
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458793
4
reference_url https://issues.chromium.org/issues/495477995
reference_id 495477995
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:53:07Z/
url https://issues.chromium.org/issues/495477995
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:53:07Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6302
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fk6m-8k4f-hyhz
10
url VCID-hyew-s4ya-43bv
vulnerability_id VCID-hyew-s4ya-43bv
summary Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6361.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6361.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6361
reference_id
reference_type
scores
0
value 0.00012
scoring_system epss
scoring_elements 0.01686
published_at 2026-04-18T12:55:00Z
1
value 0.00015
scoring_system epss
scoring_elements 0.03087
published_at 2026-04-16T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.03606
published_at 2026-04-24T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.03599
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6361
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6361
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6361
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458806
reference_id 2458806
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458806
4
reference_url https://issues.chromium.org/issues/500036290
reference_id 500036290
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:17Z/
url https://issues.chromium.org/issues/500036290
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 7.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:17Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6361
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hyew-s4ya-43bv
11
url VCID-jd9x-rsee-ekfk
vulnerability_id VCID-jd9x-rsee-ekfk
summary Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6308.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6308.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6308
reference_id
reference_type
scores
0
value 0.00034
scoring_system epss
scoring_elements 0.09819
published_at 2026-04-24T12:55:00Z
1
value 0.00034
scoring_system epss
scoring_elements 0.09773
published_at 2026-04-21T12:55:00Z
2
value 0.0008
scoring_system epss
scoring_elements 0.2357
published_at 2026-04-16T12:55:00Z
3
value 0.00094
scoring_system epss
scoring_elements 0.26209
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6308
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6308
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6308
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458772
reference_id 2458772
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458772
4
reference_url https://issues.chromium.org/issues/497412658
reference_id 497412658
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:10Z/
url https://issues.chromium.org/issues/497412658
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:10Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6308
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jd9x-rsee-ekfk
12
url VCID-jku3-pwsy-bufq
vulnerability_id VCID-jku3-pwsy-bufq
summary Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6311
reference_id
reference_type
scores
0
value 0.00023
scoring_system epss
scoring_elements 0.06063
published_at 2026-04-16T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.07413
published_at 2026-04-18T12:55:00Z
2
value 0.00029
scoring_system epss
scoring_elements 0.08254
published_at 2026-04-24T12:55:00Z
3
value 0.00029
scoring_system epss
scoring_elements 0.08277
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6311
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458780
reference_id 2458780
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458780
4
reference_url https://issues.chromium.org/issues/498201025
reference_id 498201025
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:10:59Z/
url https://issues.chromium.org/issues/498201025
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:10:59Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6311
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jku3-pwsy-bufq
13
url VCID-jqs4-fgj9-63g7
vulnerability_id VCID-jqs4-fgj9-63g7
summary Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6297
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01076
published_at 2026-04-18T12:55:00Z
1
value 0.00011
scoring_system epss
scoring_elements 0.01348
published_at 2026-04-24T12:55:00Z
2
value 0.00011
scoring_system epss
scoring_elements 0.0134
published_at 2026-04-21T12:55:00Z
3
value 6e-05
scoring_system epss
scoring_elements 0.00355
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6297
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458794
reference_id 2458794
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458794
4
reference_url https://issues.chromium.org/issues/493628982
reference_id 493628982
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:43:24Z/
url https://issues.chromium.org/issues/493628982
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:43:24Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6297
risk_score 3.8
exploitability 0.5
weighted_severity 7.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jqs4-fgj9-63g7
14
url VCID-k82r-r6dh-qfem
vulnerability_id VCID-k82r-r6dh-qfem
summary chromium-browser: Use after free in CSS
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6300
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.07722
published_at 2026-04-16T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13367
published_at 2026-04-18T12:55:00Z
2
value 0.00048
scoring_system epss
scoring_elements 0.1471
published_at 2026-04-24T12:55:00Z
3
value 0.00048
scoring_system epss
scoring_elements 0.14679
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6300
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458775
reference_id 2458775
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458775
4
reference_url https://issues.chromium.org/issues/491994185
reference_id 491994185
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:49:54Z/
url https://issues.chromium.org/issues/491994185
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:49:54Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6300
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k82r-r6dh-qfem
15
url VCID-mjv9-578z-3kej
vulnerability_id VCID-mjv9-578z-3kej
summary Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6312.json
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6312.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6312
reference_id
reference_type
scores
0
value 0.0001
scoring_system epss
scoring_elements 0.01033
published_at 2026-04-24T12:55:00Z
1
value 8e-05
scoring_system epss
scoring_elements 0.00645
published_at 2026-04-16T12:55:00Z
2
value 9e-05
scoring_system epss
scoring_elements 0.00848
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6312
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6312
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6312
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458807
reference_id 2458807
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458807
4
reference_url https://issues.chromium.org/issues/498269651
reference_id 498269651
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:58:49Z/
url https://issues.chromium.org/issues/498269651
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:58:49Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6312
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mjv9-578z-3kej
16
url VCID-mp8f-94vu-jyf9
vulnerability_id VCID-mp8f-94vu-jyf9
summary Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6301.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6301.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6301
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.0783
published_at 2026-04-16T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09433
published_at 2026-04-18T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10547
published_at 2026-04-24T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10563
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6301
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6301
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6301
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458785
reference_id 2458785
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458785
4
reference_url https://issues.chromium.org/issues/495273999
reference_id 495273999
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:50:58Z/
url https://issues.chromium.org/issues/495273999
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:50:58Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6301
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mp8f-94vu-jyf9
17
url VCID-my86-8n81-y3hd
vulnerability_id VCID-my86-8n81-y3hd
summary Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6307
reference_id
reference_type
scores
0
value 0.00028
scoring_system epss
scoring_elements 0.0783
published_at 2026-04-16T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09433
published_at 2026-04-18T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10547
published_at 2026-04-24T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.10563
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6307
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458799
reference_id 2458799
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458799
4
reference_url https://issues.chromium.org/issues/497404188
reference_id 497404188
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/
url https://issues.chromium.org/issues/497404188
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6307
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-my86-8n81-y3hd
18
url VCID-ndkj-5v64-cfa9
vulnerability_id VCID-ndkj-5v64-cfa9
summary Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6309.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6309.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6309
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05984
published_at 2026-04-16T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.1042
published_at 2026-04-18T12:55:00Z
2
value 0.00039
scoring_system epss
scoring_elements 0.11548
published_at 2026-04-24T12:55:00Z
3
value 0.00039
scoring_system epss
scoring_elements 0.11595
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6309
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6309
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6309
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458784
reference_id 2458784
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458784
4
reference_url https://issues.chromium.org/issues/497846428
reference_id 497846428
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:56:18Z/
url https://issues.chromium.org/issues/497846428
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:56:18Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6309
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ndkj-5v64-cfa9
19
url VCID-q17c-ud54-5ydd
vulnerability_id VCID-q17c-ud54-5ydd
summary Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6306
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09114
published_at 2026-04-24T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.0907
published_at 2026-04-21T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21771
published_at 2026-04-16T12:55:00Z
3
value 0.00084
scoring_system epss
scoring_elements 0.24477
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6306
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458778
reference_id 2458778
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458778
4
reference_url https://issues.chromium.org/issues/496907110
reference_id 496907110
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/
url https://issues.chromium.org/issues/496907110
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6306
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q17c-ud54-5ydd
20
url VCID-qrwz-k5dg-27b2
vulnerability_id VCID-qrwz-k5dg-27b2
summary Out of bounds read in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted file. (Chromium security severity: Medium)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6364.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6364.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6364
reference_id
reference_type
scores
0
value 0.00017
scoring_system epss
scoring_elements 0.04287
published_at 2026-04-24T12:55:00Z
1
value 0.00017
scoring_system epss
scoring_elements 0.04275
published_at 2026-04-21T12:55:00Z
2
value 0.00026
scoring_system epss
scoring_elements 0.07056
published_at 2026-04-18T12:55:00Z
3
value 0.00035
scoring_system epss
scoring_elements 0.10232
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6364
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6364
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6364
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458786
reference_id 2458786
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458786
4
reference_url https://issues.chromium.org/issues/502103414
reference_id 502103414
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:47:22Z/
url https://issues.chromium.org/issues/502103414
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:47:22Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6364
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrwz-k5dg-27b2
21
url VCID-thk2-w3k4-jfep
vulnerability_id VCID-thk2-w3k4-jfep
summary Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6360.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6360.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6360
reference_id
reference_type
scores
0
value 0.00022
scoring_system epss
scoring_elements 0.05834
published_at 2026-04-18T12:55:00Z
1
value 0.00024
scoring_system epss
scoring_elements 0.06455
published_at 2026-04-24T12:55:00Z
2
value 0.00024
scoring_system epss
scoring_elements 0.06439
published_at 2026-04-21T12:55:00Z
3
value 0.00027
scoring_system epss
scoring_elements 0.07564
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6360
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458809
reference_id 2458809
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458809
4
reference_url https://issues.chromium.org/issues/497880137
reference_id 497880137
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:04:39Z/
url https://issues.chromium.org/issues/497880137
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T20:04:39Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6360
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-thk2-w3k4-jfep
22
url VCID-vxex-hv2g-gbhk
vulnerability_id VCID-vxex-hv2g-gbhk
summary Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5886
reference_id
reference_type
scores
0
value 0.00025
scoring_system epss
scoring_elements 0.07086
published_at 2026-04-12T12:55:00Z
1
value 0.00025
scoring_system epss
scoring_elements 0.07097
published_at 2026-04-11T12:55:00Z
2
value 0.00025
scoring_system epss
scoring_elements 0.07076
published_at 2026-04-13T12:55:00Z
3
value 0.0003
scoring_system epss
scoring_elements 0.0867
published_at 2026-04-24T12:55:00Z
4
value 0.0003
scoring_system epss
scoring_elements 0.08518
published_at 2026-04-16T12:55:00Z
5
value 0.0003
scoring_system epss
scoring_elements 0.08505
published_at 2026-04-18T12:55:00Z
6
value 0.0003
scoring_system epss
scoring_elements 0.08657
published_at 2026-04-21T12:55:00Z
7
value 0.00032
scoring_system epss
scoring_elements 0.09357
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5886
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456781
reference_id 2456781
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456781
4
reference_url https://issues.chromium.org/issues/485397283
reference_id 485397283
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/
url https://issues.chromium.org/issues/485397283
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
reference_id stable-channel-update-for-desktop.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-5886
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vxex-hv2g-gbhk
23
url VCID-x1xm-1qpa-u7c1
vulnerability_id VCID-x1xm-1qpa-u7c1
summary Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6359.json
reference_id
reference_type
scores
0
value 9.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6359.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6359
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19503
published_at 2026-04-18T12:55:00Z
1
value 0.00068
scoring_system epss
scoring_elements 0.20814
published_at 2026-04-24T12:55:00Z
2
value 0.00068
scoring_system epss
scoring_elements 0.20825
published_at 2026-04-16T12:55:00Z
3
value 0.00068
scoring_system epss
scoring_elements 0.20945
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6359
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6359
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6359
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458797
reference_id 2458797
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458797
4
reference_url https://issues.chromium.org/issues/490251701
reference_id 490251701
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:48:11Z/
url https://issues.chromium.org/issues/490251701
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:48:11Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6359
risk_score 4.0
exploitability 0.5
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x1xm-1qpa-u7c1
24
url VCID-y6r7-wj7c-p3bn
vulnerability_id VCID-y6r7-wj7c-p3bn
summary Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json
reference_id
reference_type
scores
0
value 4.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-5891
reference_id
reference_type
scores
0
value 0.00032
scoring_system epss
scoring_elements 0.09357
published_at 2026-04-09T12:55:00Z
1
value 0.00032
scoring_system epss
scoring_elements 0.09366
published_at 2026-04-11T12:55:00Z
2
value 0.00032
scoring_system epss
scoring_elements 0.09338
published_at 2026-04-12T12:55:00Z
3
value 0.00032
scoring_system epss
scoring_elements 0.09325
published_at 2026-04-13T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.16737
published_at 2026-04-24T12:55:00Z
5
value 0.00054
scoring_system epss
scoring_elements 0.16794
published_at 2026-04-16T12:55:00Z
6
value 0.00054
scoring_system epss
scoring_elements 0.16799
published_at 2026-04-18T12:55:00Z
7
value 0.00054
scoring_system epss
scoring_elements 0.16831
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-5891
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2456771
reference_id 2456771
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2456771
4
reference_url https://issues.chromium.org/issues/487471101
reference_id 487471101
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/
url https://issues.chromium.org/issues/487471101
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
reference_id stable-channel-update-for-desktop.html
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-5891
risk_score 1.9
exploitability 0.5
weighted_severity 3.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6r7-wj7c-p3bn
25
url VCID-ywwf-hc75-nbdm
vulnerability_id VCID-ywwf-hc75-nbdm
summary Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6316.json
reference_id
reference_type
scores
0
value 9.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6316.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-6316
reference_id
reference_type
scores
0
value 0.0008
scoring_system epss
scoring_elements 0.2357
published_at 2026-04-16T12:55:00Z
1
value 0.00128
scoring_system epss
scoring_elements 0.3218
published_at 2026-04-18T12:55:00Z
2
value 0.00139
scoring_system epss
scoring_elements 0.33608
published_at 2026-04-24T12:55:00Z
3
value 0.00139
scoring_system epss
scoring_elements 0.33978
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-6316
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6316
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6316
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2458789
reference_id 2458789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2458789
4
reference_url https://issues.chromium.org/issues/499384399
reference_id 499384399
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:41:19Z/
url https://issues.chromium.org/issues/499384399
5
reference_url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
reference_id stable-channel-update-for-desktop_15.html
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:41:19Z/
url https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
fixed_packages
0
url pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community
aliases CVE-2026-6316
risk_score 4.3
exploitability 0.5
weighted_severity 8.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ywwf-hc75-nbdm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=riscv64&distroversion=edge&reponame=community