Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/140795?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "type": "apk", "namespace": "alpine", "name": "qt6-qtwebengine", "version": "6.10.2-r6", "qualifiers": { "arch": "armv7", "distroversion": "edge", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "6.10.2-r8", "latest_non_vulnerable_version": "6.11.1-r2", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85461?format=api", "vulnerability_id": "VCID-3s9r-58bx-bkh6", "summary": "Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3544.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28683", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28486", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3544" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444623", "reference_id": "2444623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444623" }, { "reference_url": "https://issues.chromium.org/issues/485683110", "reference_id": "485683110", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:56:01Z/" } ], "url": "https://issues.chromium.org/issues/485683110" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:56:01Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3544" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3s9r-58bx-bkh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85655?format=api", "vulnerability_id": "VCID-54hw-qxjv-8ydb", "summary": "Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3539.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0115", "published_at": "2026-06-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3539" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444620", "reference_id": "2444620", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444620" }, { "reference_url": "https://issues.chromium.org/issues/483853098", "reference_id": "483853098", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T20:08:53Z/" } ], "url": "https://issues.chromium.org/issues/483853098" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T20:08:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3539" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54hw-qxjv-8ydb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85352?format=api", "vulnerability_id": "VCID-71sr-ksgm-1uc7", "summary": "Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27177", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26974", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3541" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444619", "reference_id": "2444619", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444619" }, { "reference_url": "https://issues.chromium.org/issues/484811719", "reference_id": "484811719", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:06:53Z/" } ], "url": "https://issues.chromium.org/issues/484811719" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:06:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3541" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71sr-ksgm-1uc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85658?format=api", "vulnerability_id": "VCID-cc3t-zuut-67b6", "summary": "Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3321", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33028", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3545" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444615", "reference_id": "2444615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444615" }, { "reference_url": "https://issues.chromium.org/issues/487383169", "reference_id": "487383169", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T14:09:31Z/" } ], "url": "https://issues.chromium.org/issues/487383169" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T14:09:31Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3545" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cc3t-zuut-67b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85536?format=api", "vulnerability_id": "VCID-feqw-s5uh-ybaq", "summary": "Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27624", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27421", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444617", "reference_id": "2444617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444617" }, { "reference_url": "https://issues.chromium.org/issues/484983991", "reference_id": "484983991", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:56Z/" } ], "url": "https://issues.chromium.org/issues/484983991" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:56Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3538" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-feqw-s5uh-ybaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85578?format=api", "vulnerability_id": "VCID-hbnk-c89g-fyf2", "summary": "Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3542.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3542.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25801", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25603", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3542" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444616", "reference_id": "2444616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444616" }, { "reference_url": "https://issues.chromium.org/issues/485152421", "reference_id": "485152421", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:11:05Z/" } ], "url": "https://issues.chromium.org/issues/485152421" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:11:05Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3542" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hbnk-c89g-fyf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85708?format=api", "vulnerability_id": "VCID-rqj7-mwff-aqer", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3543.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3543.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27177", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.26974", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3543" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444622", "reference_id": "2444622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444622" }, { "reference_url": "https://issues.chromium.org/issues/485267831", "reference_id": "485267831", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:15:32Z/" } ], "url": "https://issues.chromium.org/issues/485267831" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:15:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3543" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rqj7-mwff-aqer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85847?format=api", "vulnerability_id": "VCID-zed4-p54s-g3cs", "summary": "Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26293", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26092", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3540" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444612", "reference_id": "2444612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444612" }, { "reference_url": "https://issues.chromium.org/issues/484088917", "reference_id": "484088917", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:57Z/" } ], "url": "https://issues.chromium.org/issues/484088917" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/140795?format=api", "purl": "pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" } ], "aliases": [ "CVE-2026-3540" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zed4-p54s-g3cs" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.10.2-r6%3Farch=armv7&distroversion=edge&reponame=community" }