Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/31055?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "chromium", "version": "148.0.7778.215-1~deb13u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "148.0.7778.215-1", "latest_non_vulnerable_version": "149.0.7827.114-1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76374?format=api", "vulnerability_id": "VCID-14ex-w3x4-nub7", "summary": "Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9963.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9963.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9963", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28055", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.27843", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28041", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28066", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9963" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9963", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9963" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483129", "reference_id": "2483129", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483129" }, { "reference_url": "https://issues.chromium.org/issues/505143241", "reference_id": "505143241", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:38:06Z/" } ], "url": "https://issues.chromium.org/issues/505143241" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:38:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9963" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-14ex-w3x4-nub7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76215?format=api", "vulnerability_id": "VCID-185a-5ehb-m3ag", "summary": "Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9998.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9998.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9998" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483062", "reference_id": "2483062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483062" }, { "reference_url": "https://issues.chromium.org/issues/513337118", "reference_id": "513337118", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:08:06Z/" } ], "url": "https://issues.chromium.org/issues/513337118" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:08:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9998" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-185a-5ehb-m3ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76319?format=api", "vulnerability_id": "VCID-19zm-bxkn-wbbg", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9901.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9901" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483060", "reference_id": "2483060", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483060" }, { "reference_url": "https://issues.chromium.org/issues/497737770", "reference_id": "497737770", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:36:43Z/" } ], "url": "https://issues.chromium.org/issues/497737770" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:36:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9901" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-19zm-bxkn-wbbg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76758?format=api", "vulnerability_id": "VCID-1ggd-6qcg-t3fg", "summary": "Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10010.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10010.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02534", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0253", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02533", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02524", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10010" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483104", "reference_id": "2483104", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483104" }, { "reference_url": "https://issues.chromium.org/issues/513995565", "reference_id": "513995565", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:39:12Z/" } ], "url": "https://issues.chromium.org/issues/513995565" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:39:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10010" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ggd-6qcg-t3fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76114?format=api", "vulnerability_id": "VCID-21sm-xen5-5khq", "summary": "Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9882.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9882.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08668", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08622", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08663", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483016", "reference_id": "2483016", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483016" }, { "reference_url": "https://issues.chromium.org/issues/506375217", "reference_id": "506375217", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:49:10Z/" } ], "url": "https://issues.chromium.org/issues/506375217" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:49:10Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9882" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21sm-xen5-5khq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76781?format=api", "vulnerability_id": "VCID-243q-waa6-eqcj", "summary": "Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24906", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25105", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25122", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10017" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483063", "reference_id": "2483063", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483063" }, { "reference_url": "https://issues.chromium.org/issues/504156069", "reference_id": "504156069", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:10:47Z/" } ], "url": "https://issues.chromium.org/issues/504156069" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:10:47Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-243q-waa6-eqcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76444?format=api", "vulnerability_id": "VCID-2fpz-7ky2-h3en", "summary": "Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10021.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10021.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10021", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31503", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31308", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31501", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31521", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10021" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10021", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10021" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482980", "reference_id": "2482980", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482980" }, { "reference_url": "https://issues.chromium.org/issues/497327715", "reference_id": "497327715", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:12:41Z/" } ], "url": "https://issues.chromium.org/issues/497327715" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:12:41Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10021" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2fpz-7ky2-h3en" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75930?format=api", "vulnerability_id": "VCID-2mf4-zr2s-3fcu", "summary": "Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9967.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9967.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28965", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9967" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483087", "reference_id": "2483087", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483087" }, { "reference_url": "https://issues.chromium.org/issues/506414791", "reference_id": "506414791", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:25:11Z/" } ], "url": "https://issues.chromium.org/issues/506414791" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:25:11Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9967" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2mf4-zr2s-3fcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75909?format=api", "vulnerability_id": "VCID-2n7e-4hqz-rbhn", "summary": "Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9874" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482988", "reference_id": "2482988", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482988" }, { "reference_url": "https://issues.chromium.org/issues/500609038", "reference_id": "500609038", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:59:17Z/" } ], "url": "https://issues.chromium.org/issues/500609038" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:59:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9874" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2n7e-4hqz-rbhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76017?format=api", "vulnerability_id": "VCID-31gb-s9w8-pfd8", "summary": "Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9934" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483004", "reference_id": "2483004", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483004" }, { "reference_url": "https://issues.chromium.org/issues/501576946", "reference_id": "501576946", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:33:53Z/" } ], "url": "https://issues.chromium.org/issues/501576946" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:33:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9934" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-31gb-s9w8-pfd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76020?format=api", "vulnerability_id": "VCID-326g-zs7w-7yb9", "summary": "Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9983.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9983.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9983", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25337", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25134", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25332", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25349", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9983" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9983", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9983" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483108", "reference_id": "2483108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483108" }, { "reference_url": "https://issues.chromium.org/issues/513001309", "reference_id": "513001309", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:32:49Z/" } ], "url": "https://issues.chromium.org/issues/513001309" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:32:49Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9983" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-326g-zs7w-7yb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76117?format=api", "vulnerability_id": "VCID-34g5-7fh3-4kfv", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9927" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483013", "reference_id": "2483013", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483013" }, { "reference_url": "https://issues.chromium.org/issues/500540958", "reference_id": "500540958", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:34:49Z/" } ], "url": "https://issues.chromium.org/issues/500540958" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:34:49Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9927" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34g5-7fh3-4kfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76670?format=api", "vulnerability_id": "VCID-43ns-7r93-hffh", "summary": "Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10016.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10016.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10016", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10016" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10016", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10016" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483100", "reference_id": "2483100", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483100" }, { "reference_url": "https://issues.chromium.org/issues/515155946", "reference_id": "515155946", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:15:08Z/" } ], "url": "https://issues.chromium.org/issues/515155946" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:15:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10016" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43ns-7r93-hffh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76103?format=api", "vulnerability_id": "VCID-4dhc-v4cj-gyf4", "summary": "Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9989.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9989.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01686", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01673", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01676", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01679", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9989" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483079", "reference_id": "2483079", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483079" }, { "reference_url": "https://issues.chromium.org/issues/513054053", "reference_id": "513054053", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:07:34Z/" } ], "url": "https://issues.chromium.org/issues/513054053" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:07:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9989" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dhc-v4cj-gyf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75951?format=api", "vulnerability_id": "VCID-4p2e-4xm5-53fu", "summary": "Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9999.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9999.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24612", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24421", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24616", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24627", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9999" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483015", "reference_id": "2483015", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483015" }, { "reference_url": "https://issues.chromium.org/issues/513364480", "reference_id": "513364480", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:07:20Z/" } ], "url": "https://issues.chromium.org/issues/513364480" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:07:20Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9999" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4p2e-4xm5-53fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76030?format=api", "vulnerability_id": "VCID-4r8k-ucf4-43bj", "summary": "Use after free in Views in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9948.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9948.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9948" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483006", "reference_id": "2483006", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483006" }, { "reference_url": "https://issues.chromium.org/issues/503790201", "reference_id": "503790201", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:02:21Z/" } ], "url": "https://issues.chromium.org/issues/503790201" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:02:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9948" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4r8k-ucf4-43bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76046?format=api", "vulnerability_id": "VCID-4xr1-cjnu-hud6", "summary": "Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9951.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9951.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9951", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9951" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9951", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9951" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482991", "reference_id": "2482991", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482991" }, { "reference_url": "https://issues.chromium.org/issues/503873388", "reference_id": "503873388", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:38:24Z/" } ], "url": "https://issues.chromium.org/issues/503873388" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:38:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9951" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4xr1-cjnu-hud6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76175?format=api", "vulnerability_id": "VCID-56bu-yyyx-2kdy", "summary": "Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9956.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9956.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9956" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483128", "reference_id": "2483128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483128" }, { "reference_url": "https://issues.chromium.org/issues/504195132", "reference_id": "504195132", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:27:38Z/" } ], "url": "https://issues.chromium.org/issues/504195132" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:27:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9956" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-56bu-yyyx-2kdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75942?format=api", "vulnerability_id": "VCID-5bqx-eecz-hkbc", "summary": "Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9886.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9886.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9886" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483072", "reference_id": "2483072", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483072" }, { "reference_url": "https://issues.chromium.org/issues/508456788", "reference_id": "508456788", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:55:46Z/" } ], "url": "https://issues.chromium.org/issues/508456788" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:55:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9886" ], "risk_score": 4.2, "exploitability": "0.5", "weighted_severity": "8.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5bqx-eecz-hkbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76330?format=api", "vulnerability_id": "VCID-69m4-vehj-aqah", "summary": "Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9894.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9894.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9894" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483097", "reference_id": "2483097", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483097" }, { "reference_url": "https://issues.chromium.org/issues/507707838", "reference_id": "507707838", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:51:33Z/" } ], "url": "https://issues.chromium.org/issues/507707838" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:51:33Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9894" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69m4-vehj-aqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76692?format=api", "vulnerability_id": "VCID-6t63-hu6d-u7gr", "summary": "Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10020.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10020.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25261", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25058", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25256", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25275", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10020" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482975", "reference_id": "2482975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482975" }, { "reference_url": "https://issues.chromium.org/issues/496565479", "reference_id": "496565479", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:57:44Z/" } ], "url": "https://issues.chromium.org/issues/496565479" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:57:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10020" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6t63-hu6d-u7gr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76162?format=api", "vulnerability_id": "VCID-73qb-md3t-fybb", "summary": "Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9879.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9879.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31997", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31816", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32002", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32018", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9879" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482997", "reference_id": "2482997", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482997" }, { "reference_url": "https://issues.chromium.org/issues/499129768", "reference_id": "499129768", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:42:35Z/" } ], "url": "https://issues.chromium.org/issues/499129768" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:42:35Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9879" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-73qb-md3t-fybb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76173?format=api", "vulnerability_id": "VCID-75pz-t68v-gfbe", "summary": "Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9920.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9920.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9920", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09743", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09793", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09795", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9920" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483009", "reference_id": "2483009", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483009" }, { "reference_url": "https://issues.chromium.org/issues/500138014", "reference_id": "500138014", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:25:20Z/" } ], "url": "https://issues.chromium.org/issues/500138014" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:25:20Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9920" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75pz-t68v-gfbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75896?format=api", "vulnerability_id": "VCID-75yd-zks8-53h4", "summary": "Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9896.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31997", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31816", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32002", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32018", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483033", "reference_id": "2483033", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483033" }, { "reference_url": "https://issues.chromium.org/issues/508811474", "reference_id": "508811474", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:43:40Z/" } ], "url": "https://issues.chromium.org/issues/508811474" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:43:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9896" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75yd-zks8-53h4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76228?format=api", "vulnerability_id": "VCID-7qcu-e2s6-gff8", "summary": "Use after free in WebView in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9888.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9888.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9888", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2885", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28636", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28861", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9888" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9888", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483002", "reference_id": "2483002", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483002" }, { "reference_url": "https://issues.chromium.org/issues/511715166", "reference_id": "511715166", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:54:46Z/" } ], "url": "https://issues.chromium.org/issues/511715166" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:54:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9888" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7qcu-e2s6-gff8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76073?format=api", "vulnerability_id": "VCID-7qnw-br2k-qbb2", "summary": "Uninitialized Use in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9917.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9917.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.1015", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10113", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.1016", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.10165", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9917" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482970", "reference_id": "2482970", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482970" }, { "reference_url": "https://issues.chromium.org/issues/500095304", "reference_id": "500095304", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:24:19Z/" } ], "url": "https://issues.chromium.org/issues/500095304" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:24:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9917" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7qnw-br2k-qbb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76242?format=api", "vulnerability_id": "VCID-7w3h-3azb-57d8", "summary": "Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9976.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9976.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25943", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25745", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25945", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25961", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9976" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482968", "reference_id": "2482968", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482968" }, { "reference_url": "https://issues.chromium.org/issues/511732828", "reference_id": "511732828", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:34:36Z/" } ], "url": "https://issues.chromium.org/issues/511732828" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:34:36Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9976" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7w3h-3azb-57d8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75914?format=api", "vulnerability_id": "VCID-7xq3-ctmk-bug3", "summary": "Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9957.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9957.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9957" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482972", "reference_id": "2482972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482972" }, { "reference_url": "https://issues.chromium.org/issues/504516117", "reference_id": "504516117", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:26:33Z/" } ], "url": "https://issues.chromium.org/issues/504516117" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:26:33Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9957" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xq3-ctmk-bug3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76066?format=api", "vulnerability_id": "VCID-81bx-eckp-t7ch", "summary": "Insufficient validation of untrusted input in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25261", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25058", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25256", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25275", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9898" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483037", "reference_id": "2483037", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483037" }, { "reference_url": "https://issues.chromium.org/issues/496282591", "reference_id": "496282591", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:54:27Z/" } ], "url": "https://issues.chromium.org/issues/496282591" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:54:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9898" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81bx-eckp-t7ch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76402?format=api", "vulnerability_id": "VCID-81gx-9ra9-bfc2", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9878.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9878.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9878", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9878" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483059", "reference_id": "2483059", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483059" }, { "reference_url": "https://issues.chromium.org/issues/499054245", "reference_id": "499054245", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:40:32Z/" } ], "url": "https://issues.chromium.org/issues/499054245" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:40:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9878" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-81gx-9ra9-bfc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76188?format=api", "vulnerability_id": "VCID-8777-k2qb-2ke4", "summary": "Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9974.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9974.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26103", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25901", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26101", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26117", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9974" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483105", "reference_id": "2483105", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483105" }, { "reference_url": "https://issues.chromium.org/issues/511710468", "reference_id": "511710468", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:22:30Z/" } ], "url": "https://issues.chromium.org/issues/511710468" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:22:30Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9974" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8777-k2qb-2ke4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76126?format=api", "vulnerability_id": "VCID-8jrh-sd2w-2ygz", "summary": "Uninitialized Use in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin information via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08949", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08912", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08956", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0896", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483084", "reference_id": "2483084", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483084" }, { "reference_url": "https://issues.chromium.org/issues/500150338", "reference_id": "500150338", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:25:46Z/" } ], "url": "https://issues.chromium.org/issues/500150338" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:25:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9921" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8jrh-sd2w-2ygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76453?format=api", "vulnerability_id": "VCID-9ea1-xw6h-aufa", "summary": "Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10009" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483114", "reference_id": "2483114", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483114" }, { "reference_url": "https://issues.chromium.org/issues/513973560", "reference_id": "513973560", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:50:09Z/" } ], "url": "https://issues.chromium.org/issues/513973560" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:50:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10009" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9ea1-xw6h-aufa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76057?format=api", "vulnerability_id": "VCID-9hy8-fn9x-2fdc", "summary": "Use after free in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9932.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9932.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9932" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482986", "reference_id": "2482986", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482986" }, { "reference_url": "https://issues.chromium.org/issues/501563323", "reference_id": "501563323", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:42:48Z/" } ], "url": "https://issues.chromium.org/issues/501563323" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:42:48Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9932" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hy8-fn9x-2fdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76413?format=api", "vulnerability_id": "VCID-9shd-bkht-ffeb", "summary": "Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25099", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24898", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9873" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483089", "reference_id": "2483089", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483089" }, { "reference_url": "https://issues.chromium.org/issues/507365348", "reference_id": "507365348", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:41:27Z/" } ], "url": "https://issues.chromium.org/issues/507365348" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:41:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9873" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9shd-bkht-ffeb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76088?format=api", "vulnerability_id": "VCID-a3j9-a97s-duby", "summary": "Inappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9912.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10866", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10842", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10901", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10897", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9912" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483092", "reference_id": "2483092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483092" }, { "reference_url": "https://issues.chromium.org/issues/499873765", "reference_id": "499873765", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:48:23Z/" } ], "url": "https://issues.chromium.org/issues/499873765" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:48:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9912" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a3j9-a97s-duby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76170?format=api", "vulnerability_id": "VCID-a6e9-m93m-hkc4", "summary": "Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482984", "reference_id": "2482984", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482984" }, { "reference_url": "https://issues.chromium.org/issues/501125002", "reference_id": "501125002", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:46:25Z/" } ], "url": "https://issues.chromium.org/issues/501125002" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:46:25Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9928" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6e9-m93m-hkc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76254?format=api", "vulnerability_id": "VCID-acbn-jedu-9ycy", "summary": "Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9936.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9936.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9936" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483055", "reference_id": "2483055", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483055" }, { "reference_url": "https://issues.chromium.org/issues/502104354", "reference_id": "502104354", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:41:52Z/" } ], "url": "https://issues.chromium.org/issues/502104354" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:41:52Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9936" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-acbn-jedu-9ycy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75890?format=api", "vulnerability_id": "VCID-aeem-fbx5-63fp", "summary": "Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9969.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9969.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3524", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.3506", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35239", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35263", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9969" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483068", "reference_id": "2483068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483068" }, { "reference_url": "https://issues.chromium.org/issues/506550494", "reference_id": "506550494", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:36:08Z/" } ], "url": "https://issues.chromium.org/issues/506550494" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:36:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9969" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aeem-fbx5-63fp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75949?format=api", "vulnerability_id": "VCID-ahzs-199q-57fb", "summary": "Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.13017", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12934", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.13029", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.13039", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9930" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482976", "reference_id": "2482976", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482976" }, { "reference_url": "https://issues.chromium.org/issues/501499832", "reference_id": "501499832", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:07:50Z/" } ], "url": "https://issues.chromium.org/issues/501499832" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:07:50Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9930" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ahzs-199q-57fb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76172?format=api", "vulnerability_id": "VCID-avm6-aajr-qber", "summary": "Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9887.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9887.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21776", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21602", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2179", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21802", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9887" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9887", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9887" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482978", "reference_id": "2482978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482978" }, { "reference_url": "https://issues.chromium.org/issues/511249104", "reference_id": "511249104", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:17:41Z/" } ], "url": "https://issues.chromium.org/issues/511249104" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:17:41Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9887" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avm6-aajr-qber" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76090?format=api", "vulnerability_id": "VCID-aytk-tkwj-33dx", "summary": "Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9924.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23674", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23488", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23684", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23694", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9924" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483028", "reference_id": "2483028", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483028" }, { "reference_url": "https://issues.chromium.org/issues/500398345", "reference_id": "500398345", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:50:27Z/" } ], "url": "https://issues.chromium.org/issues/500398345" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:50:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9924" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aytk-tkwj-33dx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76270?format=api", "vulnerability_id": "VCID-bgfh-zb3y-wyc1", "summary": "Insufficient validation of untrusted input in Printing in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9980.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9980.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1146", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11424", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.115", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11494", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9980" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482969", "reference_id": "2482969", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482969" }, { "reference_url": "https://issues.chromium.org/issues/511776372", "reference_id": "511776372", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:39:38Z/" } ], "url": "https://issues.chromium.org/issues/511776372" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:39:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9980" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgfh-zb3y-wyc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76064?format=api", "vulnerability_id": "VCID-bgkk-xha8-8ua9", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9941.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9941.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9941" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483057", "reference_id": "2483057", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483057" }, { "reference_url": "https://issues.chromium.org/issues/502812366", "reference_id": "502812366", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:32:52Z/" } ], "url": "https://issues.chromium.org/issues/502812366" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:32:52Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9941" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgkk-xha8-8ua9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76005?format=api", "vulnerability_id": "VCID-bpw6-6ctw-aybv", "summary": "Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9947" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483050", "reference_id": "2483050", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483050" }, { "reference_url": "https://issues.chromium.org/issues/503627446", "reference_id": "503627446", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:31:06Z/" } ], "url": "https://issues.chromium.org/issues/503627446" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:31:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9947" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bpw6-6ctw-aybv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76466?format=api", "vulnerability_id": "VCID-byzn-9gfs-k3fj", "summary": "Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10005.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10005.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23165", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2298", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23187", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10005" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483102", "reference_id": "2483102", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483102" }, { "reference_url": "https://issues.chromium.org/issues/513750089", "reference_id": "513750089", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:17:43Z/" } ], "url": "https://issues.chromium.org/issues/513750089" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:17:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10005" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-byzn-9gfs-k3fj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76096?format=api", "vulnerability_id": "VCID-cab5-8a81-bufu", "summary": "Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9945.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9945.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9945", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9945" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9945", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9945" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483109", "reference_id": "2483109", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483109" }, { "reference_url": "https://issues.chromium.org/issues/503565293", "reference_id": "503565293", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:31:58Z/" } ], "url": "https://issues.chromium.org/issues/503565293" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:31:58Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9945" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cab5-8a81-bufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76394?format=api", "vulnerability_id": "VCID-cfa5-h56t-r3cj", "summary": "Inappropriate implementation in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09597", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09641", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09639", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9913" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483088", "reference_id": "2483088", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483088" }, { "reference_url": "https://issues.chromium.org/issues/500046096", "reference_id": "500046096", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:47:38Z/" } ], "url": "https://issues.chromium.org/issues/500046096" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:47:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9913" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cfa5-h56t-r3cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76400?format=api", "vulnerability_id": "VCID-chwy-qjzh-gfbd", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9946.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9946.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9946", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9946" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9946", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9946" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483014", "reference_id": "2483014", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483014" }, { "reference_url": "https://issues.chromium.org/issues/503596863", "reference_id": "503596863", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:40:13Z/" } ], "url": "https://issues.chromium.org/issues/503596863" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:40:13Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9946" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-chwy-qjzh-gfbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76421?format=api", "vulnerability_id": "VCID-cnrv-zr6v-zkfh", "summary": "Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10014.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10014.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10014", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2885", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28636", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28861", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10014" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10014", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10014" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483081", "reference_id": "2483081", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483081" }, { "reference_url": "https://issues.chromium.org/issues/514742327", "reference_id": "514742327", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:57:31Z/" } ], "url": "https://issues.chromium.org/issues/514742327" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:57:31Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10014" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cnrv-zr6v-zkfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75975?format=api", "vulnerability_id": "VCID-cu7n-35pq-5kae", "summary": "Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9880.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9880.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30034", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.29837", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30035", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.30052", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9880" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483098", "reference_id": "2483098", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483098" }, { "reference_url": "https://issues.chromium.org/issues/503615025", "reference_id": "503615025", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:52:37Z/" } ], "url": "https://issues.chromium.org/issues/503615025" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:52:37Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9880" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cu7n-35pq-5kae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75974?format=api", "vulnerability_id": "VCID-dgpt-m9au-zyd2", "summary": "Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9949.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9949.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9949" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483085", "reference_id": "2483085", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483085" }, { "reference_url": "https://issues.chromium.org/issues/503793153", "reference_id": "503793153", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:39:25Z/" } ], "url": "https://issues.chromium.org/issues/503793153" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:39:25Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9949" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgpt-m9au-zyd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76280?format=api", "vulnerability_id": "VCID-dgrf-p1x1-1bcq", "summary": "Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9950.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9950.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11037", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1101", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11072", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11068", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9950" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483126", "reference_id": "2483126", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483126" }, { "reference_url": "https://issues.chromium.org/issues/503862359", "reference_id": "503862359", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:29:12Z/" } ], "url": "https://issues.chromium.org/issues/503862359" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:29:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9950" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dgrf-p1x1-1bcq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76395?format=api", "vulnerability_id": "VCID-dvgc-p31x-akfx", "summary": "Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9937.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9937.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9937" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483091", "reference_id": "2483091", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483091" }, { "reference_url": "https://issues.chromium.org/issues/502112506", "reference_id": "502112506", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:41:04Z/" } ], "url": "https://issues.chromium.org/issues/502112506" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:41:04Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9937" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvgc-p31x-akfx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76124?format=api", "vulnerability_id": "VCID-ed8w-87bm-yuf1", "summary": "Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9933.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9933.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9933", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9933" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9933", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9933" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483038", "reference_id": "2483038", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483038" }, { "reference_url": "https://issues.chromium.org/issues/501575979", "reference_id": "501575979", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:10:12Z/" } ], "url": "https://issues.chromium.org/issues/501575979" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:10:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9933" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ed8w-87bm-yuf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75948?format=api", "vulnerability_id": "VCID-edmt-9j97-aker", "summary": "Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9910.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9910.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9910" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483018", "reference_id": "2483018", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483018" }, { "reference_url": "https://issues.chromium.org/issues/499176133", "reference_id": "499176133", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:46:09Z/" } ], "url": "https://issues.chromium.org/issues/499176133" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:46:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9910" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-edmt-9j97-aker" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76193?format=api", "vulnerability_id": "VCID-ekkj-6gdb-6fah", "summary": "Use after free in Browser in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9884.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9884.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31174", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3098", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31191", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9884" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9884", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9884" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483110", "reference_id": "2483110", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483110" }, { "reference_url": "https://issues.chromium.org/issues/508289938", "reference_id": "508289938", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:38:26Z/" } ], "url": "https://issues.chromium.org/issues/508289938" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:38:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9884" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ekkj-6gdb-6fah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76149?format=api", "vulnerability_id": "VCID-eq9a-d52k-dbgm", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9899.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9899" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482999", "reference_id": "2482999", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482999" }, { "reference_url": "https://issues.chromium.org/issues/497533569", "reference_id": "497533569", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:50:22Z/" } ], "url": "https://issues.chromium.org/issues/497533569" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:50:22Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9899" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eq9a-d52k-dbgm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76246?format=api", "vulnerability_id": "VCID-f8e2-hqws-muau", "summary": "Inappropriate implementation in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9991.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9991.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08028", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08035", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08031", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9991" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483106", "reference_id": "2483106", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483106" }, { "reference_url": "https://issues.chromium.org/issues/513173565", "reference_id": "513173565", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:45:55Z/" } ], "url": "https://issues.chromium.org/issues/513173565" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:45:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9991" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f8e2-hqws-muau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76311?format=api", "vulnerability_id": "VCID-fbd1-nn7v-z7cj", "summary": "Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9960.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9960.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9960" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483061", "reference_id": "2483061", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483061" }, { "reference_url": "https://issues.chromium.org/issues/504573260", "reference_id": "504573260", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:53:29Z/" } ], "url": "https://issues.chromium.org/issues/504573260" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:53:29Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9960" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbd1-nn7v-z7cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76039?format=api", "vulnerability_id": "VCID-fj34-a1qp-tfhc", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9877" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483012", "reference_id": "2483012", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483012" }, { "reference_url": "https://issues.chromium.org/issues/496445460", "reference_id": "496445460", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:58:16Z/" } ], "url": "https://issues.chromium.org/issues/496445460" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:58:16Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9877" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fj34-a1qp-tfhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75892?format=api", "vulnerability_id": "VCID-fm9e-c5mq-9uch", "summary": "Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483040", "reference_id": "2483040", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483040" }, { "reference_url": "https://issues.chromium.org/issues/501524262", "reference_id": "501524262", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:43:36Z/" } ], "url": "https://issues.chromium.org/issues/501524262" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:43:36Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9931" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fm9e-c5mq-9uch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75917?format=api", "vulnerability_id": "VCID-ftn6-c2qu-7bb9", "summary": "Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9942.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0918", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09133", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09189", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0919", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9942" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483101", "reference_id": "2483101", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483101" }, { "reference_url": "https://issues.chromium.org/issues/503438092", "reference_id": "503438092", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:11:43Z/" } ], "url": "https://issues.chromium.org/issues/503438092" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:11:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9942" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ftn6-c2qu-7bb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76612?format=api", "vulnerability_id": "VCID-fwb9-cbua-1fge", "summary": "Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10006.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10006.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24191", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24007", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24204", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24212", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10006" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483020", "reference_id": "2483020", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483020" }, { "reference_url": "https://issues.chromium.org/issues/513750691", "reference_id": "513750691", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:28:26Z/" } ], "url": "https://issues.chromium.org/issues/513750691" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:28:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10006" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fwb9-cbua-1fge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76011?format=api", "vulnerability_id": "VCID-g5q7-qaxu-5fah", "summary": "Use after free in Accessibility in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9902.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9902.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9902" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483116", "reference_id": "2483116", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483116" }, { "reference_url": "https://issues.chromium.org/issues/498205735", "reference_id": "498205735", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:48:01Z/" } ], "url": "https://issues.chromium.org/issues/498205735" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:48:01Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9902" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g5q7-qaxu-5fah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76458?format=api", "vulnerability_id": "VCID-gc6x-x32j-wqb9", "summary": "Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10012.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10012.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10012", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10012" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10012", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10012" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483035", "reference_id": "2483035", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483035" }, { "reference_url": "https://issues.chromium.org/issues/514063977", "reference_id": "514063977", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:31:25Z/" } ], "url": "https://issues.chromium.org/issues/514063977" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:31:25Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10012" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc6x-x32j-wqb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76185?format=api", "vulnerability_id": "VCID-gppy-rrym-auex", "summary": "Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9993.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9993.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9993", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9993" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9993" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483032", "reference_id": "2483032", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483032" }, { "reference_url": "https://issues.chromium.org/issues/513208588", "reference_id": "513208588", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:36:30Z/" } ], "url": "https://issues.chromium.org/issues/513208588" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:36:30Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9993" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gppy-rrym-auex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75978?format=api", "vulnerability_id": "VCID-h134-e62z-fkdp", "summary": "Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9986.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9986.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9986", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24918", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24725", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24923", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24935", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9986" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9986", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9986" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482993", "reference_id": "2482993", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482993" }, { "reference_url": "https://issues.chromium.org/issues/513028160", "reference_id": "513028160", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:32:37Z/" } ], "url": "https://issues.chromium.org/issues/513028160" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:32:37Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9986" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h134-e62z-fkdp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76127?format=api", "vulnerability_id": "VCID-h7mu-81kq-hqfn", "summary": "Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9954.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9954.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9954" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483071", "reference_id": "2483071", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483071" }, { "reference_url": "https://issues.chromium.org/issues/504175497", "reference_id": "504175497", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:53:12Z/" } ], "url": "https://issues.chromium.org/issues/504175497" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:53:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9954" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7mu-81kq-hqfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76624?format=api", "vulnerability_id": "VCID-hcyg-bfsd-qyb1", "summary": "Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10013.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10013.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10013", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31174", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3098", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31191", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10013" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10013", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10013" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482981", "reference_id": "2482981", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482981" }, { "reference_url": "https://issues.chromium.org/issues/514715455", "reference_id": "514715455", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:16:09Z/" } ], "url": "https://issues.chromium.org/issues/514715455" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:16:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10013" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hcyg-bfsd-qyb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76579?format=api", "vulnerability_id": "VCID-heyq-fefc-1feg", "summary": "Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10008.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10008.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11042", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11016", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11078", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.11074", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10008" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483025", "reference_id": "2483025", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483025" }, { "reference_url": "https://issues.chromium.org/issues/513768979", "reference_id": "513768979", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:44:34Z/" } ], "url": "https://issues.chromium.org/issues/513768979" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:44:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10008" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-heyq-fefc-1feg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76393?format=api", "vulnerability_id": "VCID-hg98-tqyg-qfb6", "summary": "Uninitialized Use in Gamepad in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9972.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9972.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9972", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22753", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22565", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2276", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22773", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9972" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9972", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9972" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483099", "reference_id": "2483099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483099" }, { "reference_url": "https://issues.chromium.org/issues/508463705", "reference_id": "508463705", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:58:43Z/" } ], "url": "https://issues.chromium.org/issues/508463705" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:58:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9972" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hg98-tqyg-qfb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76058?format=api", "vulnerability_id": "VCID-hhdq-5ymu-yyde", "summary": "Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483069", "reference_id": "2483069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483069" }, { "reference_url": "https://issues.chromium.org/issues/496271580", "reference_id": "496271580", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:37:33Z/" } ], "url": "https://issues.chromium.org/issues/496271580" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:37:33Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9897" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhdq-5ymu-yyde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75977?format=api", "vulnerability_id": "VCID-hmpt-use3-f7fz", "summary": "Insufficient validation of untrusted input in Site Isolation in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted MHTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09317", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0937", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09369", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483048", "reference_id": "2483048", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483048" }, { "reference_url": "https://issues.chromium.org/issues/498783665", "reference_id": "498783665", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:40:32Z/" } ], "url": "https://issues.chromium.org/issues/498783665" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:40:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9903" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hmpt-use3-f7fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76206?format=api", "vulnerability_id": "VCID-hu41-q4h1-2qhg", "summary": "Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9987.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9987.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9987", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01905", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01892", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01894", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01896", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9987" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9987", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9987" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483046", "reference_id": "2483046", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483046" }, { "reference_url": "https://issues.chromium.org/issues/513046475", "reference_id": "513046475", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:30:30Z/" } ], "url": "https://issues.chromium.org/issues/513046475" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:30:30Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9987" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hu41-q4h1-2qhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76160?format=api", "vulnerability_id": "VCID-jnfe-6tv4-nbfd", "summary": "Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9958.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9958.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9958" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483022", "reference_id": "2483022", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483022" }, { "reference_url": "https://issues.chromium.org/issues/504555886", "reference_id": "504555886", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:54:37Z/" } ], "url": "https://issues.chromium.org/issues/504555886" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:54:37Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9958" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jnfe-6tv4-nbfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75973?format=api", "vulnerability_id": "VCID-ju68-ppbw-ykaz", "summary": "Use after free in Base in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9883.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9883" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483064", "reference_id": "2483064", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483064" }, { "reference_url": "https://issues.chromium.org/issues/506477192", "reference_id": "506477192", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:39:29Z/" } ], "url": "https://issues.chromium.org/issues/506477192" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:39:29Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9883" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ju68-ppbw-ykaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76044?format=api", "vulnerability_id": "VCID-jyrt-y6pg-myfm", "summary": "Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482996", "reference_id": "2482996", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482996" }, { "reference_url": "https://issues.chromium.org/issues/498883610", "reference_id": "498883610", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:45:17Z/" } ], "url": "https://issues.chromium.org/issues/498883610" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:45:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9905" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jyrt-y6pg-myfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76336?format=api", "vulnerability_id": "VCID-kaem-23uz-kyfn", "summary": "Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9979.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9979.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13899", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13815", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13931", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.1393", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9979" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483082", "reference_id": "2483082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483082" }, { "reference_url": "https://issues.chromium.org/issues/511742228", "reference_id": "511742228", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:40:02Z/" } ], "url": "https://issues.chromium.org/issues/511742228" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:40:02Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9979" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kaem-23uz-kyfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76062?format=api", "vulnerability_id": "VCID-m1jq-dab2-d3cw", "summary": "Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25261", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25058", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25256", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25275", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9885" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482982", "reference_id": "2482982", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482982" }, { "reference_url": "https://issues.chromium.org/issues/508452241", "reference_id": "508452241", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:53:32Z/" } ], "url": "https://issues.chromium.org/issues/508452241" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:53:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9885" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m1jq-dab2-d3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76850?format=api", "vulnerability_id": "VCID-m4ne-jm1m-eqcc", "summary": "Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10001.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10001.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10001" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483107", "reference_id": "2483107", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483107" }, { "reference_url": "https://issues.chromium.org/issues/513505927", "reference_id": "513505927", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:32:03Z/" } ], "url": "https://issues.chromium.org/issues/513505927" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:32:03Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10001" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4ne-jm1m-eqcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76101?format=api", "vulnerability_id": "VCID-m8nk-qqta-1qf7", "summary": "Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9952.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9952.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9952", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31174", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3098", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31191", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9952" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9952", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9952" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483074", "reference_id": "2483074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483074" }, { "reference_url": "https://issues.chromium.org/issues/503929476", "reference_id": "503929476", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:30:04Z/" } ], "url": "https://issues.chromium.org/issues/503929476" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:30:04Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9952" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8nk-qqta-1qf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76113?format=api", "vulnerability_id": "VCID-m8z5-qhne-17h7", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9938.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28811", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28598", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28798", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28822", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9938" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482967", "reference_id": "2482967", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482967" }, { "reference_url": "https://issues.chromium.org/issues/502300817", "reference_id": "502300817", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:42:55Z/" } ], "url": "https://issues.chromium.org/issues/502300817" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:42:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9938" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m8z5-qhne-17h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75964?format=api", "vulnerability_id": "VCID-mara-d9p2-1ub2", "summary": "Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9962.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9962.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9962", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23165", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2298", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23187", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9962" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483094", "reference_id": "2483094", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483094" }, { "reference_url": "https://issues.chromium.org/issues/504716948", "reference_id": "504716948", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:25:40Z/" } ], "url": "https://issues.chromium.org/issues/504716948" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:25:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9962" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mara-d9p2-1ub2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76082?format=api", "vulnerability_id": "VCID-mfms-fmx5-7ybj", "summary": "Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9961.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9961.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9961" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483066", "reference_id": "2483066", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483066" }, { "reference_url": "https://issues.chromium.org/issues/504710769", "reference_id": "504710769", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:56:24Z/" } ], "url": "https://issues.chromium.org/issues/504710769" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:56:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9961" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mfms-fmx5-7ybj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75916?format=api", "vulnerability_id": "VCID-mgbm-eac8-kbd8", "summary": "Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9988.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9988.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21173", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20997", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21193", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9988" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483031", "reference_id": "2483031", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483031" }, { "reference_url": "https://issues.chromium.org/issues/513049286", "reference_id": "513049286", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:01:03Z/" } ], "url": "https://issues.chromium.org/issues/513049286" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:01:03Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9988" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mgbm-eac8-kbd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76412?format=api", "vulnerability_id": "VCID-mmcc-vacc-sycn", "summary": "Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24003", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23821", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24018", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24026", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9939" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483005", "reference_id": "2483005", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483005" }, { "reference_url": "https://issues.chromium.org/issues/502735235", "reference_id": "502735235", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:39:24Z/" } ], "url": "https://issues.chromium.org/issues/502735235" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:39:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9939" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmcc-vacc-sycn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76369?format=api", "vulnerability_id": "VCID-mrbh-g1ur-ekfr", "summary": "Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9973.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9973.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9973", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28943", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28732", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28933", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28957", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9973" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9973", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9973" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483112", "reference_id": "2483112", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483112" }, { "reference_url": "https://issues.chromium.org/issues/509268941", "reference_id": "509268941", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:44:44Z/" } ], "url": "https://issues.chromium.org/issues/509268941" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:44:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9973" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mrbh-g1ur-ekfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76211?format=api", "vulnerability_id": "VCID-mxkj-pmuc-sbdv", "summary": "Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9977.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9977.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2707", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2687", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27071", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27086", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9977" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483030", "reference_id": "2483030", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483030" }, { "reference_url": "https://issues.chromium.org/issues/511741173", "reference_id": "511741173", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:56:14Z/" } ], "url": "https://issues.chromium.org/issues/511741173" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:56:14Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9977" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mxkj-pmuc-sbdv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76125?format=api", "vulnerability_id": "VCID-n1fv-pgdf-vbed", "summary": "Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9909.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9909.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9909" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483023", "reference_id": "2483023", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483023" }, { "reference_url": "https://issues.chromium.org/issues/499152771", "reference_id": "499152771", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:50:55Z/" } ], "url": "https://issues.chromium.org/issues/499152771" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T12:50:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9909" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n1fv-pgdf-vbed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76237?format=api", "vulnerability_id": "VCID-n3ay-hrjc-efb8", "summary": "Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28965", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9872" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483003", "reference_id": "2483003", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483003" }, { "reference_url": "https://issues.chromium.org/issues/505077859", "reference_id": "505077859", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:31:17Z/" } ], "url": "https://issues.chromium.org/issues/505077859" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:31:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9872" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n3ay-hrjc-efb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75946?format=api", "vulnerability_id": "VCID-n4e8-4muu-xkf8", "summary": "Out of bounds read in Dawn in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09597", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09641", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09639", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483076", "reference_id": "2483076", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483076" }, { "reference_url": "https://issues.chromium.org/issues/499091269", "reference_id": "499091269", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:23:06Z/" } ], "url": "https://issues.chromium.org/issues/499091269" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:23:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9907" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4e8-4muu-xkf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76407?format=api", "vulnerability_id": "VCID-nf5w-jcrw-jbfg", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9925.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9925.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9925" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483001", "reference_id": "2483001", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483001" }, { "reference_url": "https://issues.chromium.org/issues/500536458", "reference_id": "500536458", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:44:23Z/" } ], "url": "https://issues.chromium.org/issues/500536458" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:44:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9925" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nf5w-jcrw-jbfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76153?format=api", "vulnerability_id": "VCID-nh5j-3zmg-3kgz", "summary": "Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9997.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9997.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9997" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9997" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483113", "reference_id": "2483113", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483113" }, { "reference_url": "https://issues.chromium.org/issues/513324041", "reference_id": "513324041", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:34:26Z/" } ], "url": "https://issues.chromium.org/issues/513324041" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:34:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9997" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nh5j-3zmg-3kgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76008?format=api", "vulnerability_id": "VCID-njdg-4xzq-cba6", "summary": "Out of bounds read and write in Dawn in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9889.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9889.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9889", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24906", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25105", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25122", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9889" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9889", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9889" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482998", "reference_id": "2482998", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482998" }, { "reference_url": "https://issues.chromium.org/issues/511727159", "reference_id": "511727159", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:12:44Z/" } ], "url": "https://issues.chromium.org/issues/511727159" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:12:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9889" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njdg-4xzq-cba6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76777?format=api", "vulnerability_id": "VCID-nsp5-xysf-bbg9", "summary": "Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10000.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10000.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10000" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482992", "reference_id": "2482992", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482992" }, { "reference_url": "https://issues.chromium.org/issues/513505608", "reference_id": "513505608", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:33:27Z/" } ], "url": "https://issues.chromium.org/issues/513505608" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:33:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10000" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nsp5-xysf-bbg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76055?format=api", "vulnerability_id": "VCID-ntqm-xy9k-6fa3", "summary": "Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9893.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9893.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9893" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483045", "reference_id": "2483045", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483045" }, { "reference_url": "https://issues.chromium.org/issues/513972075", "reference_id": "513972075", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:04:47Z/" } ], "url": "https://issues.chromium.org/issues/513972075" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:04:47Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9893" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntqm-xy9k-6fa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76296?format=api", "vulnerability_id": "VCID-nwh9-p78n-c3b8", "summary": "Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9968.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9968.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25099", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24898", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9968" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483095", "reference_id": "2483095", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483095" }, { "reference_url": "https://issues.chromium.org/issues/506499280", "reference_id": "506499280", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:52:09Z/" } ], "url": "https://issues.chromium.org/issues/506499280" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:52:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9968" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nwh9-p78n-c3b8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76485?format=api", "vulnerability_id": "VCID-nxnh-gq2h-rucj", "summary": "Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10015.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10015.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10015", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27564", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27766", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.27791", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10015" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10015", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10015" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483078", "reference_id": "2483078", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483078" }, { "reference_url": "https://issues.chromium.org/issues/514746176", "reference_id": "514746176", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:48:40Z/" } ], "url": "https://issues.chromium.org/issues/514746176" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:48:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10015" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nxnh-gq2h-rucj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76376?format=api", "vulnerability_id": "VCID-p26z-s4k4-n3bd", "summary": "Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9890" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483019", "reference_id": "2483019", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483019" }, { "reference_url": "https://issues.chromium.org/issues/513135985", "reference_id": "513135985", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:53:43Z/" } ], "url": "https://issues.chromium.org/issues/513135985" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:53:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9890" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p26z-s4k4-n3bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75970?format=api", "vulnerability_id": "VCID-p3wu-284s-wqfu", "summary": "Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25261", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25058", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25256", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25275", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483049", "reference_id": "2483049", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483049" }, { "reference_url": "https://issues.chromium.org/issues/500047428", "reference_id": "500047428", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:55:16Z/" } ], "url": "https://issues.chromium.org/issues/500047428" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:55:16Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9914" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p3wu-284s-wqfu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76139?format=api", "vulnerability_id": "VCID-pktf-kb4h-8ba8", "summary": "Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9964.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9964.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21739", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21565", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21752", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21765", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9964" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483086", "reference_id": "2483086", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483086" }, { "reference_url": "https://issues.chromium.org/issues/505190999", "reference_id": "505190999", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:10:17Z/" } ], "url": "https://issues.chromium.org/issues/505190999" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:10:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9964" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pktf-kb4h-8ba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76766?format=api", "vulnerability_id": "VCID-pmxc-9t6t-tudu", "summary": "Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09597", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09641", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09639", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10011" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483070", "reference_id": "2483070", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483070" }, { "reference_url": "https://issues.chromium.org/issues/514017326", "reference_id": "514017326", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:40:32Z/" } ], "url": "https://issues.chromium.org/issues/514017326" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:40:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10011" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmxc-9t6t-tudu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76382?format=api", "vulnerability_id": "VCID-puza-7mhw-k7ev", "summary": "Inappropriate implementation in Tint in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24616", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24425", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2462", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24631", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9918" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483043", "reference_id": "2483043", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483043" }, { "reference_url": "https://issues.chromium.org/issues/500099471", "reference_id": "500099471", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:02:22Z/" } ], "url": "https://issues.chromium.org/issues/500099471" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:02:22Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9918" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-puza-7mhw-k7ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75921?format=api", "vulnerability_id": "VCID-pwk9-49qk-ekcy", "summary": "Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9985.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9985.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9985", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13711", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13622", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13739", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9985" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9985", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9985" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483024", "reference_id": "2483024", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483024" }, { "reference_url": "https://issues.chromium.org/issues/513019760", "reference_id": "513019760", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:31:39Z/" } ], "url": "https://issues.chromium.org/issues/513019760" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:31:39Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9985" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pwk9-49qk-ekcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76414?format=api", "vulnerability_id": "VCID-q51u-k3bt-qffk", "summary": "Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9966.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9966.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24906", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25105", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25122", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9966" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483052", "reference_id": "2483052", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483052" }, { "reference_url": "https://issues.chromium.org/issues/506388321", "reference_id": "506388321", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:09:03Z/" } ], "url": "https://issues.chromium.org/issues/506388321" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:09:03Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9966" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q51u-k3bt-qffk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76239?format=api", "vulnerability_id": "VCID-qdm5-9nw4-wugf", "summary": "Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9904.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9904" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482987", "reference_id": "2482987", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482987" }, { "reference_url": "https://issues.chromium.org/issues/498804020", "reference_id": "498804020", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:46:16Z/" } ], "url": "https://issues.chromium.org/issues/498804020" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:46:16Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9904" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdm5-9nw4-wugf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76403?format=api", "vulnerability_id": "VCID-qgpb-jxsg-47gw", "summary": "Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9959.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9959.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07878", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07854", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07891", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07885", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9959" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482990", "reference_id": "2482990", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482990" }, { "reference_url": "https://issues.chromium.org/issues/504557432", "reference_id": "504557432", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:30:56Z/" } ], "url": "https://issues.chromium.org/issues/504557432" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:30:56Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9959" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgpb-jxsg-47gw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76041?format=api", "vulnerability_id": "VCID-qk88-gt84-bycv", "summary": "Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9944.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9944.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9944", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08163", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08132", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08168", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.08164", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9944" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9944", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9944" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483036", "reference_id": "2483036", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483036" }, { "reference_url": "https://issues.chromium.org/issues/503471286", "reference_id": "503471286", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:28:36Z/" } ], "url": "https://issues.chromium.org/issues/503471286" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:28:36Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9944" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qk88-gt84-bycv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76582?format=api", "vulnerability_id": "VCID-qtmf-4wd2-mqbd", "summary": "Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10002.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10002.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10002", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22495", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22306", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.225", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22513", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10002" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10002" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483047", "reference_id": "2483047", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483047" }, { "reference_url": "https://issues.chromium.org/issues/513536416", "reference_id": "513536416", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:00:47Z/" } ], "url": "https://issues.chromium.org/issues/513536416" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T18:00:47Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10002" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qtmf-4wd2-mqbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76226?format=api", "vulnerability_id": "VCID-qxr6-ayhk-6yff", "summary": "Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9996.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9996.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08342", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08302", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08339", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9996" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483051", "reference_id": "2483051", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483051" }, { "reference_url": "https://issues.chromium.org/issues/513268100", "reference_id": "513268100", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:45:22Z/" } ], "url": "https://issues.chromium.org/issues/513268100" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:45:22Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9996" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qxr6-ayhk-6yff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76070?format=api", "vulnerability_id": "VCID-r1bt-67cf-1yde", "summary": "Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9995.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9995.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23165", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.2298", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23187", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9995" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483065", "reference_id": "2483065", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483065" }, { "reference_url": "https://issues.chromium.org/issues/513256572", "reference_id": "513256572", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:21:57Z/" } ], "url": "https://issues.chromium.org/issues/513256572" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:21:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9995" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1bt-67cf-1yde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76048?format=api", "vulnerability_id": "VCID-rac8-75zr-9bhr", "summary": "Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23674", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23488", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23684", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23694", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483011", "reference_id": "2483011", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483011" }, { "reference_url": "https://issues.chromium.org/issues/500540748", "reference_id": "500540748", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:49:35Z/" } ], "url": "https://issues.chromium.org/issues/500540748" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:49:35Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9926" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rac8-75zr-9bhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76366?format=api", "vulnerability_id": "VCID-rupa-umze-ckbp", "summary": "Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9992.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9992.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9992", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25099", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24898", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9992" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483075", "reference_id": "2483075", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483075" }, { "reference_url": "https://issues.chromium.org/issues/513177826", "reference_id": "513177826", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:22:56Z/" } ], "url": "https://issues.chromium.org/issues/513177826" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:22:56Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9992" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rupa-umze-ckbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76086?format=api", "vulnerability_id": "VCID-rw8t-7mg1-gfb8", "summary": "Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9994.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9994.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9994" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483008", "reference_id": "2483008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483008" }, { "reference_url": "https://issues.chromium.org/issues/513235131", "reference_id": "513235131", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:35:17Z/" } ], "url": "https://issues.chromium.org/issues/513235131" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:35:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9994" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rw8t-7mg1-gfb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76328?format=api", "vulnerability_id": "VCID-s6nk-c1sa-qqck", "summary": "Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9923.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9923.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30392", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30191", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30387", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30404", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9923" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482973", "reference_id": "2482973", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482973" }, { "reference_url": "https://issues.chromium.org/issues/500393328", "reference_id": "500393328", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:49:26Z/" } ], "url": "https://issues.chromium.org/issues/500393328" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:49:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9923" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s6nk-c1sa-qqck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75906?format=api", "vulnerability_id": "VCID-sgt2-zs6e-1bbs", "summary": "Use after free in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9970.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9970.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2885", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28636", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28861", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9970" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482985", "reference_id": "2482985", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482985" }, { "reference_url": "https://issues.chromium.org/issues/506653647", "reference_id": "506653647", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:37:35Z/" } ], "url": "https://issues.chromium.org/issues/506653647" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:37:35Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9970" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sgt2-zs6e-1bbs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76234?format=api", "vulnerability_id": "VCID-skyh-tp6m-77h2", "summary": "Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.2885", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28636", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.28861", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9876" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483026", "reference_id": "2483026", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483026" }, { "reference_url": "https://issues.chromium.org/issues/493747593", "reference_id": "493747593", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:05:42Z/" } ], "url": "https://issues.chromium.org/issues/493747593" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:05:42Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9876" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-skyh-tp6m-77h2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76167?format=api", "vulnerability_id": "VCID-t4h8-szzv-dqhf", "summary": "Out of bounds read and write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9975.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9975.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24906", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25105", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25122", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9975" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483041", "reference_id": "2483041", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483041" }, { "reference_url": "https://issues.chromium.org/issues/511719039", "reference_id": "511719039", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:19:53Z/" } ], "url": "https://issues.chromium.org/issues/511719039" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:19:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9975" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4h8-szzv-dqhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76731?format=api", "vulnerability_id": "VCID-t795-gc6d-wfe8", "summary": "Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10022.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10022.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06005", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05995", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06019", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.06011", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10022" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483021", "reference_id": "2483021", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483021" }, { "reference_url": "https://issues.chromium.org/issues/513289241", "reference_id": "513289241", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-30T03:55:19Z/" } ], "url": "https://issues.chromium.org/issues/513289241" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-30T03:55:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10022" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t795-gc6d-wfe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76146?format=api", "vulnerability_id": "VCID-t9g4-456d-b7c1", "summary": "Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9982.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9982.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9982", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28443", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28231", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28428", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28452", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9982" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9982", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9982" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483042", "reference_id": "2483042", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483042" }, { "reference_url": "https://issues.chromium.org/issues/513001247", "reference_id": "513001247", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:57:02Z/" } ], "url": "https://issues.chromium.org/issues/513001247" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:57:02Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9982" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t9g4-456d-b7c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76194?format=api", "vulnerability_id": "VCID-tbd5-j3xs-pkab", "summary": "Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9881.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9881.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1226", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12181", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12275", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.12281", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9881" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482979", "reference_id": "2482979", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482979" }, { "reference_url": "https://issues.chromium.org/issues/505140741", "reference_id": "505140741", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:57:14Z/" } ], "url": "https://issues.chromium.org/issues/505140741" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:57:14Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9881" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbd5-j3xs-pkab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76031?format=api", "vulnerability_id": "VCID-tcsu-w6sc-7qf9", "summary": "Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9971.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9971.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0857", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08532", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08573", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08575", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483130", "reference_id": "2483130", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483130" }, { "reference_url": "https://issues.chromium.org/issues/508448586", "reference_id": "508448586", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:08:26Z/" } ], "url": "https://issues.chromium.org/issues/508448586" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:08:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9971" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tcsu-w6sc-7qf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76251?format=api", "vulnerability_id": "VCID-tpvz-ws87-5bbm", "summary": "Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9990.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9990.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21173", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20997", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21176", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21193", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9990" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9990", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9990" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482966", "reference_id": "2482966", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482966" }, { "reference_url": "https://issues.chromium.org/issues/513128608", "reference_id": "513128608", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:59:44Z/" } ], "url": "https://issues.chromium.org/issues/513128608" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:59:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9990" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tpvz-ws87-5bbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76770?format=api", "vulnerability_id": "VCID-tseh-87m8-quce", "summary": "Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10019.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10019.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0891", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08872", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08915", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0892", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10019" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483058", "reference_id": "2483058", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483058" }, { "reference_url": "https://issues.chromium.org/issues/505056913", "reference_id": "505056913", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:15:30Z/" } ], "url": "https://issues.chromium.org/issues/505056913" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:15:30Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10019" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tseh-87m8-quce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76276?format=api", "vulnerability_id": "VCID-u67w-fevn-eqgs", "summary": "Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9892.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9892.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24616", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24425", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2462", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24631", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9892" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483103", "reference_id": "2483103", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483103" }, { "reference_url": "https://issues.chromium.org/issues/513948178", "reference_id": "513948178", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:04:08Z/" } ], "url": "https://issues.chromium.org/issues/513948178" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T16:04:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9892" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u67w-fevn-eqgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76389?format=api", "vulnerability_id": "VCID-urq1-6b5e-jydk", "summary": "Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08819", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0878", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08821", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08827", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9919" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483093", "reference_id": "2483093", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483093" }, { "reference_url": "https://issues.chromium.org/issues/500114058", "reference_id": "500114058", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:24:48Z/" } ], "url": "https://issues.chromium.org/issues/500114058" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:24:48Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9919" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-urq1-6b5e-jydk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75996?format=api", "vulnerability_id": "VCID-uxxk-rs3e-mbgq", "summary": "Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23674", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23488", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23684", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23694", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9915" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482977", "reference_id": "2482977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482977" }, { "reference_url": "https://issues.chromium.org/issues/500063836", "reference_id": "500063836", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:51:06Z/" } ], "url": "https://issues.chromium.org/issues/500063836" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:51:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9915" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uxxk-rs3e-mbgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75958?format=api", "vulnerability_id": "VCID-uy7e-wu5x-73dq", "summary": "Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28965", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483067", "reference_id": "2483067", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483067" }, { "reference_url": "https://issues.chromium.org/issues/497637277", "reference_id": "497637277", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:29:00Z/" } ], "url": "https://issues.chromium.org/issues/497637277" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:29:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9900" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uy7e-wu5x-73dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76307?format=api", "vulnerability_id": "VCID-vg3u-s1wf-myhu", "summary": "Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28965", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9906" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483090", "reference_id": "2483090", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483090" }, { "reference_url": "https://issues.chromium.org/issues/499005260", "reference_id": "499005260", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:27:33Z/" } ], "url": "https://issues.chromium.org/issues/499005260" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:27:33Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9906" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vg3u-s1wf-myhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76231?format=api", "vulnerability_id": "VCID-vp3w-yzbv-wqf5", "summary": "Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9875.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9875.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9875", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23773", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23586", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23782", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23793", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9875" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482983", "reference_id": "2482983", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482983" }, { "reference_url": "https://issues.chromium.org/issues/507508103", "reference_id": "507508103", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:18:38Z/" } ], "url": "https://issues.chromium.org/issues/507508103" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:18:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9875" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vp3w-yzbv-wqf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76119?format=api", "vulnerability_id": "VCID-vy81-dbh8-33fe", "summary": "Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09781", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09743", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09793", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09795", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9935" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483080", "reference_id": "2483080", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483080" }, { "reference_url": "https://issues.chromium.org/issues/501584689", "reference_id": "501584689", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:27:42Z/" } ], "url": "https://issues.chromium.org/issues/501584689" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:27:42Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9935" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vy81-dbh8-33fe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76034?format=api", "vulnerability_id": "VCID-vys6-p3s5-qbdh", "summary": "Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9891.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36343", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.3615", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36329", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00156", "scoring_system": "epss", "scoring_elements": "0.36354", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9891" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483017", "reference_id": "2483017", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483017" }, { "reference_url": "https://issues.chromium.org/issues/513508128", "reference_id": "513508128", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:52:41Z/" } ], "url": "https://issues.chromium.org/issues/513508128" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T14:52:41Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9891" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vys6-p3s5-qbdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76165?format=api", "vulnerability_id": "VCID-w7jy-mjuz-kyd3", "summary": "Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9943.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9943.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9943", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08819", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0878", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08821", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08827", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9943" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9943", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9943" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483115", "reference_id": "2483115", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483115" }, { "reference_url": "https://issues.chromium.org/issues/503464551", "reference_id": "503464551", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:28:09Z/" } ], "url": "https://issues.chromium.org/issues/503464551" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:28:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9943" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7jy-mjuz-kyd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76235?format=api", "vulnerability_id": "VCID-wd71-fthu-qfah", "summary": "Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9908.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9908.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10866", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10842", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10901", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10897", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9908" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483027", "reference_id": "2483027", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483027" }, { "reference_url": "https://issues.chromium.org/issues/499091328", "reference_id": "499091328", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:23:47Z/" } ], "url": "https://issues.chromium.org/issues/499091328" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:23:47Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9908" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wd71-fthu-qfah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76349?format=api", "vulnerability_id": "VCID-wmnv-qztm-57f9", "summary": "Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9981.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9981.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0914", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09095", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09152", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9981" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483056", "reference_id": "2483056", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483056" }, { "reference_url": "https://issues.chromium.org/issues/512995705", "reference_id": "512995705", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:58:23Z/" } ], "url": "https://issues.chromium.org/issues/512995705" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:58:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9981" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wmnv-qztm-57f9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76224?format=api", "vulnerability_id": "VCID-wr4n-46vk-hkc3", "summary": "Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28965", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483111", "reference_id": "2483111", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483111" }, { "reference_url": "https://issues.chromium.org/issues/500080303", "reference_id": "500080303", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:26:24Z/" } ], "url": "https://issues.chromium.org/issues/500080303" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:26:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9916" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wr4n-46vk-hkc3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76383?format=api", "vulnerability_id": "VCID-wwxq-3gah-tfea", "summary": "Use after free in GPU in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9922.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9922.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9922" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482989", "reference_id": "2482989", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482989" }, { "reference_url": "https://issues.chromium.org/issues/500187083", "reference_id": "500187083", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:35:42Z/" } ], "url": "https://issues.chromium.org/issues/500187083" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:35:42Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9922" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wwxq-3gah-tfea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75999?format=api", "vulnerability_id": "VCID-wyaq-zqs1-33gx", "summary": "Inappropriate implementation in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08819", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0878", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08821", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08827", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9929" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483073", "reference_id": "2483073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483073" }, { "reference_url": "https://issues.chromium.org/issues/501367791", "reference_id": "501367791", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:27:00Z/" } ], "url": "https://issues.chromium.org/issues/501367791" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:27:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9929" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wyaq-zqs1-33gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75931?format=api", "vulnerability_id": "VCID-wzqq-gzep-m7cs", "summary": "Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09597", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09641", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09639", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9911" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483083", "reference_id": "2483083", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483083" }, { "reference_url": "https://issues.chromium.org/issues/499205491", "reference_id": "499205491", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:48:53Z/" } ], "url": "https://issues.chromium.org/issues/499205491" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T17:48:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9911" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzqq-gzep-m7cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76324?format=api", "vulnerability_id": "VCID-x9zu-z9j1-uych", "summary": "Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9953.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9953.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9953", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10866", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10842", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10901", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10897", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9953" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9953", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9953" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483039", "reference_id": "2483039", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483039" }, { "reference_url": "https://issues.chromium.org/issues/503985322", "reference_id": "503985322", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:29:40Z/" } ], "url": "https://issues.chromium.org/issues/503985322" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:29:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9953" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x9zu-z9j1-uych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76243?format=api", "vulnerability_id": "VCID-xb3z-r9ha-qkdz", "summary": "Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9965.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9965.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28951", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2874", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28942", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.28965", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9965" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483007", "reference_id": "2483007", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483007" }, { "reference_url": "https://issues.chromium.org/issues/506377574", "reference_id": "506377574", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:57:49Z/" } ], "url": "https://issues.chromium.org/issues/506377574" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:57:49Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9965" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xb3z-r9ha-qkdz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76110?format=api", "vulnerability_id": "VCID-xs6n-zscm-sbga", "summary": "Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9955.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9955.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09629", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09597", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09641", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09639", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9955" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483127", "reference_id": "2483127", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483127" }, { "reference_url": "https://issues.chromium.org/issues/504184408", "reference_id": "504184408", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:30:21Z/" } ], "url": "https://issues.chromium.org/issues/504184408" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:30:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9955" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xs6n-zscm-sbga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75905?format=api", "vulnerability_id": "VCID-y3gp-6k3g-mucy", "summary": "Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9984.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9984.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9984", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25099", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24898", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9984" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9984", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9984" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483044", "reference_id": "2483044", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483044" }, { "reference_url": "https://issues.chromium.org/issues/513002543", "reference_id": "513002543", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:23:45Z/" } ], "url": "https://issues.chromium.org/issues/513002543" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:23:45Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9984" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y3gp-6k3g-mucy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76557?format=api", "vulnerability_id": "VCID-y6e2-zvss-dyfq", "summary": "Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10003.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10003.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10003" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483010", "reference_id": "2483010", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483010" }, { "reference_url": "https://issues.chromium.org/issues/513609324", "reference_id": "513609324", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:20:50Z/" } ], "url": "https://issues.chromium.org/issues/513609324" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:20:50Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10003" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6e2-zvss-dyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76688?format=api", "vulnerability_id": "VCID-y9w9-5s9k-byf9", "summary": "Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10018.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10018.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0914", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09095", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.09152", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10018" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482995", "reference_id": "2482995", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482995" }, { "reference_url": "https://issues.chromium.org/issues/504175501", "reference_id": "504175501", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:41:16Z/" } ], "url": "https://issues.chromium.org/issues/504175501" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T16:41:16Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10018" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y9w9-5s9k-byf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75918?format=api", "vulnerability_id": "VCID-z26a-acyq-jbeq", "summary": "Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9895.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9895.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25108", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24906", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25105", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25122", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9895" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483096", "reference_id": "2483096", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483096" }, { "reference_url": "https://issues.chromium.org/issues/491685406", "reference_id": "491685406", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:11:46Z/" } ], "url": "https://issues.chromium.org/issues/491685406" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T15:11:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9895" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z26a-acyq-jbeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76102?format=api", "vulnerability_id": "VCID-z2gk-ye5j-hfa1", "summary": "Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9940.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21083", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20889", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.21064", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9940" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483000", "reference_id": "2483000", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483000" }, { "reference_url": "https://issues.chromium.org/issues/502738003", "reference_id": "502738003", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:52:00Z/" } ], "url": "https://issues.chromium.org/issues/502738003" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T17:52:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9940" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2gk-ye5j-hfa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76834?format=api", "vulnerability_id": "VCID-zb1k-9qye-gkca", "summary": "Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10007.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10007.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10007", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33937", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33737", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33915", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10007" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10007", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10007" }, { "reference_url": "https://issues.chromium.org/issues/513754619", "reference_id": "513754619", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:16:55Z/" } ], "url": "https://issues.chromium.org/issues/513754619" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:16:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10007" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zb1k-9qye-gkca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76546?format=api", "vulnerability_id": "VCID-zg9c-4q96-w3f5", "summary": "Insufficient validation of untrusted input in Passwords in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10004.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-10004.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11913", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11849", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11933", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11934", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-10004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-10004" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482974", "reference_id": "2482974", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482974" }, { "reference_url": "https://issues.chromium.org/issues/513730012", "reference_id": "513730012", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:02:54Z/" } ], "url": "https://issues.chromium.org/issues/513730012" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-29T18:02:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-10004" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zg9c-4q96-w3f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76364?format=api", "vulnerability_id": "VCID-zhra-afct-d7ct", "summary": "Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9978.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-9978.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25099", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24898", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-9978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-9978" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483077", "reference_id": "2483077", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2483077" }, { "reference_url": "https://issues.chromium.org/issues/511741396", "reference_id": "511741396", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:24:43Z/" } ], "url": "https://issues.chromium.org/issues/511741396" }, { "reference_url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html", "reference_id": "stable-channel-update-for-desktop_0877304591.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-29T10:24:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_0877304591.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/27186?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27192?format=api", "purl": "pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@147.0.7727.137-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31049?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31055?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/31052?format=api", "purl": "pkg:deb/debian/chromium@148.0.7778.215-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/27190?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.102-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.102-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1088670?format=api", "purl": "pkg:deb/debian/chromium@149.0.7827.114-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@149.0.7827.114-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-9978" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zhra-afct-d7ct" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@148.0.7778.215-1~deb13u1%3Fdistro=trixie" }