Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/582121?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "type": "deb", "namespace": "debian", "name": "chromium", "version": "143.0.7499.169-1~deb12u1", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64291?format=api", "vulnerability_id": "VCID-13vg-hewg-efaa", "summary": "chromium-browser: Out of bounds write in Skia", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3909.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3909.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49873", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49922", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49927", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.4992", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.49938", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00264", "scoring_system": "epss", "scoring_elements": "0.4991", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00288", "scoring_system": "epss", "scoring_elements": "0.52278", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00288", "scoring_system": "epss", "scoring_elements": "0.52316", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3909" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447195", "reference_id": "2447195", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447195" }, { "reference_url": "https://issues.chromium.org/issues/491421267", "reference_id": "491421267", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-03-13T16:47:27Z/" } ], "url": "https://issues.chromium.org/issues/491421267" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-03-13T16:47:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3909" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-13vg-hewg-efaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96390?format=api", "vulnerability_id": "VCID-16jz-z9wn-ybeh", "summary": "Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31392", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31434", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31437", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31395", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31359", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31491", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31532", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.3135", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31404", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8906" }, { "reference_url": "https://issues.chromium.org/issues/352681108", "reference_id": "352681108", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T15:33:04Z/" } ], "url": "https://issues.chromium.org/issues/352681108" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T15:33:04Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8906" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16jz-z9wn-ybeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66469?format=api", "vulnerability_id": "VCID-16ya-nvrn-ebcz", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13223.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13223.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85792", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85816", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85834", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85845", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85859", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85853", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85811", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02804", "scoring_system": "epss", "scoring_elements": "0.86139", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13223" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13223", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13223" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415523", "reference_id": "2415523", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415523" }, { "reference_url": "https://issues.chromium.org/issues/460017370", "reference_id": "460017370", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-20T04:55:21Z/" } ], "url": "https://issues.chromium.org/issues/460017370" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-11-20T04:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13223" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-16ya-nvrn-ebcz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96824?format=api", "vulnerability_id": "VCID-177e-4wkx-uqgh", "summary": "Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21003", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29247", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29275", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29316", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29272", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29211", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5959" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://issues.chromium.org/issues/422313191", "reference_id": "422313191", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T03:55:17Z/" } ], "url": "https://issues.chromium.org/issues/422313191" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T03:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5959" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-177e-4wkx-uqgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66466?format=api", "vulnerability_id": "VCID-17t6-b8qv-mudd", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13227.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13227.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13227", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13227" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13227", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13227" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415525", "reference_id": "2415525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415525" }, { "reference_url": "https://issues.chromium.org/issues/446122633", "reference_id": "446122633", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:30Z/" } ], "url": "https://issues.chromium.org/issues/446122633" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:30Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13227" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-17t6-b8qv-mudd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66601?format=api", "vulnerability_id": "VCID-183d-56jq-f3dq", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12429.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12429.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12429", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12267", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12201", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12237", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12646", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12842", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12725", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13245", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12429" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12429", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12429" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413856", "reference_id": "2413856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413856" }, { "reference_url": "https://issues.chromium.org/issues/450618029", "reference_id": "450618029", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:45Z/" } ], "url": "https://issues.chromium.org/issues/450618029" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:45Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12429" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-183d-56jq-f3dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47533?format=api", "vulnerability_id": "VCID-18zj-3fw3-xybz", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7974", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71866", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71877", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71901", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71834", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71854", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00694", "scoring_system": "epss", "scoring_elements": "0.71827", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7974" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7974", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7974" }, { "reference_url": "https://issues.chromium.org/issues/339141099", "reference_id": "339141099", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:38:35Z/" } ], "url": "https://issues.chromium.org/issues/339141099" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:38:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7974" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-18zj-3fw3-xybz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64329?format=api", "vulnerability_id": "VCID-1cz4-r1qk-6fce", "summary": "chromium-browser: Side-channel information leakage in ResourceTiming", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3929.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3929.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3929", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08984", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08959", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09035", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09038", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09073", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09974", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10122", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.101", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3929" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3929", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3929" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446870", "reference_id": "2446870", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446870" }, { "reference_url": "https://issues.chromium.org/issues/477180001", "reference_id": "477180001", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T15:08:01Z/" } ], "url": "https://issues.chromium.org/issues/477180001" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T15:08:01Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3929" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cz4-r1qk-6fce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64649?format=api", "vulnerability_id": "VCID-1dpv-yktr-u7a5", "summary": "chromium-browser: Use after free in CSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2313.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2313.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2313", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21482", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21569", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2158", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21542", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21486", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21679", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21433", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2151", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2313" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2313", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2313" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439069", "reference_id": "2439069", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439069" }, { "reference_url": "https://issues.chromium.org/issues/467297219", "reference_id": "467297219", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:19Z/" } ], "url": "https://issues.chromium.org/issues/467297219" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2313" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1dpv-yktr-u7a5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63901?format=api", "vulnerability_id": "VCID-1gbt-xkej-k7aw", "summary": "chromium-browser: Heap buffer overflow in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5275.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5275.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5275", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20655", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21898", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21982", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21994", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21897", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21851", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.21927", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5275" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5275", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5275" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453693", "reference_id": "2453693", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453693" }, { "reference_url": "https://issues.chromium.org/issues/489494022", "reference_id": "489494022", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:31:24Z/" } ], "url": "https://issues.chromium.org/issues/489494022" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:31:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5275" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1gbt-xkej-k7aw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96138?format=api", "vulnerability_id": "VCID-1hju-8srd-57bg", "summary": "Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74508", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74471", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74479", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74498", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74476", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.7446", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74427", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00826", "scoring_system": "epss", "scoring_elements": "0.74452", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3844" }, { "reference_url": "https://issues.chromium.org/issues/40058873", "reference_id": "40058873", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://issues.chromium.org/issues/40058873" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T17:57:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3844" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1hju-8srd-57bg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96951?format=api", "vulnerability_id": "VCID-1myc-2zvg-4ufz", "summary": "Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8581", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1295", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12998", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12799", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12878", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12892", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14071", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14017", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.13911", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8581", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8581" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8581" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1myc-2zvg-4ufz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350961?format=api", "vulnerability_id": "VCID-1u43-n5v6-auby", "summary": "Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5893.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5893.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5893", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.0837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09125", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09111", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09157", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09158", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5893" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5893", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5893" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456754", "reference_id": "2456754", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456754" }, { "reference_url": "https://issues.chromium.org/issues/487768771", "reference_id": "487768771", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T20:11:45Z/" } ], "url": "https://issues.chromium.org/issues/487768771" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T20:11:45Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5893" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1u43-n5v6-auby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47549?format=api", "vulnerability_id": "VCID-1ugq-9quv-t3cj", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32422", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32449", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32452", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32414", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32386", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32514", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32421", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8638" }, { "reference_url": "https://issues.chromium.org/issues/362539773", "reference_id": "362539773", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:19Z/" } ], "url": "https://issues.chromium.org/issues/362539773" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:19Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8638" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1ugq-9quv-t3cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96360?format=api", "vulnerability_id": "VCID-1wy7-bhfy-s3am", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6992" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6992" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1wy7-bhfy-s3am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51268?format=api", "vulnerability_id": "VCID-1yhp-44rg-fygc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55834", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55885", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55888", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.5586", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0806" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0806", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0806" }, { "reference_url": "https://crbug.com/1505176", "reference_id": "1505176", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-24T14:34:59Z/" } ], "url": "https://crbug.com/1505176" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-24T14:34:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-24T14:34:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-01-24T14:34:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0806" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yhp-44rg-fygc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96944?format=api", "vulnerability_id": "VCID-1yu2-c4b5-2bg1", "summary": "Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.2827", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28171", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28221", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28178", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.2812", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28315", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28105", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31761", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8292" }, { "reference_url": "https://issues.chromium.org/issues/426054987", "reference_id": "426054987", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-30T13:22:50Z/" } ], "url": "https://issues.chromium.org/issues/426054987" }, { "reference_url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-30T13:22:50Z/" } ], "url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8292" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yu2-c4b5-2bg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96474?format=api", "vulnerability_id": "VCID-1yv3-9hvy-wqad", "summary": "Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.011", "published_at": "2026-04-02T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00616", "published_at": "2026-04-16T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00626", "published_at": "2026-04-11T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00623", "published_at": "2026-04-13T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00634", "published_at": "2026-04-07T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00633", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12910" }, { "reference_url": "https://issues.chromium.org/issues/434977743", "reference_id": "434977743", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:54:30Z/" } ], "url": "https://issues.chromium.org/issues/434977743" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:54:30Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12910" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1yv3-9hvy-wqad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96509?format=api", "vulnerability_id": "VCID-1zc8-fbzm-tbaz", "summary": "Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24486", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2452", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24302", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24369", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24414", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.2443", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44735", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.4479", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1922" }, { "reference_url": "https://issues.chromium.org/issues/384033062", "reference_id": "384033062", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:22:46Z/" } ], "url": "https://issues.chromium.org/issues/384033062" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:22:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1922" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zc8-fbzm-tbaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64225?format=api", "vulnerability_id": "VCID-21xz-1hjx-9fcs", "summary": "chromium-browser: Integer overflow in Dawn", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4453.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4453.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4453", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08219", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08369", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08359", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08339", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08322", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08288", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08352", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4453" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4453", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4453" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449387", "reference_id": "2449387", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449387" }, { "reference_url": "https://issues.chromium.org/issues/488400770", "reference_id": "488400770", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:54:03Z/" } ], "url": "https://issues.chromium.org/issues/488400770" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-20T14:54:03Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4453" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21xz-1hjx-9fcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47513?format=api", "vulnerability_id": "VCID-23fj-v9v2-k7gc", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7001", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35109", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35132", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35074", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3515", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35101", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7001" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7001" }, { "reference_url": "https://issues.chromium.org/issues/347509736", "reference_id": "347509736", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:29:06Z/" } ], "url": "https://issues.chromium.org/issues/347509736" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-07T15:29:06Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7001" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-23fj-v9v2-k7gc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64312?format=api", "vulnerability_id": "VCID-25qg-xwg9-g7cs", "summary": "chromium-browser: Use after free in WebMIDI", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3923.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3923.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29237", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29154", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30694", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30716", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3067", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3923" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446847", "reference_id": "2446847", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446847" }, { "reference_url": "https://issues.chromium.org/issues/485935314", "reference_id": "485935314", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:12:46Z/" } ], "url": "https://issues.chromium.org/issues/485935314" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:12:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3923" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-25qg-xwg9-g7cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65163?format=api", "vulnerability_id": "VCID-2667-w4v4-kbau", "summary": "chromium-browser: Incorrect security UI in Digital Credentials", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0904.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11528", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11538", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11596", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11385", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11469", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0904" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431125", "reference_id": "2431125", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431125" }, { "reference_url": "https://issues.chromium.org/issues/452209495", "reference_id": "452209495", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T15:26:49Z/" } ], "url": "https://issues.chromium.org/issues/452209495" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T15:26:49Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0904" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2667-w4v4-kbau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47527?format=api", "vulnerability_id": "VCID-29k7-7udt-m7gf", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7967", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73678", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73638", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.7366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73643", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73634", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73593", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73589", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00777", "scoring_system": "epss", "scoring_elements": "0.73625", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7967" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7967", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7967" }, { "reference_url": "https://issues.chromium.org/issues/355731798", "reference_id": "355731798", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:24Z/" } ], "url": "https://issues.chromium.org/issues/355731798" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:24Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7967" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-29k7-7udt-m7gf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64243?format=api", "vulnerability_id": "VCID-2a4a-cy2w-1kcj", "summary": "chromium-browser: Use after free in Network", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4454.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4454.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29253", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29279", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29404", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29282", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4454" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449414", "reference_id": "2449414", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449414" }, { "reference_url": "https://issues.chromium.org/issues/488585488", "reference_id": "488585488", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:19Z/" } ], "url": "https://issues.chromium.org/issues/488585488" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4454" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2a4a-cy2w-1kcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95925?format=api", "vulnerability_id": "VCID-2egg-pvxw-euc5", "summary": "Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12381", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90478", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90456", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90462", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90469", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.9047", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90438", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05755", "scoring_system": "epss", "scoring_elements": "0.90442", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12381" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12381", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12381" }, { "reference_url": "https://issues.chromium.org/issues/381696874", "reference_id": "381696874", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:33:15Z/" } ], "url": "https://issues.chromium.org/issues/381696874" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:33:15Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12381" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2egg-pvxw-euc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96693?format=api", "vulnerability_id": "VCID-2gxu-2jew-qbag", "summary": "Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41633", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41632", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41599", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41586", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41596", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41551", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41601", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4161", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4372" }, { "reference_url": "https://issues.chromium.org/issues/412057896", "reference_id": "412057896", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T03:55:58Z/" } ], "url": "https://issues.chromium.org/issues/412057896" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T03:55:58Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4372" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2gxu-2jew-qbag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76416?format=api", "vulnerability_id": "VCID-2h9c-p1ft-8uh7", "summary": "chromium-browser: use after free in Visuals", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4671.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4671.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37049", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37042", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37055", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.3703", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37004", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37639", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37761", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66436", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4671" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280246", "reference_id": "2280246", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280246" }, { "reference_url": "https://issues.chromium.org/issues/339266700", "reference_id": "339266700", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://issues.chromium.org/issues/339266700" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/", "reference_id": "BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/", "reference_id": "FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/", "reference_id": "NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html", "reference_id": "stable-channel-update-for-desktop_9.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_9.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/", "reference_id": "WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-14T04:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4671" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2h9c-p1ft-8uh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350941?format=api", "vulnerability_id": "VCID-2k46-261h-y3bd", "summary": "Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5873", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5873" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456808", "reference_id": "2456808", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456808" }, { "reference_url": "https://issues.chromium.org/issues/496301615", "reference_id": "496301615", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/" } ], "url": "https://issues.chromium.org/issues/496301615" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5873" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2k46-261h-y3bd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96846?format=api", "vulnerability_id": "VCID-2ngt-7pmw-yqdu", "summary": "Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6192", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28859", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28781", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28821", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28824", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.2878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00106", "scoring_system": "epss", "scoring_elements": "0.28715", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44768", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6192" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6192", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6192" }, { "reference_url": "https://issues.chromium.org/issues/421471016", "reference_id": "421471016", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:10Z/" } ], "url": "https://issues.chromium.org/issues/421471016" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:10Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6192" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2ngt-7pmw-yqdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64319?format=api", "vulnerability_id": "VCID-2pn3-27ey-q7he", "summary": "chromium-browser: Heap buffer overflow in WebML", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22058", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22194", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2349", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2353", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23476", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3915" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446856", "reference_id": "2446856", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446856" }, { "reference_url": "https://issues.chromium.org/issues/483971526", "reference_id": "483971526", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T19:23:52Z/" } ], "url": "https://issues.chromium.org/issues/483971526" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T19:23:52Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3915" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2pn3-27ey-q7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47511?format=api", "vulnerability_id": "VCID-2pps-vuj1-quec", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35109", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35132", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35074", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.3515", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35057", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35101", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6999" }, { "reference_url": "https://issues.chromium.org/issues/340893685", "reference_id": "340893685", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:23:18Z/" } ], "url": "https://issues.chromium.org/issues/340893685" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-06T19:23:18Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6999" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2pps-vuj1-quec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96742?format=api", "vulnerability_id": "VCID-2rju-kk9j-1kbb", "summary": "Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5065", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28053", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3159", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31672", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31676", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31771", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31726", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31642", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5065" }, { "reference_url": "https://issues.chromium.org/issues/40059071", "reference_id": "40059071", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:33:16Z/" } ], "url": "https://issues.chromium.org/issues/40059071" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:33:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5065" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2rju-kk9j-1kbb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47521?format=api", "vulnerability_id": "VCID-2s3f-gpnp-jbgx", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7535", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66705", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66671", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6663", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66679", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7535" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7535", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7535" }, { "reference_url": "https://issues.chromium.org/issues/352690885", "reference_id": "352690885", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-08T19:09:02Z/" } ], "url": "https://issues.chromium.org/issues/352690885" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-08T19:09:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7535" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2s3f-gpnp-jbgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97125?format=api", "vulnerability_id": "VCID-2s6k-knqz-s7bv", "summary": "Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19778", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21073", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2103", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20997", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5290" }, { "reference_url": "https://issues.chromium.org/issues/496205576", "reference_id": "496205576", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:54:13Z/" } ], "url": "https://issues.chromium.org/issues/496205576" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:54:13Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5290" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2s6k-knqz-s7bv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47245?format=api", "vulnerability_id": "VCID-2taa-wgtc-73e9", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76581", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76663", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76621", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.7663", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76651", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76624", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76613", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00996", "scoring_system": "epss", "scoring_elements": "0.76889", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00996", "scoring_system": "epss", "scoring_elements": "0.76919", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1284" }, { "reference_url": "https://issues.chromium.org/issues/41494539", "reference_id": "41494539", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:33:53Z/" } ], "url": "https://issues.chromium.org/issues/41494539" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE/", "reference_id": "KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:33:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:33:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE/", "reference_id": "WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:33:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1284" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2taa-wgtc-73e9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47247?format=api", "vulnerability_id": "VCID-2vb3-r28m-ukh8", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10488", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59523", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59526", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59539", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59557", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59542", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59483", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59509", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00381", "scoring_system": "epss", "scoring_elements": "0.59475", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10488" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10488", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10488" }, { "reference_url": "https://issues.chromium.org/issues/374310077", "reference_id": "374310077", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T03:55:23Z/" } ], "url": "https://issues.chromium.org/issues/374310077" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T03:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10488" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vb3-r28m-ukh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96401?format=api", "vulnerability_id": "VCID-2wwk-aa81-63fa", "summary": "Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34459", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34485", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34487", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34448", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34424", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34519", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34547", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34414", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34456", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9958" }, { "reference_url": "https://issues.chromium.org/issues/40076120", "reference_id": "40076120", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:59:21Z/" } ], "url": "https://issues.chromium.org/issues/40076120" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:59:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9958" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2wwk-aa81-63fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64236?format=api", "vulnerability_id": "VCID-2wx7-m8kj-jqby", "summary": "chromium-browser: Out of bounds read and write in WebAudio", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4459.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4459.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4459", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22526", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22434", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22512", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22416", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22438", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4459" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4459", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4459" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449402", "reference_id": "2449402", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449402" }, { "reference_url": "https://issues.chromium.org/issues/490246422", "reference_id": "490246422", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:31Z/" } ], "url": "https://issues.chromium.org/issues/490246422" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:31Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4459" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2wx7-m8kj-jqby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96412?format=api", "vulnerability_id": "VCID-2xgf-yqm4-7fgx", "summary": "Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0444", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37804", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.3785", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37865", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37829", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37884", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37909", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00167", "scoring_system": "epss", "scoring_elements": "0.37838", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0444" }, { "reference_url": "https://issues.chromium.org/issues/390889644", "reference_id": "390889644", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:24:20Z/" } ], "url": "https://issues.chromium.org/issues/390889644" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:24:20Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0444" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2xgf-yqm4-7fgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350981?format=api", "vulnerability_id": "VCID-2yea-nk5s-73a9", "summary": "Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24875", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5913" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456783", "reference_id": "2456783", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456783" }, { "reference_url": "https://issues.chromium.org/issues/487195286", "reference_id": "487195286", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:15:10Z/" } ], "url": "https://issues.chromium.org/issues/487195286" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:15:10Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5913" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2yea-nk5s-73a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96101?format=api", "vulnerability_id": "VCID-32jv-rv5v-pugx", "summary": "Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40068", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40088", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40038", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40057", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40083", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40069", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40016", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40095", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3515" }, { "reference_url": "https://issues.chromium.org/issues/331123811", "reference_id": "331123811", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:11Z/" } ], "url": "https://issues.chromium.org/issues/331123811" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/", "reference_id": "5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/", "reference_id": "EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/", "reference_id": "NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:11Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3515" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32jv-rv5v-pugx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63903?format=api", "vulnerability_id": "VCID-32xu-tbuh-nfds", "summary": "chromium-browser: Insufficient policy enforcement in WebUSB", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5276.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5276.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5276", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12779", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13676", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13893", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13851", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13815", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13766", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13761", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13843", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5276" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5276", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5276" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453695", "reference_id": "2453695", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453695" }, { "reference_url": "https://issues.chromium.org/issues/489711638", "reference_id": "489711638", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T13:32:45Z/" } ], "url": "https://issues.chromium.org/issues/489711638" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T13:32:45Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5276" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-32xu-tbuh-nfds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96741?format=api", "vulnerability_id": "VCID-34ga-6n2z-4bcm", "summary": "Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32169", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32206", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32167", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32135", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32264", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32302", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32176", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32203", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5064" }, { "reference_url": "https://issues.chromium.org/issues/40058068", "reference_id": "40058068", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:34:05Z/" } ], "url": "https://issues.chromium.org/issues/40058068" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:34:05Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5064" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34ga-6n2z-4bcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47480?format=api", "vulnerability_id": "VCID-3667-sfaw-duhy", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56621", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56571", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56622", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56636", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56611", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.5659", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5832" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5832" }, { "reference_url": "https://issues.chromium.org/issues/340196361", "reference_id": "340196361", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:52Z/" } ], "url": "https://issues.chromium.org/issues/340196361" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:52Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5832" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3667-sfaw-duhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64227?format=api", "vulnerability_id": "VCID-36ar-zuar-vuas", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4447.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4447.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26518", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26374", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.2647", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26424", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26563", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26413", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4447" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449389", "reference_id": "2449389", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449389" }, { "reference_url": "https://issues.chromium.org/issues/486657483", "reference_id": "486657483", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:50Z/" } ], "url": "https://issues.chromium.org/issues/486657483" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:50Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4447" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-36ar-zuar-vuas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96884?format=api", "vulnerability_id": "VCID-37p8-9fc4-cqgk", "summary": "Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6555", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1627", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16435", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16395", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16333", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16444", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16507", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16304", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.1639", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00052", "scoring_system": "epss", "scoring_elements": "0.16449", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6555" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6555", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6555" }, { "reference_url": "https://issues.chromium.org/issues/407328533", "reference_id": "407328533", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:16Z/" } ], "url": "https://issues.chromium.org/issues/407328533" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6555" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37p8-9fc4-cqgk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47559?format=api", "vulnerability_id": "VCID-38qj-nt3w-ubcn", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54585", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54597", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54579", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.5457", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54539", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00314", "scoring_system": "epss", "scoring_elements": "0.54591", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10231" }, { "reference_url": "https://issues.chromium.org/issues/372269618", "reference_id": "372269618", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:26:07Z/" } ], "url": "https://issues.chromium.org/issues/372269618" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:26:07Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10231" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-38qj-nt3w-ubcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97107?format=api", "vulnerability_id": "VCID-39qy-3qyz-ykdk", "summary": "Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3937", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08073", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08096", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08706", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3937" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3937", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3937" }, { "reference_url": "https://issues.chromium.org/issues/473118648", "reference_id": "473118648", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:07:44Z/" } ], "url": "https://issues.chromium.org/issues/473118648" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:07:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3937" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39qy-3qyz-ykdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96941?format=api", "vulnerability_id": "VCID-39u9-vf11-4qd6", "summary": "Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23084", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23039", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26089", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2618", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26187", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26083", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26132", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8010" }, { "reference_url": "https://issues.chromium.org/issues/430344952", "reference_id": "430344952", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-25T03:55:16Z/" } ], "url": "https://issues.chromium.org/issues/430344952" }, { "reference_url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-25T03:55:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8010" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-39u9-vf11-4qd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34530?format=api", "vulnerability_id": "VCID-3ck8-byja-cyar", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11210.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04667", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04701", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04713", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0469", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04673", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04973", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04946", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05769", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413256", "reference_id": "2413256", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413256" }, { "reference_url": "https://issues.chromium.org/issues/440523110", "reference_id": "440523110", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T13:23:45Z/" } ], "url": "https://issues.chromium.org/issues/440523110" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T13:23:45Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11210" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ck8-byja-cyar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96361?format=api", "vulnerability_id": "VCID-3crp-s5mv-cyf1", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6993", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6993" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6993" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3crp-s5mv-cyf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350932?format=api", "vulnerability_id": "VCID-3etf-ubtt-43ge", "summary": "Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5864.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5864.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5864", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0813", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08481", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16984", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16924", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5864" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5864", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5864" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456745", "reference_id": "2456745", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456745" }, { "reference_url": "https://issues.chromium.org/issues/490642831", "reference_id": "490642831", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T13:42:48Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:40:37Z/" } ], "url": "https://issues.chromium.org/issues/490642831" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:40:37Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T13:42:48Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5864" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3etf-ubtt-43ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47260?format=api", "vulnerability_id": "VCID-3fyz-acrt-2qae", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11115", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71531", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71497", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71519", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71454", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71472", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00677", "scoring_system": "epss", "scoring_elements": "0.71444", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11115" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11115", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11115" }, { "reference_url": "https://issues.chromium.org/issues/371929521", "reference_id": "371929521", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:23:27Z/" } ], "url": "https://issues.chromium.org/issues/371929521" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-13T15:23:27Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11115" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3fyz-acrt-2qae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64325?format=api", "vulnerability_id": "VCID-3mkp-x5ub-kqe9", "summary": "chromium-browser: Out of bounds memory access in WebML", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3920.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3920.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3920", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23505", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23576", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24931", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24972", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24918", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3920" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446864", "reference_id": "2446864", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446864" }, { "reference_url": "https://issues.chromium.org/issues/482875307", "reference_id": "482875307", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:05:24Z/" } ], "url": "https://issues.chromium.org/issues/482875307" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:05:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3920" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3mkp-x5ub-kqe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47531?format=api", "vulnerability_id": "VCID-3qva-pymb-uua7", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7972", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70338", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70299", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70323", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70308", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70295", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70261", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70238", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70284", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7972" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7972", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7972" }, { "reference_url": "https://issues.chromium.org/issues/345960102", "reference_id": "345960102", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T15:02:53Z/" } ], "url": "https://issues.chromium.org/issues/345960102" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T15:02:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7972" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3qva-pymb-uua7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64314?format=api", "vulnerability_id": "VCID-3tdb-ppq4-nka5", "summary": "chromium-browser: Insufficient policy enforcement in Clipboard", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3938.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3938.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09244", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09209", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09292", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09285", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09328", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09338", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10243", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10394", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10372", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3938" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446849", "reference_id": "2446849", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446849" }, { "reference_url": "https://issues.chromium.org/issues/474763968", "reference_id": "474763968", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:10:17Z/" } ], "url": "https://issues.chromium.org/issues/474763968" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:10:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3938" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3tdb-ppq4-nka5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47491?format=api", "vulnerability_id": "VCID-3x1r-zfb7-6bea", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19405", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19648", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19696", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19417", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19496", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19547", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.1955", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19445", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5840" }, { "reference_url": "https://issues.chromium.org/issues/41492103", "reference_id": "41492103", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T17:17:59Z/" } ], "url": "https://issues.chromium.org/issues/41492103" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T17:17:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T17:17:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-19T17:17:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5840" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3x1r-zfb7-6bea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66589?format=api", "vulnerability_id": "VCID-3x2p-avg5-93gs", "summary": "chromium-browser: Out of bounds read in WebXR", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05548", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0564", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05614", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05604", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.0579", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05829", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05757", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12443" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413850", "reference_id": "2413850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413850" }, { "reference_url": "https://issues.chromium.org/issues/452071845", "reference_id": "452071845", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:09:06Z/" } ], "url": "https://issues.chromium.org/issues/452071845" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:09:06Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12443" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3x2p-avg5-93gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47483?format=api", "vulnerability_id": "VCID-41um-8pnt-f7f6", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80233", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.8021", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80204", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80196", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01368", "scoring_system": "epss", "scoring_elements": "0.80168", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01628", "scoring_system": "epss", "scoring_elements": "0.81818", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5834" }, { "reference_url": "https://issues.chromium.org/issues/342840932", "reference_id": "342840932", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T15:19:53Z/" } ], "url": "https://issues.chromium.org/issues/342840932" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T15:19:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T15:19:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T15:19:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5834" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-41um-8pnt-f7f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66591?format=api", "vulnerability_id": "VCID-42cw-f7xp-tqdj", "summary": "chromium-browser: Out of bounds read in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12441.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06075", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06064", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06057", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06048", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06235", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0626", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06204", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12441" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413854", "reference_id": "2413854", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413854" }, { "reference_url": "https://issues.chromium.org/issues/444049512", "reference_id": "444049512", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:09:43Z/" } ], "url": "https://issues.chromium.org/issues/444049512" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:09:43Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12441" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-42cw-f7xp-tqdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66480?format=api", "vulnerability_id": "VCID-437c-vuxc-bycy", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13042.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13042.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13042", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26311", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26406", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26359", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27125", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34794", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34714", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34768", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13042" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13042", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13042" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414594", "reference_id": "2414594", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414594" }, { "reference_url": "https://issues.chromium.org/issues/457351015", "reference_id": "457351015", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T04:55:29Z/" } ], "url": "https://issues.chromium.org/issues/457351015" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_11.html", "reference_id": "stable-channel-update-for-desktop_11.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-13T04:55:29Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_11.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13042" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-437c-vuxc-bycy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96981?format=api", "vulnerability_id": "VCID-43a7-cgas-k3hs", "summary": "Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06988", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07001", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06993", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06877", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06926", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0691", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06965", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0628" }, { "reference_url": "https://issues.chromium.org/issues/463155954", "reference_id": "463155954", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:23Z/" } ], "url": "https://issues.chromium.org/issues/463155954" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-08T04:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0628" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43a7-cgas-k3hs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96938?format=api", "vulnerability_id": "VCID-43dh-62vg-myda", "summary": "Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7656", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2374", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23831", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2387", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2391", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23699", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2377", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23816", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7656" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7656", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7656" }, { "reference_url": "https://issues.chromium.org/issues/425583995", "reference_id": "425583995", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:05Z/" } ], "url": "https://issues.chromium.org/issues/425583995" }, { "reference_url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:05Z/" } ], "url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-7656" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-43dh-62vg-myda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47280?format=api", "vulnerability_id": "VCID-4421-e3ts-aqaw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0442", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28531", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28559", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28647", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28691", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.2856", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.286", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0442" }, { "reference_url": "https://issues.chromium.org/issues/40940854", "reference_id": "40940854", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:34:26Z/" } ], "url": "https://issues.chromium.org/issues/40940854" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:34:26Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0442" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4421-e3ts-aqaw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34536?format=api", "vulnerability_id": "VCID-44gz-jthj-1far", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11215.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11215.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11215", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09288", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09411", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09426", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09396", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09382", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09856", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09806", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11429", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11215" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11215", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11215" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413268", "reference_id": "2413268", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413268" }, { "reference_url": "https://issues.chromium.org/issues/439758498", "reference_id": "439758498", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T14:50:02Z/" } ], "url": "https://issues.chromium.org/issues/439758498" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T14:50:02Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11215" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44gz-jthj-1far" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64384?format=api", "vulnerability_id": "VCID-49jd-zza9-pqe3", "summary": "chromium-browser: Inappropriate implementation in WebAssembly", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3542.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3542.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3542", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22097", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00072", "scoring_system": "epss", "scoring_elements": "0.22044", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23301", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23358", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23378", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.2334", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23284", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23235", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23308", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3542" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3542", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3542" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444616", "reference_id": "2444616", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444616" }, { "reference_url": "https://issues.chromium.org/issues/485152421", "reference_id": "485152421", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:11:05Z/" } ], "url": "https://issues.chromium.org/issues/485152421" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:11:05Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3542" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-49jd-zza9-pqe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64389?format=api", "vulnerability_id": "VCID-49ka-96ec-qubu", "summary": "chromium-browser: Heap buffer overflow in WebCodecs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3544.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3544.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3544", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24807", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25993", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26085", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26094", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26049", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25989", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25966", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26033", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3544" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3544", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3544" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444623", "reference_id": "2444623", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444623" }, { "reference_url": "https://issues.chromium.org/issues/485683110", "reference_id": "485683110", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:56:01Z/" } ], "url": "https://issues.chromium.org/issues/485683110" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:56:01Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3544" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-49ka-96ec-qubu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96630?format=api", "vulnerability_id": "VCID-4a82-wdqx-2ub1", "summary": "Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3072", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40079", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40105", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40026", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40093", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40047", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40097", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3072", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3072" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3072" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4a82-wdqx-2ub1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96422?format=api", "vulnerability_id": "VCID-4aa4-pd7n-yyfq", "summary": "Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51573", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51542", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.5153", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51481", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51508", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51467", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51521", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00281", "scoring_system": "epss", "scoring_elements": "0.51519", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0995" }, { "reference_url": "https://issues.chromium.org/issues/391907159", "reference_id": "391907159", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:15:01Z/" } ], "url": "https://issues.chromium.org/issues/391907159" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:15:01Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0995" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4aa4-pd7n-yyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47273?format=api", "vulnerability_id": "VCID-4dke-ryut-ebhg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.6639", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66399", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66385", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66354", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66319", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66317", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00509", "scoring_system": "epss", "scoring_elements": "0.66378", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0436" }, { "reference_url": "https://issues.chromium.org/issues/382786791", "reference_id": "382786791", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:49:46Z/" } ], "url": "https://issues.chromium.org/issues/382786791" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:49:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0436" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dke-ryut-ebhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96359?format=api", "vulnerability_id": "VCID-4dnd-n4tg-8fhs", "summary": "Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6990", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56805", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56842", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5685", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56827", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56789", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5681", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56785", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6990" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6990", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6990" }, { "reference_url": "https://issues.chromium.org/issues/353034820", "reference_id": "353034820", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-03T03:56:04Z/" } ], "url": "https://issues.chromium.org/issues/353034820" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-03T03:56:04Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6990" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4dnd-n4tg-8fhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51271?format=api", "vulnerability_id": "VCID-4g2e-nypz-j3cb", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0809", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12302", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12492", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12534", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12342", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12422", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12473", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12442", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12402", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0809" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0809", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0809" }, { "reference_url": "https://crbug.com/1497985", "reference_id": "1497985", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:39:59Z/" } ], "url": "https://crbug.com/1497985" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:39:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:39:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-15T14:39:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0809" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4g2e-nypz-j3cb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66411?format=api", "vulnerability_id": "VCID-4gd5-hba3-z3c2", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13630.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13630.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35035", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13630" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418459", "reference_id": "2418459", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418459" }, { "reference_url": "https://issues.chromium.org/issues/456547591", "reference_id": "456547591", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:41Z/" } ], "url": "https://issues.chromium.org/issues/456547591" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13630" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4gd5-hba3-z3c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350929?format=api", "vulnerability_id": "VCID-4hwd-qaxh-ebac", "summary": "Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5861.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5861.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34024", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5861" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456739", "reference_id": "2456739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456739" }, { "reference_url": "https://issues.chromium.org/issues/486927780", "reference_id": "486927780", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:40Z/" } ], "url": "https://issues.chromium.org/issues/486927780" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5861" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4hwd-qaxh-ebac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47248?format=api", "vulnerability_id": "VCID-4mw4-w3rp-kka6", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11110", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18982", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19119", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19125", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19079", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19026", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19219", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19271", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.18986", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19066", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11110" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11110", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11110" }, { "reference_url": "https://issues.chromium.org/issues/373263969", "reference_id": "373263969", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:28:27Z/" } ], "url": "https://issues.chromium.org/issues/373263969" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:28:27Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11110" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4mw4-w3rp-kka6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96510?format=api", "vulnerability_id": "VCID-4nwy-ujza-aqeg", "summary": "Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1923", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22852", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22897", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22689", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22816", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22838", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29213", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.3329", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.3333", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1923" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1923", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1923" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1923" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4nwy-ujza-aqeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47479?format=api", "vulnerability_id": "VCID-4psj-zrnq-c3ar", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5831", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.6532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65346", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.6531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65373", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65379", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65351", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5831" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5831", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5831" }, { "reference_url": "https://issues.chromium.org/issues/339171223", "reference_id": "339171223", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:47Z/" } ], "url": "https://issues.chromium.org/issues/339171223" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:47Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:47Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5831" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4psj-zrnq-c3ar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59076?format=api", "vulnerability_id": "VCID-4rsu-dm7j-pkbt", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.105", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10622", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10684", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10547", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10619", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10678", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10636", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1674" }, { "reference_url": "https://issues.chromium.org/issues/40095183", "reference_id": "40095183", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T18:52:13Z/" } ], "url": "https://issues.chromium.org/issues/40095183" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T18:52:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T18:52:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T18:52:13Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1674" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4rsu-dm7j-pkbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96240?format=api", "vulnerability_id": "VCID-4ugv-vjzk-8qgw", "summary": "Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4948", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48599", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48536", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48546", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48491", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48539", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4948" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4948", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4948" }, { "reference_url": "https://issues.chromium.org/issues/333414294", "reference_id": "333414294", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T15:08:45Z/" } ], "url": "https://issues.chromium.org/issues/333414294" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T15:08:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/", "reference_id": "NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T15:08:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T15:08:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/", "reference_id": "WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T15:08:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4948" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ugv-vjzk-8qgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47547?format=api", "vulnerability_id": "VCID-4vsx-3sh3-xfdn", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68621", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68624", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68611", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68551", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68529", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.6858", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8636" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8636" }, { "reference_url": "https://issues.chromium.org/issues/361461526", "reference_id": "361461526", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:16Z/" } ], "url": "https://issues.chromium.org/issues/361461526" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:16Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8636" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4vsx-3sh3-xfdn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96367?format=api", "vulnerability_id": "VCID-4wbt-pjxj-qbcp", "summary": "Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7025", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40154", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40179", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40103", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40155", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40168", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40141", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40122", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40172", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7025" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7025", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7025" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7025" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4wbt-pjxj-qbcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47469?format=api", "vulnerability_id": "VCID-4x4d-qvt8-93hx", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.4018", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40188", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40111", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40165", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40177", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.4015", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40131", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00184", "scoring_system": "epss", "scoring_elements": "0.40162", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4059" }, { "reference_url": "https://issues.chromium.org/issues/333182464", "reference_id": "333182464", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T13:45:44Z/" } ], "url": "https://issues.chromium.org/issues/333182464" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T13:45:44Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T13:45:44Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4059" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4x4d-qvt8-93hx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96351?format=api", "vulnerability_id": "VCID-51sw-7uqb-wqbw", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6772", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55275", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55252", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55302", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55303", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55314", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55294", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00322", "scoring_system": "epss", "scoring_elements": "0.55272", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00502", "scoring_system": "epss", "scoring_elements": "0.66027", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6772" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6772", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6772" }, { "reference_url": "https://issues.chromium.org/issues/346597059", "reference_id": "346597059", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:43Z/" } ], "url": "https://issues.chromium.org/issues/346597059" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:43Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6772" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-51sw-7uqb-wqbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96744?format=api", "vulnerability_id": "VCID-54d8-nkk2-nyhf", "summary": "Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16948", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17122", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17074", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17013", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17219", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1709", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17147", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5067" }, { "reference_url": "https://issues.chromium.org/issues/40075024", "reference_id": "40075024", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:23:27Z/" } ], "url": "https://issues.chromium.org/issues/40075024" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:23:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5067" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54d8-nkk2-nyhf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96885?format=api", "vulnerability_id": "VCID-54sp-9hcq-skh6", "summary": "Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6556", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05648", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05639", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05649", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05675", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6556" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6556", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6556" }, { "reference_url": "https://issues.chromium.org/issues/40062462", "reference_id": "40062462", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:19Z/" } ], "url": "https://issues.chromium.org/issues/40062462" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:19Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6556" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-54sp-9hcq-skh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350956?format=api", "vulnerability_id": "VCID-5754-qrbg-2yds", "summary": "Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5888.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5888.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5888", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08661", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09366", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5888" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5888", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456800", "reference_id": "2456800", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456800" }, { "reference_url": "https://issues.chromium.org/issues/486506202", "reference_id": "486506202", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:59:40Z/" } ], "url": "https://issues.chromium.org/issues/486506202" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:59:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5888" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5754-qrbg-2yds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96484?format=api", "vulnerability_id": "VCID-57rb-fgba-xqae", "summary": "Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14373", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11354", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11411", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11203", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11284", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11338", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11344", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11311", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.1559", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15517", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14373" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14373", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14373" }, { "reference_url": "https://issues.chromium.org/issues/461532432", "reference_id": "461532432", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-12T20:19:27Z/" } ], "url": "https://issues.chromium.org/issues/461532432" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-12T20:19:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-14373" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-57rb-fgba-xqae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66590?format=api", "vulnerability_id": "VCID-5a28-29fu-5qfm", "summary": "chromium-browser: Incorrect security UI in Fullscreen UI", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12444.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12444.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12444", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17033", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16986", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16927", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17517", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17607", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17742", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12444" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413863", "reference_id": "2413863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413863" }, { "reference_url": "https://issues.chromium.org/issues/390571618", "reference_id": "390571618", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:06:37Z/" } ], "url": "https://issues.chromium.org/issues/390571618" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:06:37Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12444" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5a28-29fu-5qfm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64620?format=api", "vulnerability_id": "VCID-5f2g-tdga-5fcc", "summary": "chromium-browser: Use after free in CSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2441.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42395", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42425", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42363", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00203", "scoring_system": "epss", "scoring_elements": "0.42412", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49453", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49436", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57796", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57775", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00354", "scoring_system": "epss", "scoring_elements": "0.57804", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2441" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439743", "reference_id": "2439743", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439743" }, { "reference_url": "https://issues.chromium.org/issues/483569511", "reference_id": "483569511", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-18T04:56:21Z/" } ], "url": "https://issues.chromium.org/issues/483569511" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-02-18T04:56:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2441" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5f2g-tdga-5fcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47518?format=api", "vulnerability_id": "VCID-5fgg-qq38-tbcp", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7532", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43814", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43778", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43781", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43801", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43752", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43769", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43794", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43726", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7532" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7532", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7532" }, { "reference_url": "https://issues.chromium.org/issues/350528343", "reference_id": "350528343", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:59Z/" } ], "url": "https://issues.chromium.org/issues/350528343" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7532" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5fgg-qq38-tbcp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47508?format=api", "vulnerability_id": "VCID-5hry-b8fp-qqet", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22697", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22754", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22776", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22738", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22681", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22795", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22839", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22628", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22703", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6996" }, { "reference_url": "https://issues.chromium.org/issues/333708039", "reference_id": "333708039", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:06:30Z/" } ], "url": "https://issues.chromium.org/issues/333708039" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T18:06:30Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6996" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5hry-b8fp-qqet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350969?format=api", "vulnerability_id": "VCID-5uf7-45dg-skfb", "summary": "Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5901.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5901.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05503", "published_at": "2026-04-16T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00754", "published_at": "2026-04-12T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00759", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5901" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456772", "reference_id": "2456772", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456772" }, { "reference_url": "https://issues.chromium.org/issues/479673903", "reference_id": "479673903", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:04:30Z/" } ], "url": "https://issues.chromium.org/issues/479673903" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:04:30Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5901" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5uf7-45dg-skfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47475?format=api", "vulnerability_id": "VCID-5us9-z9j9-h3gy", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39327", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39311", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39335", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39249", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39304", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.3932", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39332", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00177", "scoring_system": "epss", "scoring_elements": "0.39275", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5158" }, { "reference_url": "https://issues.chromium.org/issues/338908243", "reference_id": "338908243", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://issues.chromium.org/issues/338908243" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/", "reference_id": "5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/", "reference_id": "FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:26Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5158" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5us9-z9j9-h3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64315?format=api", "vulnerability_id": "VCID-5vsp-atse-vqe7", "summary": "chromium-browser: Insufficient policy enforcement in ChromeDriver", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3934.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3934.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3934", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06918", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07751", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3934" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3934", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3934" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446850", "reference_id": "2446850", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446850" }, { "reference_url": "https://issues.chromium.org/issues/478783560", "reference_id": "478783560", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:04:10Z/" } ], "url": "https://issues.chromium.org/issues/478783560" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:04:10Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3934" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5vsp-atse-vqe7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96413?format=api", "vulnerability_id": "VCID-5whj-kbpq-kbhb", "summary": "Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0445", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12554", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12596", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12404", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12485", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1524", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15174", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15089", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0445" }, { "reference_url": "https://issues.chromium.org/issues/392521083", "reference_id": "392521083", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:25:40Z/" } ], "url": "https://issues.chromium.org/issues/392521083" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:25:40Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0445" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5whj-kbpq-kbhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47285?format=api", "vulnerability_id": "VCID-5wu4-dfd3-wkh2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0762", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59034", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59036", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59018", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58999", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58971", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58993", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.58959", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59011", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00373", "scoring_system": "epss", "scoring_elements": "0.59017", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0762" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0762", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0762" }, { "reference_url": "https://issues.chromium.org/issues/384844003", "reference_id": "384844003", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T14:20:02Z/" } ], "url": "https://issues.chromium.org/issues/384844003" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-29T14:20:02Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0762" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5wu4-dfd3-wkh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59079?format=api", "vulnerability_id": "VCID-5yx6-q3fm-3kfh", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2173", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34467", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34554", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34422", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34464", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34495", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34456", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34431", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00186", "scoring_system": "epss", "scoring_elements": "0.40372", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2173" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2173", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2173" }, { "reference_url": "https://issues.chromium.org/issues/325893559", "reference_id": "325893559", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:12Z/" } ], "url": "https://issues.chromium.org/issues/325893559" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/", "reference_id": "OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2173" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5yx6-q3fm-3kfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96973?format=api", "vulnerability_id": "VCID-5z4q-511c-3yfg", "summary": "Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12334", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12538", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12508", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13093", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13295", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13229", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13175", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9865" }, { "reference_url": "https://issues.chromium.org/issues/437147699", "reference_id": "437147699", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:12:49Z/" } ], "url": "https://issues.chromium.org/issues/437147699" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:12:49Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-9865" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5z4q-511c-3yfg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63894?format=api", "vulnerability_id": "VCID-5znj-k78s-suca", "summary": "chromium-browser: Use after free in PDF", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5287.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5287.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5287", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22593", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2255", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23723", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23814", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2377", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23753", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5287" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5287", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5287" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453683", "reference_id": "2453683", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453683" }, { "reference_url": "https://issues.chromium.org/issues/494644471", "reference_id": "494644471", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:47:47Z/" } ], "url": "https://issues.chromium.org/issues/494644471" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:47:47Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5287" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5znj-k78s-suca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96463?format=api", "vulnerability_id": "VCID-621x-1fsp-qbg8", "summary": "Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16864", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16927", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16986", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17033", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17517", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17742", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17607", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12447" }, { "reference_url": "https://issues.chromium.org/issues/442636157", "reference_id": "442636157", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T00:18:41Z/" } ], "url": "https://issues.chromium.org/issues/442636157" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T00:18:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12447" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-621x-1fsp-qbg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47268?format=api", "vulnerability_id": "VCID-65wc-ug52-3ydw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12695", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84485", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84456", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84468", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84464", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84406", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84426", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.84428", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02213", "scoring_system": "epss", "scoring_elements": "0.8445", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12695" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12695", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12695" }, { "reference_url": "https://issues.chromium.org/issues/383647255", "reference_id": "383647255", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:48Z/" } ], "url": "https://issues.chromium.org/issues/383647255" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:48Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12695" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65wc-ug52-3ydw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350974?format=api", "vulnerability_id": "VCID-67c2-tzxz-6ucq", "summary": "Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5906.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5906.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05968", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05987", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07954", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5906" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456784", "reference_id": "2456784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456784" }, { "reference_url": "https://issues.chromium.org/issues/484082189", "reference_id": "484082189", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:41:15Z/" } ], "url": "https://issues.chromium.org/issues/484082189" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:41:15Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5906" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-67c2-tzxz-6ucq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66588?format=api", "vulnerability_id": "VCID-68h2-kn31-2ybd", "summary": "chromium-browser: Incorrect security UI in SplitView", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12446.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12446.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17109", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17299", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17278", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18048", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17749", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17836", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17994", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12446" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413855", "reference_id": "2413855", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413855" }, { "reference_url": "https://issues.chromium.org/issues/444932667", "reference_id": "444932667", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:40:19Z/" } ], "url": "https://issues.chromium.org/issues/444932667" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:40:19Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12446" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-68h2-kn31-2ybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96632?format=api", "vulnerability_id": "VCID-699p-7mfs-2yf5", "summary": "Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3074", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35962", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35985", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35946", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36042", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.36072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35905", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35956", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35979", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3074" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3074", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3074" }, { "reference_url": "https://issues.chromium.org/issues/392818696", "reference_id": "392818696", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:09:04Z/" } ], "url": "https://issues.chromium.org/issues/392818696" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:09:04Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3074" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-699p-7mfs-2yf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47495?format=api", "vulnerability_id": "VCID-69gk-s2gk-5fan", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61659", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61689", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.6166", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61709", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61724", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61745", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00416", "scoring_system": "epss", "scoring_elements": "0.61713", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5844" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5844", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5844" }, { "reference_url": "https://issues.chromium.org/issues/331960660", "reference_id": "331960660", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:03Z/" } ], "url": "https://issues.chromium.org/issues/331960660" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:03Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5844" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-69gk-s2gk-5fan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47560?format=api", "vulnerability_id": "VCID-6cgw-ceaa-jqht", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10826", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.5753", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57529", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57545", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57522", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57475", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57496", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57473", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57526", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10826" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10826", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10826" }, { "reference_url": "https://issues.chromium.org/issues/370217726", "reference_id": "370217726", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T17:02:53Z/" } ], "url": "https://issues.chromium.org/issues/370217726" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T17:02:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10826" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cgw-ceaa-jqht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47536?format=api", "vulnerability_id": "VCID-6cnh-99d3-fff6", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7977", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07849", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07945", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0793", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07889", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07938", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07954", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7977" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7977", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7977" }, { "reference_url": "https://issues.chromium.org/issues/324770940", "reference_id": "324770940", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T19:38:05Z/" } ], "url": "https://issues.chromium.org/issues/324770940" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T19:38:05Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7977" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6cnh-99d3-fff6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97124?format=api", "vulnerability_id": "VCID-6dub-gz8z-m3fk", "summary": "Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5289", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19778", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21073", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2103", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20997", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5289" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5289", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5289" }, { "reference_url": "https://issues.chromium.org/issues/495931147", "reference_id": "495931147", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:49:21Z/" } ], "url": "https://issues.chromium.org/issues/495931147" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:49:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5289" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6dub-gz8z-m3fk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96629?format=api", "vulnerability_id": "VCID-6fhm-q7k7-n3dw", "summary": "Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3071", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.106", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10793", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1076", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10645", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10778", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3071" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3071", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3071" }, { "reference_url": "https://issues.chromium.org/issues/40051596", "reference_id": "40051596", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T20:23:07Z/" } ], "url": "https://issues.chromium.org/issues/40051596" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-10T20:23:07Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3071" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6fhm-q7k7-n3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64224?format=api", "vulnerability_id": "VCID-6g55-bq46-4qf6", "summary": "chromium-browser: Insufficient validation of untrusted input in Navigation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4451.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4451.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4451", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30333", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30407", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30409", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30317", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30504", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30314", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30373", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4451" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4451", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4451" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449385", "reference_id": "2449385", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449385" }, { "reference_url": "https://issues.chromium.org/issues/487768779", "reference_id": "487768779", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:37Z/" } ], "url": "https://issues.chromium.org/issues/487768779" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:37Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4451" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6g55-bq46-4qf6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64331?format=api", "vulnerability_id": "VCID-6mnu-e2be-wyct", "summary": "chromium-browser: Incorrect security UI in WebAppInstalls", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3935.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3935.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3935", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07184", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07207", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07228", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07262", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07289", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07285", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07984", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08095", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08078", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3935" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3935", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3935" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446872", "reference_id": "2446872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446872" }, { "reference_url": "https://issues.chromium.org/issues/479326680", "reference_id": "479326680", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:05:54Z/" } ], "url": "https://issues.chromium.org/issues/479326680" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:05:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3935" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6mnu-e2be-wyct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47473?format=api", "vulnerability_id": "VCID-6mue-56py-gkhg", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4761.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4761.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4761", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02473", "scoring_system": "epss", "scoring_elements": "0.85294", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02473", "scoring_system": "epss", "scoring_elements": "0.85255", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02473", "scoring_system": "epss", "scoring_elements": "0.85264", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02473", "scoring_system": "epss", "scoring_elements": "0.85278", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02473", "scoring_system": "epss", "scoring_elements": "0.85276", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02473", "scoring_system": "epss", "scoring_elements": "0.85273", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0254", "scoring_system": "epss", "scoring_elements": "0.85417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0254", "scoring_system": "epss", "scoring_elements": "0.8542", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05239", "scoring_system": "epss", "scoring_elements": "0.8993", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4761" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4761", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4761" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280589", "reference_id": "2280589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2280589" }, { "reference_url": "https://issues.chromium.org/issues/339458194", "reference_id": "339458194", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-19T14:10:45Z/" } ], "url": "https://issues.chromium.org/issues/339458194" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-19T14:10:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/", "reference_id": "NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-19T14:10:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-19T14:10:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_13.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/", "reference_id": "WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-12-19T14:10:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4761" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6mue-56py-gkhg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59069?format=api", "vulnerability_id": "VCID-6qzb-mjpe-8qey", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57074", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57028", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.5705", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57078", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57079", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57091", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.5707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57046", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1669" }, { "reference_url": "https://issues.chromium.org/issues/41495060", "reference_id": "41495060", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-31T14:56:31Z/" } ], "url": "https://issues.chromium.org/issues/41495060" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-31T14:56:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-31T14:56:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-31T14:56:31Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1669" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qzb-mjpe-8qey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66595?format=api", "vulnerability_id": "VCID-6rrx-tub6-tyg5", "summary": "chromium-browser: Use after free in PageInfo", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12437.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12437.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25235", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25309", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25278", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25225", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26087", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26045", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12437" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413872", "reference_id": "2413872", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413872" }, { "reference_url": "https://issues.chromium.org/issues/446294487", "reference_id": "446294487", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:43Z/" } ], "url": "https://issues.chromium.org/issues/446294487" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:43Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12437" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rrx-tub6-tyg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47492?format=api", "vulnerability_id": "VCID-6srd-841w-y3ba", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54254", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54189", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.5422", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54195", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54248", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54292", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54275", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5841" }, { "reference_url": "https://issues.chromium.org/issues/326765855", "reference_id": "326765855", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:33:27Z/" } ], "url": "https://issues.chromium.org/issues/326765855" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:33:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:33:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:33:27Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5841" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6srd-841w-y3ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96356?format=api", "vulnerability_id": "VCID-6te6-9qty-f7fg", "summary": "Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6777", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15506", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15713", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15679", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15644", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15579", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15701", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15765", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15569", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15654", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6777" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6777", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6777" }, { "reference_url": "https://issues.chromium.org/issues/345640549", "reference_id": "345640549", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:49Z/" } ], "url": "https://issues.chromium.org/issues/345640549" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6777" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6te6-9qty-f7fg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65165?format=api", "vulnerability_id": "VCID-6tkp-6yc2-cudg", "summary": "chromium-browser: Out of bounds memory access in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0899.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1017", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10326", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10315", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10297", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10293", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1019", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10264", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0899" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431127", "reference_id": "2431127", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431127" }, { "reference_url": "https://issues.chromium.org/issues/458914193", "reference_id": "458914193", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:19Z/" } ], "url": "https://issues.chromium.org/issues/458914193" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0899" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6tkp-6yc2-cudg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59095?format=api", "vulnerability_id": "VCID-6u7f-hc3c-87fu", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53543", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53508", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53542", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53496", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53445", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53476", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2885" }, { "reference_url": "https://issues.chromium.org/issues/328958020", "reference_id": "328958020", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:28Z/" } ], "url": "https://issues.chromium.org/issues/328958020" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/", "reference_id": "3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/", "reference_id": "G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/", "reference_id": "IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html", "reference_id": "stable-channel-update-for-desktop_26.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:28Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2885" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6u7f-hc3c-87fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64221?format=api", "vulnerability_id": "VCID-6va8-bx38-4bev", "summary": "chromium-browser: Integer overflow in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4464.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4464.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23728", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23757", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4464" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449382", "reference_id": "2449382", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449382" }, { "reference_url": "https://issues.chromium.org/issues/487208468", "reference_id": "487208468", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:15:23Z/" } ], "url": "https://issues.chromium.org/issues/487208468" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:15:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4464" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6va8-bx38-4bev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96471?format=api", "vulnerability_id": "VCID-6wb7-8x4p-dkgt", "summary": "Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17437", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17579", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17593", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17546", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17493", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.297", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.2965", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12906" }, { "reference_url": "https://issues.chromium.org/issues/428455319", "reference_id": "428455319", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:33Z/" } ], "url": "https://issues.chromium.org/issues/428455319" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:33Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12906" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wb7-8x4p-dkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47550?format=api", "vulnerability_id": "VCID-6wvf-a1jy-qfa3", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50787", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50716", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50772", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50768", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50811", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50735", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.5076", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8639" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8639" }, { "reference_url": "https://issues.chromium.org/issues/362658609", "reference_id": "362658609", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:20Z/" } ], "url": "https://issues.chromium.org/issues/362658609" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:20Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8639" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wvf-a1jy-qfa3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64866?format=api", "vulnerability_id": "VCID-71px-5p92-ebh3", "summary": "chromium-browser: Inappropriate implementation in Background Fetch API", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1504.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1504.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1504", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11658", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11601", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13434", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13634", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13606", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13569", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13521", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13502", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13583", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1504" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1504", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1504" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433556", "reference_id": "2433556", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2433556" }, { "reference_url": "https://issues.chromium.org/issues/474435504", "reference_id": "474435504", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:15:06Z/" } ], "url": "https://issues.chromium.org/issues/474435504" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-27T21:15:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-1504" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-71px-5p92-ebh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47558?format=api", "vulnerability_id": "VCID-7b1v-cp5z-zffj", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48681", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48629", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48646", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.4862", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48632", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48604", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48627", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48579", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48633", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10230" }, { "reference_url": "https://issues.chromium.org/issues/371565065", "reference_id": "371565065", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:28:20Z/" } ], "url": "https://issues.chromium.org/issues/371565065" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:28:20Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10230" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7b1v-cp5z-zffj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63902?format=api", "vulnerability_id": "VCID-7gex-zf7d-5ka4", "summary": "chromium-browser: Use after free in CSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5273.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5273.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5273", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18975", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18922", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20126", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20213", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20238", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20192", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20134", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20074", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20155", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5273" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5273", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5273" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453694", "reference_id": "2453694", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453694" }, { "reference_url": "https://issues.chromium.org/issues/493952652", "reference_id": "493952652", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:47:18Z/" } ], "url": "https://issues.chromium.org/issues/493952652" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:47:18Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-5273" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7gex-zf7d-5ka4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66410?format=api", "vulnerability_id": "VCID-7h7y-24wt-fbb4", "summary": "chromium-browser: Inappropriate implementation in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13632.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05837", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08778", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0891", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08937", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08936", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08888", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08901", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08832", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13632" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418463", "reference_id": "2418463", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418463" }, { "reference_url": "https://issues.chromium.org/issues/439058242", "reference_id": "439058242", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:50:21Z/" } ], "url": "https://issues.chromium.org/issues/439058242" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:50:21Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13632" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7h7y-24wt-fbb4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350975?format=api", "vulnerability_id": "VCID-7krq-wfrd-6fbp", "summary": "Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24875", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456752", "reference_id": "2456752", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456752" }, { "reference_url": "https://issues.chromium.org/issues/484665123", "reference_id": "484665123", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:31:54Z/" } ], "url": "https://issues.chromium.org/issues/484665123" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:31:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5907" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7krq-wfrd-6fbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51276?format=api", "vulnerability_id": "VCID-7xpc-b6br-67eq", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22779", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22873", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22918", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2271", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22786", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22838", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22821", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22765", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0813" }, { "reference_url": "https://crbug.com/1477151", "reference_id": "1477151", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T14:32:54Z/" } ], "url": "https://crbug.com/1477151" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T14:32:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T14:32:54Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T14:32:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0813" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xpc-b6br-67eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47525?format=api", "vulnerability_id": "VCID-7xwr-n7n2-kqbz", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7965.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7965.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96341", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96345", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96349", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96352", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96329", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.26818", "scoring_system": "epss", "scoring_elements": "0.96333", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7965" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307087", "reference_id": "2307087", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307087" }, { "reference_url": "https://issues.chromium.org/issues/356196918", "reference_id": "356196918", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-31T03:55:29Z/" } ], "url": "https://issues.chromium.org/issues/356196918" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-31T03:55:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7965" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7xwr-n7n2-kqbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96143?format=api", "vulnerability_id": "VCID-83ge-9gkd-vbdb", "summary": "Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.75619", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.75713", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.75681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.75675", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.75664", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.7563", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00901", "scoring_system": "epss", "scoring_elements": "0.7565", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3846" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3846", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3846" }, { "reference_url": "https://issues.chromium.org/issues/40064754", "reference_id": "40064754", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://issues.chromium.org/issues/40064754" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-01T16:16:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3846" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-83ge-9gkd-vbdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63895?format=api", "vulnerability_id": "VCID-88yy-dyf6-cue7", "summary": "chromium-browser: Use after free in Dawn", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5284.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5284.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5284", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22593", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2255", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23723", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23814", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2377", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23753", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5284" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5284", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5284" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453684", "reference_id": "2453684", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453684" }, { "reference_url": "https://issues.chromium.org/issues/492139412", "reference_id": "492139412", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:22:04Z/" } ], "url": "https://issues.chromium.org/issues/492139412" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:22:04Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5284" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-88yy-dyf6-cue7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34529?format=api", "vulnerability_id": "VCID-8bnc-dry1-23bq", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11209", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1447", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14479", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14529", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14567", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1745", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11209" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11209", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11209" }, { "reference_url": "https://issues.chromium.org/issues/438226517", "reference_id": "438226517", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:07:53Z/" } ], "url": "https://issues.chromium.org/issues/438226517" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:07:53Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11209" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8bnc-dry1-23bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66406?format=api", "vulnerability_id": "VCID-8enw-6zpp-gfdw", "summary": "chromium-browser: Inappropriate implementation in WebRTC", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13639.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13639.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12285", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16759", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16955", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16929", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16883", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16825", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17027", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16897", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13639" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13639", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13639" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418469", "reference_id": "2418469", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418469" }, { "reference_url": "https://issues.chromium.org/issues/448408148", "reference_id": "448408148", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-08T20:08:33Z/" } ], "url": "https://issues.chromium.org/issues/448408148" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-08T20:08:33Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13639" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8enw-6zpp-gfdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66402?format=api", "vulnerability_id": "VCID-8gcp-86m1-g7bv", "summary": "chromium-browser: Race in v8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13721.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13721.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23409", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29578", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29652", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29655", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.2961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29558", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29732", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29552", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29614", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13721" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418465", "reference_id": "2418465", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418465" }, { "reference_url": "https://issues.chromium.org/issues/355120682", "reference_id": "355120682", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:46Z/" } ], "url": "https://issues.chromium.org/issues/355120682" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13721" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8gcp-86m1-g7bv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96503?format=api", "vulnerability_id": "VCID-8h6y-rjqd-nydy", "summary": "Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06339", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19401", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24621", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24811", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24691", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24738", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24849", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1915" }, { "reference_url": "https://issues.chromium.org/issues/391114799", "reference_id": "391114799", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:23Z/" } ], "url": "https://issues.chromium.org/issues/391114799" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1915" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8h6y-rjqd-nydy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34513?format=api", "vulnerability_id": "VCID-8hq7-bca9-xkhw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37457", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37472", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37437", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.3741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37543", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37566", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37394", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37446", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37458", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8882" }, { "reference_url": "https://issues.chromium.org/issues/435623339", "reference_id": "435623339", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:13Z/" } ], "url": "https://issues.chromium.org/issues/435623339" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:13Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8882" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8hq7-bca9-xkhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64228?format=api", "vulnerability_id": "VCID-8kq6-ndny-7bgx", "summary": "chromium-browser: Heap buffer overflow in PDFium", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4455.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4455.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4455", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22388", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22433", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22304", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4455" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4455" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449392", "reference_id": "2449392", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449392" }, { "reference_url": "https://issues.chromium.org/issues/488585504", "reference_id": "488585504", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:21Z/" } ], "url": "https://issues.chromium.org/issues/488585504" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4455" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8kq6-ndny-7bgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96340?format=api", "vulnerability_id": "VCID-8m5n-bvg8-vkcm", "summary": "Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69571", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.6964", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69655", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69632", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69616", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69565", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00606", "scoring_system": "epss", "scoring_elements": "0.69586", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71087", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00658", "scoring_system": "epss", "scoring_elements": "0.71041", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6100" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6100", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6100" }, { "reference_url": "https://issues.chromium.org/issues/344608204", "reference_id": "344608204", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:52Z/" } ], "url": "https://issues.chromium.org/issues/344608204" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/", "reference_id": "6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:52Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/", "reference_id": "U5NRNCEYS246CYGOR32MF7OGKWOWER22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:52Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6100" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8m5n-bvg8-vkcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59097?format=api", "vulnerability_id": "VCID-8nzh-a7kr-gqem", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.76667", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.76639", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.7672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.76692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.76681", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00975", "scoring_system": "epss", "scoring_elements": "0.76649", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01317", "scoring_system": "epss", "scoring_elements": "0.79886", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2886" }, { "reference_url": "https://issues.chromium.org/issues/330575496", "reference_id": "330575496", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:29Z/" } ], "url": "https://issues.chromium.org/issues/330575496" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/", "reference_id": "3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/", "reference_id": "G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/", "reference_id": "IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html", "reference_id": "stable-channel-update-for-desktop_26.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-30T04:00:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2886" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8nzh-a7kr-gqem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96886?format=api", "vulnerability_id": "VCID-8qta-157v-ubac", "summary": "Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6557", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24534", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24619", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24577", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24523", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24677", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24715", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24487", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24558", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24603", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6557" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6557", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6557" }, { "reference_url": "https://issues.chromium.org/issues/406631048", "reference_id": "406631048", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:17Z/" } ], "url": "https://issues.chromium.org/issues/406631048" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6557" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8qta-157v-ubac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96428?format=api", "vulnerability_id": "VCID-8sah-61zb-cbb8", "summary": "Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10201", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05871", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05839", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06288", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06777", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06763", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06769", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06693", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06742", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06776", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10201" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10201", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10201" }, { "reference_url": "https://issues.chromium.org/issues/439305148", "reference_id": "439305148", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-10T19:22:27Z/" } ], "url": "https://issues.chromium.org/issues/439305148" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html", "reference_id": "stable-channel-update-for-desktop_9.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-10T19:22:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10201" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8sah-61zb-cbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64239?format=api", "vulnerability_id": "VCID-8trt-crc2-hke8", "summary": "chromium-browser: Use after free in Digital Credentials API", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4456.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29253", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29279", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29404", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29282", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4456" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449407", "reference_id": "2449407", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449407" }, { "reference_url": "https://issues.chromium.org/issues/488617440", "reference_id": "488617440", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:23Z/" } ], "url": "https://issues.chromium.org/issues/488617440" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4456" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8trt-crc2-hke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63897?format=api", "vulnerability_id": "VCID-8uaq-e8kp-87fs", "summary": "chromium-browser: Out of bounds read in WebCodecs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5282.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5282.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5282", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19556", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19612", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19471", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5282" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5282", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5282" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453688", "reference_id": "2453688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453688" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-5282" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8uaq-e8kp-87fs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96740?format=api", "vulnerability_id": "VCID-8vsf-szma-sbad", "summary": "Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5063", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63955", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63968", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63954", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63921", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63902", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63887", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63937", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00457", "scoring_system": "epss", "scoring_elements": "0.63956", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5063" }, { "reference_url": "https://issues.chromium.org/issues/411573532", "reference_id": "411573532", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-29T03:55:44Z/" } ], "url": "https://issues.chromium.org/issues/411573532" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-29T03:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5063" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8vsf-szma-sbad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64651?format=api", "vulnerability_id": "VCID-8w28-7mdd-gkf9", "summary": "chromium-browser: Insufficient policy enforcement in Frames", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2316.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2316.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2316", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08153", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08109", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0812", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08071", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08131", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2316" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2316", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2316" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439072", "reference_id": "2439072", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439072" }, { "reference_url": "https://issues.chromium.org/issues/422531206", "reference_id": "422531206", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:34:33Z/" } ], "url": "https://issues.chromium.org/issues/422531206" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:34:33Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2316" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8w28-7mdd-gkf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96392?format=api", "vulnerability_id": "VCID-8zqx-ypy1-4uab", "summary": "Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24099", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24167", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24185", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24143", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24086", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24234", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24123", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8908" }, { "reference_url": "https://issues.chromium.org/issues/337222641", "reference_id": "337222641", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T14:46:36Z/" } ], "url": "https://issues.chromium.org/issues/337222641" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T14:46:36Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8908" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8zqx-ypy1-4uab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34526?format=api", "vulnerability_id": "VCID-9247-yks3-r3a4", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11206.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11206.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11206", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23509", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2358", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23626", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23643", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.236", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23544", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24433", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24401", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26301", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11206" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11206", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11206" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413262", "reference_id": "2413262", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413262" }, { "reference_url": "https://issues.chromium.org/issues/444755026", "reference_id": "444755026", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:16Z/" } ], "url": "https://issues.chromium.org/issues/444755026" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11206" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9247-yks3-r3a4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56158?format=api", "vulnerability_id": "VCID-98mt-7srw-qfh4", "summary": "A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-5283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50758", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50733", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50756", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50714", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50663", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50718", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00273", "scoring_system": "epss", "scoring_elements": "0.50707", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5283" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689", "reference_id": "1106689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106689" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749", "reference_id": "2368749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368749" }, { "reference_url": "https://issues.chromium.org/issues/419467315", "reference_id": "419467315", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://issues.chromium.org/issues/419467315" }, { "reference_url": "https://security.gentoo.org/glsa/202509-07", "reference_id": "GLSA-202509-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202509-07" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42", "reference_id": "mfsa2025-42", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-42" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43", "reference_id": "mfsa2025-43", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-43" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44", "reference_id": "mfsa2025-44", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-44" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45", "reference_id": "mfsa2025-45", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-45" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46", "reference_id": "mfsa2025-46", "reference_type": "", "scores": [ { "value": "critical", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-46" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8293", "reference_id": "RHSA-2025:8293", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8293" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8308", "reference_id": "RHSA-2025:8308", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8341", "reference_id": "RHSA-2025:8341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8598", "reference_id": "RHSA-2025:8598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8599", "reference_id": "RHSA-2025:8599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8607", "reference_id": "RHSA-2025:8607", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8608", "reference_id": "RHSA-2025:8608", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8608" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8628", "reference_id": "RHSA-2025:8628", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8628" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8629", "reference_id": "RHSA-2025:8629", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8630", "reference_id": "RHSA-2025:8630", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8631", "reference_id": "RHSA-2025:8631", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8631" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8642", "reference_id": "RHSA-2025:8642", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:8756", "reference_id": "RHSA-2025:8756", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:8756" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9071", "reference_id": "RHSA-2025:9071", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9071" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9072", "reference_id": "RHSA-2025:9072", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9072" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9073", "reference_id": "RHSA-2025:9073", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9073" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9074", "reference_id": "RHSA-2025:9074", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9074" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9075", "reference_id": "RHSA-2025:9075", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9075" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9076", "reference_id": "RHSA-2025:9076", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9076" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9077", "reference_id": "RHSA-2025:9077", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9118", "reference_id": "RHSA-2025:9118", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9118" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9119", "reference_id": "RHSA-2025:9119", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9119" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9120", "reference_id": "RHSA-2025:9120", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9120" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9122", "reference_id": "RHSA-2025:9122", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9123", "reference_id": "RHSA-2025:9123", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9123" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9124", "reference_id": "RHSA-2025:9124", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9124" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9125", "reference_id": "RHSA-2025:9125", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9125" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9126", "reference_id": "RHSA-2025:9126", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9126" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9127", "reference_id": "RHSA-2025:9127", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9127" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9128", "reference_id": "RHSA-2025:9128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9155", "reference_id": "RHSA-2025:9155", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9155" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9331", "reference_id": "RHSA-2025:9331", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:9331" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:25:59Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://usn.ubuntu.com/7551-1/", "reference_id": "USN-7551-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7551-1/" }, { "reference_url": "https://usn.ubuntu.com/7991-1/", "reference_id": "USN-7991-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7991-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5283" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-98mt-7srw-qfh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59090?format=api", "vulnerability_id": "VCID-997t-9tzj-nybs", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67561", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67583", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.72627", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.72644", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.72621", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.72609", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.72659", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00728", "scoring_system": "epss", "scoring_elements": "0.72617", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2627" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2627", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2627" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/41493290", "reference_id": "41493290", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:24Z/" } ], "url": "https://issues.chromium.org/issues/41493290" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:24Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2627" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-997t-9tzj-nybs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64309?format=api", "vulnerability_id": "VCID-9anz-7fns-xufe", "summary": "chromium-browser: Use after free in WebMCP", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29237", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29154", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30694", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30716", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3067", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3918" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446844", "reference_id": "2446844", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446844" }, { "reference_url": "https://issues.chromium.org/issues/483853103", "reference_id": "483853103", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T19:26:58Z/" } ], "url": "https://issues.chromium.org/issues/483853103" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T19:26:58Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3918" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9anz-7fns-xufe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59100?format=api", "vulnerability_id": "VCID-9bqq-9jac-33dj", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3156", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83928", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83951", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83958", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83973", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83967", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02075", "scoring_system": "epss", "scoring_elements": "0.83925", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3156" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3156", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3156" }, { "reference_url": "https://issues.chromium.org/issues/329130358", "reference_id": "329130358", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-19T17:41:58Z/" } ], "url": "https://issues.chromium.org/issues/329130358" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/", "reference_id": "EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-19T17:41:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-19T17:41:58Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3156" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9bqq-9jac-33dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47524?format=api", "vulnerability_id": "VCID-9cft-hfwj-zudh", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76556", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76516", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76541", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.7652", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76515", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76461", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.7649", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76472", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00962", "scoring_system": "epss", "scoring_elements": "0.76504", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7964" }, { "reference_url": "https://issues.chromium.org/issues/358296941", "reference_id": "358296941", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:21Z/" } ], "url": "https://issues.chromium.org/issues/358296941" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7964" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9cft-hfwj-zudh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350930?format=api", "vulnerability_id": "VCID-9d7w-89vj-m3gy", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5862.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5862.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5862" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456767", "reference_id": "2456767", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456767" }, { "reference_url": "https://issues.chromium.org/issues/470566252", "reference_id": "470566252", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:42Z/" } ], "url": "https://issues.chromium.org/issues/470566252" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:42Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5862" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9d7w-89vj-m3gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96502?format=api", "vulnerability_id": "VCID-9g5w-9vct-vybx", "summary": "Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54924", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1914" }, { "reference_url": "https://issues.chromium.org/issues/397731718", "reference_id": "397731718", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:21Z/" } ], "url": "https://issues.chromium.org/issues/397731718" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1914" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9g5w-9vct-vybx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34515?format=api", "vulnerability_id": "VCID-9hdr-ga11-auaf", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34539", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34565", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34526", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34502", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34624", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34492", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34534", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34563", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9132" }, { "reference_url": "https://issues.chromium.org/issues/436181695", "reference_id": "436181695", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-21T03:55:08Z/" } ], "url": "https://issues.chromium.org/issues/436181695" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-21T03:55:08Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-9132" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hdr-ga11-auaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95935?format=api", "vulnerability_id": "VCID-9hsy-7hey-gyfk", "summary": "Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97607", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97632", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97619", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97616", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.97611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.45835", "scoring_system": "epss", "scoring_elements": "0.9761", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1939" }, { "reference_url": "https://issues.chromium.org/issues/323694592", "reference_id": "323694592", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T20:30:53Z/" } ], "url": "https://issues.chromium.org/issues/323694592" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/", "reference_id": "FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T20:30:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/", "reference_id": "L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T20:30:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T20:30:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/", "reference_id": "YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T20:30:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1939" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9hsy-7hey-gyfk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96745?format=api", "vulnerability_id": "VCID-9jqr-s8fu-mfhu", "summary": "Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63644", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.6364", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63655", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63581", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63608", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63572", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00449", "scoring_system": "epss", "scoring_elements": "0.63623", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5068" }, { "reference_url": "https://issues.chromium.org/issues/409059706", "reference_id": "409059706", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-04T03:55:58Z/" } ], "url": "https://issues.chromium.org/issues/409059706" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-04T03:55:58Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5068" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9jqr-s8fu-mfhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96993?format=api", "vulnerability_id": "VCID-9knk-d9fx-5fhq", "summary": "Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1861", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08466", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08521", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08512", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08531", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08525", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10149", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10001", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1861" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1861", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1861" }, { "reference_url": "https://issues.chromium.org/issues/478942410", "reference_id": "478942410", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:56:09Z/" } ], "url": "https://issues.chromium.org/issues/478942410" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-04T04:56:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-1861" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9knk-d9fx-5fhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350984?format=api", "vulnerability_id": "VCID-9m6n-5q8f-duhk", "summary": "Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5918.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5918.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01838", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01843", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01858", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03395", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5918" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456804", "reference_id": "2456804", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456804" }, { "reference_url": "https://issues.chromium.org/issues/490139441", "reference_id": "490139441", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T14:31:29Z/" } ], "url": "https://issues.chromium.org/issues/490139441" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T14:31:29Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5918" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9m6n-5q8f-duhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63898?format=api", "vulnerability_id": "VCID-9p5u-1x3q-63dh", "summary": "chromium-browser: Use after free in Dawn", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5286.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5286.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5286", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22593", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2255", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23723", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23814", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2377", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23753", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5286" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5286", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5286" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453690", "reference_id": "2453690", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453690" }, { "reference_url": "https://issues.chromium.org/issues/493900619", "reference_id": "493900619", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:46:10Z/" } ], "url": "https://issues.chromium.org/issues/493900619" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:46:10Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5286" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9p5u-1x3q-63dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96758?format=api", "vulnerability_id": "VCID-9q9q-6hv9-zkfc", "summary": "Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43935", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43922", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43889", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43873", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.4392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43851", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43901", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00213", "scoring_system": "epss", "scoring_elements": "0.43904", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5281" }, { "reference_url": "https://issues.chromium.org/issues/417215501", "reference_id": "417215501", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:27:42Z/" } ], "url": "https://issues.chromium.org/issues/417215501" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:27:42Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5281" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9q9q-6hv9-zkfc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96408?format=api", "vulnerability_id": "VCID-9rar-cdb7-zfcu", "summary": "Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9965", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76184", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76144", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.7617", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76146", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76143", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76087", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76119", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76098", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00934", "scoring_system": "epss", "scoring_elements": "0.76131", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9965" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9965", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9965" }, { "reference_url": "https://issues.chromium.org/issues/352651673", "reference_id": "352651673", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-25T18:32:02Z/" } ], "url": "https://issues.chromium.org/issues/352651673" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-25T18:32:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9965" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9rar-cdb7-zfcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63905?format=api", "vulnerability_id": "VCID-9s6e-p69b-suep", "summary": "chromium-browser: Object corruption in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5279.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5279.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5279", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22593", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2255", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23723", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.238", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23814", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2377", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23682", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23753", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5279" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5279", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5279" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453697", "reference_id": "2453697", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453697" }, { "reference_url": "https://issues.chromium.org/issues/490642836", "reference_id": "490642836", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:38:37Z/" } ], "url": "https://issues.chromium.org/issues/490642836" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:38:37Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5279" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9s6e-p69b-suep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63904?format=api", "vulnerability_id": "VCID-9sbp-bp4k-23cn", "summary": "chromium-browser: Integer overflow in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5277.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5277.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19778", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24744", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24812", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24826", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24786", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24729", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24698", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24766", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5277" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453696", "reference_id": "2453696", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453696" }, { "reference_url": "https://issues.chromium.org/issues/489791424", "reference_id": "489791424", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:26:26Z/" } ], "url": "https://issues.chromium.org/issues/489791424" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:26:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5277" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9sbp-bp4k-23cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96947?format=api", "vulnerability_id": "VCID-9uq1-attd-6fg9", "summary": "Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8577", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18069", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18019", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17961", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8577" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8577", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8577" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8577" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9uq1-attd-6fg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64240?format=api", "vulnerability_id": "VCID-9wf6-sa3n-tbgp", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4457.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4457.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4457", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24132", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23997", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24068", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24086", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24042", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23986", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.2417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23955", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24023", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4457" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449409", "reference_id": "2449409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449409" }, { "reference_url": "https://issues.chromium.org/issues/488803413", "reference_id": "488803413", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:26Z/" } ], "url": "https://issues.chromium.org/issues/488803413" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4457" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9wf6-sa3n-tbgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34533?format=api", "vulnerability_id": "VCID-a57f-aj6e-5kf5", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11212", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25562", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25635", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2565", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25691", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25681", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25594", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26416", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2646", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29014", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11212" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11212", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11212" }, { "reference_url": "https://issues.chromium.org/issues/420734141", "reference_id": "420734141", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T15:00:48Z/" } ], "url": "https://issues.chromium.org/issues/420734141" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T15:00:48Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11212" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a57f-aj6e-5kf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47544?format=api", "vulnerability_id": "VCID-a6sr-d3nx-5bee", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8193", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73406", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73367", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73391", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73371", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73321", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73345", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73317", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00762", "scoring_system": "epss", "scoring_elements": "0.73354", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8193" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8193", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8193" }, { "reference_url": "https://issues.chromium.org/issues/360265320", "reference_id": "360265320", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-29T14:33:50Z/" } ], "url": "https://issues.chromium.org/issues/360265320" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-29T14:33:50Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8193" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a6sr-d3nx-5bee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59086?format=api", "vulnerability_id": "VCID-a9md-7mxf-kkdb", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2625", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71985", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.71981", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00701", "scoring_system": "epss", "scoring_elements": "0.72005", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00945", "scoring_system": "epss", "scoring_elements": "0.76317", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00945", "scoring_system": "epss", "scoring_elements": "0.76339", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00945", "scoring_system": "epss", "scoring_elements": "0.76312", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00945", "scoring_system": "epss", "scoring_elements": "0.76298", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00945", "scoring_system": "epss", "scoring_elements": "0.76353", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00945", "scoring_system": "epss", "scoring_elements": "0.76313", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2625" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2625", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2625" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:24:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/327740539", "reference_id": "327740539", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:24:07Z/" } ], "url": "https://issues.chromium.org/issues/327740539" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:24:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:24:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:24:07Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2625" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a9md-7mxf-kkdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51273?format=api", "vulnerability_id": "VCID-aav8-akje-f7d5", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22066", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22182", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22231", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22013", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22094", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22149", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22167", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22126", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22067", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0810" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0810", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0810" }, { "reference_url": "https://crbug.com/1496250", "reference_id": "1496250", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T15:36:11Z/" } ], "url": "https://crbug.com/1496250" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T15:36:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T15:36:11Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T15:36:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0810" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aav8-akje-f7d5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47287?format=api", "vulnerability_id": "VCID-aeyw-f9g1-eqhw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1920", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32016", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32109", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32148", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31971", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32023", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1920" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1920", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1920" }, { "reference_url": "https://issues.chromium.org/issues/398065918", "reference_id": "398065918", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:39Z/" } ], "url": "https://issues.chromium.org/issues/398065918" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:39Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1920" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aeyw-f9g1-eqhw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/75592?format=api", "vulnerability_id": "VCID-ag6k-6g3t-vqdx", "summary": "chromium-browser: another type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5274.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-5274.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03597", "scoring_system": "epss", "scoring_elements": "0.87782", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03597", "scoring_system": "epss", "scoring_elements": "0.87758", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03597", "scoring_system": "epss", "scoring_elements": "0.87764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03597", "scoring_system": "epss", "scoring_elements": "0.87775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03597", "scoring_system": "epss", "scoring_elements": "0.8777", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03597", "scoring_system": "epss", "scoring_elements": "0.87768", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03693", "scoring_system": "epss", "scoring_elements": "0.87908", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03693", "scoring_system": "epss", "scoring_elements": "0.87912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05662", "scoring_system": "epss", "scoring_elements": "0.90338", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283082", "reference_id": "2283082", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2283082" }, { "reference_url": "https://issues.chromium.org/issues/341663589", "reference_id": "341663589", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-29T14:18:13Z/" } ], "url": "https://issues.chromium.org/issues/341663589" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVC3FNI7HZLVSRIFBVUSBHI233DZYBKP/", "reference_id": "AVC3FNI7HZLVSRIFBVUSBHI233DZYBKP", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-29T14:18:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AVC3FNI7HZLVSRIFBVUSBHI233DZYBKP/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-29T14:18:13Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6IBUYVPD4MIFQNNYBGAPI5MOECWXXOB/", "reference_id": "T6IBUYVPD4MIFQNNYBGAPI5MOECWXXOB", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-29T14:18:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6IBUYVPD4MIFQNNYBGAPI5MOECWXXOB/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5274" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ag6k-6g3t-vqdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96710?format=api", "vulnerability_id": "VCID-agp5-s1r2-yygj", "summary": "Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30664", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30728", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30683", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30639", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30769", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30817", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30635", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30693", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30725", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4664" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4664", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4664" }, { "reference_url": "https://issues.chromium.org/issues/415810136", "reference_id": "415810136", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T19:18:35Z/" } ], "url": "https://issues.chromium.org/issues/415810136" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-05T19:18:35Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4664" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-agp5-s1r2-yygj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47517?format=api", "vulnerability_id": "VCID-aj3z-7kzy-j7e6", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08838", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08999", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08998", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08961", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08949", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08959", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0889", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08968", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7005" }, { "reference_url": "https://issues.chromium.org/issues/40068800", "reference_id": "40068800", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T16:11:24Z/" } ], "url": "https://issues.chromium.org/issues/40068800" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T16:11:24Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7005" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aj3z-7kzy-j7e6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47535?format=api", "vulnerability_id": "VCID-ajvh-4wcj-jqhc", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7976", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46503", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46442", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46465", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46436", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46446", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46417", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00235", "scoring_system": "epss", "scoring_elements": "0.46386", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7976" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7976", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7976" }, { "reference_url": "https://issues.chromium.org/issues/339654392", "reference_id": "339654392", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:22:52Z/" } ], "url": "https://issues.chromium.org/issues/339654392" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:22:52Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7976" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ajvh-4wcj-jqhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96424?format=api", "vulnerability_id": "VCID-akyq-kpr7-d3em", "summary": "Use after free in Navigation in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24663", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24748", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24707", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2465", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24847", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24619", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24688", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24736", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0997" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0997" }, { "reference_url": "https://issues.chromium.org/issues/391666328", "reference_id": "391666328", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:13:48Z/" } ], "url": "https://issues.chromium.org/issues/391666328" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T14:13:48Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0997" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-akyq-kpr7-d3em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51282?format=api", "vulnerability_id": "VCID-apvk-3qxe-23ga", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57668", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57689", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57665", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57719", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57722", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57738", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57717", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00353", "scoring_system": "epss", "scoring_elements": "0.57697", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1060" }, { "reference_url": "https://crbug.com/1511567", "reference_id": "1511567", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:29Z/" } ], "url": "https://crbug.com/1511567" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/", "reference_id": "NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/", "reference_id": "XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1060" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-apvk-3qxe-23ga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47291?format=api", "vulnerability_id": "VCID-ardf-c68e-mfbk", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2476", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94888", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94877", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94879", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94854", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94857", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.9486", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94869", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.16418", "scoring_system": "epss", "scoring_elements": "0.94873", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2476" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2476", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2476" }, { "reference_url": "https://issues.chromium.org/issues/401029609", "reference_id": "401029609", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-24T15:05:16Z/" } ], "url": "https://issues.chromium.org/issues/401029609" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-24T15:05:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-2476" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ardf-c68e-mfbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96131?format=api", "vulnerability_id": "VCID-as76-9ntp-y3bp", "summary": "Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57335", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57363", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57404", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57389", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57386", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00348", "scoring_system": "epss", "scoring_elements": "0.57358", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3837" }, { "reference_url": "https://issues.chromium.org/issues/41491379", "reference_id": "41491379", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://issues.chromium.org/issues/41491379" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T14:30:56Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3837" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-as76-9ntp-y3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64382?format=api", "vulnerability_id": "VCID-asbu-ze26-qqak", "summary": "chromium-browser: Integer overflow in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3536.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3536.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25072", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25141", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25156", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25061", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25028", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3536" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444613", "reference_id": "2444613", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444613" }, { "reference_url": "https://issues.chromium.org/issues/485622239", "reference_id": "485622239", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:55Z/" } ], "url": "https://issues.chromium.org/issues/485622239" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3536" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-asbu-ze26-qqak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66472?format=api", "vulnerability_id": "VCID-asqc-29nd-4qac", "summary": "chromium-browser: Inappropriate implementation in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7017.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7017.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7017", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23403", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23384", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24121", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34984", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.35011", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.3489", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34935", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34964", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34968", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7017" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7017", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7017" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414978", "reference_id": "2414978", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414978" }, { "reference_url": "https://issues.chromium.org/issues/338248595", "reference_id": "338248595", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-15T04:56:14Z/" } ], "url": "https://issues.chromium.org/issues/338248595" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-15T04:56:14Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7017" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-asqc-29nd-4qac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64222?format=api", "vulnerability_id": "VCID-aswt-va77-5ub8", "summary": "chromium-browser: Heap buffer overflow in CSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4442.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4442.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4442", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22388", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22433", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22304", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4442" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4442", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4442" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449383", "reference_id": "2449383", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449383" }, { "reference_url": "https://issues.chromium.org/issues/484751092", "reference_id": "484751092", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:09Z/" } ], "url": "https://issues.chromium.org/issues/484751092" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4442" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-aswt-va77-5ub8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47520?format=api", "vulnerability_id": "VCID-au3p-7kzq-m3am", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66225", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66245", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66232", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66201", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66194", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66163", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00505", "scoring_system": "epss", "scoring_elements": "0.66212", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7534" }, { "reference_url": "https://issues.chromium.org/issues/352467338", "reference_id": "352467338", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T20:36:45Z/" } ], "url": "https://issues.chromium.org/issues/352467338" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T20:36:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7534" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-au3p-7kzq-m3am" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96417?format=api", "vulnerability_id": "VCID-avte-yqw4-3ufz", "summary": "Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0612", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.6344", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63466", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63432", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63483", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63502", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75045", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00861", "scoring_system": "epss", "scoring_elements": "0.75082", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0612" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0612", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0612" }, { "reference_url": "https://issues.chromium.org/issues/385155406", "reference_id": "385155406", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T19:57:28Z/" } ], "url": "https://issues.chromium.org/issues/385155406" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T19:57:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0612" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-avte-yqw4-3ufz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96675?format=api", "vulnerability_id": "VCID-b1jg-wapn-efb2", "summary": "Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4052", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41398", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.414", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41369", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41366", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41395", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41322", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41372", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4138", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4052" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4052", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4052" }, { "reference_url": "https://issues.chromium.org/issues/401927528", "reference_id": "401927528", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-06T13:47:54Z/" } ], "url": "https://issues.chromium.org/issues/401927528" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-06T13:47:54Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4052" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1jg-wapn-efb2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64322?format=api", "vulnerability_id": "VCID-b1xu-ym1u-akf7", "summary": "chromium-browser: Insufficient policy enforcement in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3940.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3940.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3940", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06918", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07751", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3940" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3940", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3940" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446860", "reference_id": "2446860", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446860" }, { "reference_url": "https://issues.chromium.org/issues/470574526", "reference_id": "470574526", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:20:09Z/" } ], "url": "https://issues.chromium.org/issues/470574526" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:20:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3940" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b1xu-ym1u-akf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47502?format=api", "vulnerability_id": "VCID-b671-bvpf-1qbz", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6293", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.5484", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54791", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54784", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54835", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54842", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54825", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00317", "scoring_system": "epss", "scoring_elements": "0.54802", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6293" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6293", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6293" }, { "reference_url": "https://issues.chromium.org/issues/345993680", "reference_id": "345993680", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:32Z/" } ], "url": "https://issues.chromium.org/issues/345993680" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:32Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/", "reference_id": "T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/", "reference_id": "WHV5WTU27YOIBIM2CON42SHWY6J2HPRS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6293" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b671-bvpf-1qbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350985?format=api", "vulnerability_id": "VCID-b7tk-q4qp-tfbk", "summary": "Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05356", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05364", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05376", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11086", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5919" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456758", "reference_id": "2456758", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456758" }, { "reference_url": "https://issues.chromium.org/issues/483423893", "reference_id": "483423893", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T14:22:34Z/" } ], "url": "https://issues.chromium.org/issues/483423893" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T14:22:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5919" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b7tk-q4qp-tfbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47283?format=api", "vulnerability_id": "VCID-bem9-ezts-n3b2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0447", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70372", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.7034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70378", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0447" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0447", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0447" }, { "reference_url": "https://issues.chromium.org/issues/375550814", "reference_id": "375550814", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:26:16Z/" } ], "url": "https://issues.chromium.org/issues/375550814" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:26:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0447" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bem9-ezts-n3b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66473?format=api", "vulnerability_id": "VCID-bgf9-7m1a-53gh", "summary": "chromium-browser: Inappropriate implementation in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13097.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13097.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13097", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08331", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08438", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0879", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20756", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20687", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20607", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20666", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20814", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13097" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13097", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13097" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414972", "reference_id": "2414972", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414972" }, { "reference_url": "https://issues.chromium.org/issues/402791076", "reference_id": "402791076", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T14:44:10Z/" } ], "url": "https://issues.chromium.org/issues/402791076" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T14:44:10Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13097" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgf9-7m1a-53gh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47512?format=api", "vulnerability_id": "VCID-bhvu-xcx2-67fm", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7000", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49068", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49031", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49028", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49045", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49018", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48996", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.49024", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00256", "scoring_system": "epss", "scoring_elements": "0.48978", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7000" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7000" }, { "reference_url": "https://issues.chromium.org/issues/339877158", "reference_id": "339877158", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:56:12Z/" } ], "url": "https://issues.chromium.org/issues/339877158" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:56:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7000" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bhvu-xcx2-67fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96365?format=api", "vulnerability_id": "VCID-bjbc-v44f-rfbd", "summary": "Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7022", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42337", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42326", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42354", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42296", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42344", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42351", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00202", "scoring_system": "epss", "scoring_elements": "0.42374", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7022" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7022", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7022" }, { "reference_url": "https://issues.chromium.org/issues/324690505", "reference_id": "324690505", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T17:52:17Z/" } ], "url": "https://issues.chromium.org/issues/324690505" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7022" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bjbc-v44f-rfbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96478?format=api", "vulnerability_id": "VCID-bkuk-5beb-vfdh", "summary": "Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13634", "reference_id": "", "reference_type": "", "scores": [ { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00445", "published_at": "2026-04-02T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00806", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00825", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00822", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00811", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00805", "published_at": "2026-04-12T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0082", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13634" }, { "reference_url": "https://issues.chromium.org/issues/429140219", "reference_id": "429140219", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:49:06Z/" } ], "url": "https://issues.chromium.org/issues/429140219" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:49:06Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13634" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bkuk-5beb-vfdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64311?format=api", "vulnerability_id": "VCID-bmy7-3q2y-kycp", "summary": "chromium-browser: Heap buffer overflow in WebML", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3913.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3913.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3913", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22058", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22194", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2349", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2353", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23476", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3913" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3913", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3913" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446846", "reference_id": "2446846", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446846" }, { "reference_url": "https://issues.chromium.org/issues/483445078", "reference_id": "483445078", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T12:55:05Z/" } ], "url": "https://issues.chromium.org/issues/483445078" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T12:55:05Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3913" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bmy7-3q2y-kycp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96102?format=api", "vulnerability_id": "VCID-bpey-jwmy-hbcx", "summary": "Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.6839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68312", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68331", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68308", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68359", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68375", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68396", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00563", "scoring_system": "epss", "scoring_elements": "0.68357", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3516" }, { "reference_url": "https://issues.chromium.org/issues/328859176", "reference_id": "328859176", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:10Z/" } ], "url": "https://issues.chromium.org/issues/328859176" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/", "reference_id": "5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/", "reference_id": "EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/", "reference_id": "NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:10Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3516" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bpey-jwmy-hbcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59075?format=api", "vulnerability_id": "VCID-bsuh-szcs-rbhr", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.6987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69779", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69795", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69771", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69819", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69834", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69843", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69828", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1673" }, { "reference_url": "https://issues.chromium.org/issues/41490491", "reference_id": "41490491", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:02:55Z/" } ], "url": "https://issues.chromium.org/issues/41490491" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:02:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:02:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:02:55Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1673" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsuh-szcs-rbhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47271?format=api", "vulnerability_id": "VCID-btba-bmrd-hbhc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37297", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37263", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37235", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37367", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37393", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37273", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00163", "scoring_system": "epss", "scoring_elements": "0.37286", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0435" }, { "reference_url": "https://issues.chromium.org/issues/379652406", "reference_id": "379652406", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:51:47Z/" } ], "url": "https://issues.chromium.org/issues/379652406" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:51:47Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0435" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-btba-bmrd-hbhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96703?format=api", "vulnerability_id": "VCID-bzqm-cncx-rydw", "summary": "Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07629", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07733", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07719", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07703", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07644", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07686", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07656", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07715", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07734", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4609" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4609", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4609" }, { "reference_url": "https://issues.chromium.org/issues/412578726", "reference_id": "412578726", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-25T12:17:52Z/" } ], "url": "https://issues.chromium.org/issues/412578726" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-25T12:17:52Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4609" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bzqm-cncx-rydw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64220?format=api", "vulnerability_id": "VCID-c1e8-q9p1-9yc1", "summary": "chromium-browser: Out of bounds read in Blink", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4462.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4462.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4462", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23728", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23757", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4462" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4462", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4462" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449381", "reference_id": "2449381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449381" }, { "reference_url": "https://issues.chromium.org/issues/491080830", "reference_id": "491080830", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:16:57Z/" } ], "url": "https://issues.chromium.org/issues/491080830" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:16:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4462" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c1e8-q9p1-9yc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96506?format=api", "vulnerability_id": "VCID-c4ah-r5g9-rkbw", "summary": "Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54924", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1918" }, { "reference_url": "https://issues.chromium.org/issues/388557904", "reference_id": "388557904", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:12Z/" } ], "url": "https://issues.chromium.org/issues/388557904" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:12Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1918" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ah-r5g9-rkbw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96427?format=api", "vulnerability_id": "VCID-c4ds-sg5r-gbbv", "summary": "Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10200", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24206", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24169", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25165", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26014", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.2591", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25969", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25884", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25953", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26004", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10200" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10200", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10200" }, { "reference_url": "https://issues.chromium.org/issues/440454442", "reference_id": "440454442", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-11T03:56:30Z/" } ], "url": "https://issues.chromium.org/issues/440454442" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html", "reference_id": "stable-channel-update-for-desktop_9.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-11T03:56:30Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_9.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10200" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4ds-sg5r-gbbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47530?format=api", "vulnerability_id": "VCID-c53f-mhak-hqf3", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7971.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-7971.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7971", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77064", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77054", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77082", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77096", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77106", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01011", "scoring_system": "epss", "scoring_elements": "0.77134", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01452", "scoring_system": "epss", "scoring_elements": "0.80792", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01452", "scoring_system": "epss", "scoring_elements": "0.808", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01452", "scoring_system": "epss", "scoring_elements": "0.80829", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7971" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307092", "reference_id": "2307092", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2307092" }, { "reference_url": "https://issues.chromium.org/issues/360700873", "reference_id": "360700873", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-26T14:07:05Z/" } ], "url": "https://issues.chromium.org/issues/360700873" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-08-26T14:07:05Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7971" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c53f-mhak-hqf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96363?format=api", "vulnerability_id": "VCID-c61j-p3uq-43bx", "summary": "Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7019", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3107", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31038", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31034", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3112", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31127", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7019" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7019", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7019" }, { "reference_url": "https://issues.chromium.org/issues/41494315", "reference_id": "41494315", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T18:33:48Z/" } ], "url": "https://issues.chromium.org/issues/41494315" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7019" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c61j-p3uq-43bx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350953?format=api", "vulnerability_id": "VCID-c67h-3ect-6bf3", "summary": "Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13181", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13142", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13091", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00044", "scoring_system": "epss", "scoring_elements": "0.13252", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5885" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456750", "reference_id": "2456750", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456750" }, { "reference_url": "https://issues.chromium.org/issues/485203823", "reference_id": "485203823", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:57:57Z/" } ], "url": "https://issues.chromium.org/issues/485203823" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:57:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5885" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c67h-3ect-6bf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350931?format=api", "vulnerability_id": "VCID-c6en-brtw-37h9", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5863.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5863.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5863", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5863" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5863", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5863" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456797", "reference_id": "2456797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456797" }, { "reference_url": "https://issues.chromium.org/issues/484527367", "reference_id": "484527367", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:43Z/" } ], "url": "https://issues.chromium.org/issues/484527367" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5863" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c6en-brtw-37h9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64650?format=api", "vulnerability_id": "VCID-c8hg-hgtq-qqb1", "summary": "chromium-browser: Inappropriate implementation in WebGPU", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2315.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2315.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2315", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09148", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09087", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09206", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09234", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09237", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09191", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09201", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09125", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2315" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2315", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2315" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439071", "reference_id": "2439071", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439071" }, { "reference_url": "https://issues.chromium.org/issues/479242793", "reference_id": "479242793", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:21Z/" } ], "url": "https://issues.chromium.org/issues/479242793" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2315" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c8hg-hgtq-qqb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47532?format=api", "vulnerability_id": "VCID-c91w-zmj5-pfa4", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7973", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59785", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59762", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59781", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59766", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59747", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59727", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59697", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59749", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7973" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7973", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7973" }, { "reference_url": "https://issues.chromium.org/issues/345518608", "reference_id": "345518608", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T14:08:10Z/" } ], "url": "https://issues.chromium.org/issues/345518608" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T14:08:10Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7973" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c91w-zmj5-pfa4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51269?format=api", "vulnerability_id": "VCID-cauw-99m8-xygg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.4871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48632", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48653", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48606", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.4866", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48657", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48674", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00253", "scoring_system": "epss", "scoring_elements": "0.48661", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0807" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0807", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0807" }, { "reference_url": "https://crbug.com/1505080", "reference_id": "1505080", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:18Z/" } ], "url": "https://crbug.com/1505080" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:18Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-06T05:00:18Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0807" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cauw-99m8-xygg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59102?format=api", "vulnerability_id": "VCID-cbcv-2prm-rygz", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90982", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90932", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90943", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90949", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90958", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90959", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90957", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90911", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06301", "scoring_system": "epss", "scoring_elements": "0.90921", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3159" }, { "reference_url": "https://issues.chromium.org/issues/330760873", "reference_id": "330760873", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-11T04:01:32Z/" } ], "url": "https://issues.chromium.org/issues/330760873" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/", "reference_id": "EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-11T04:01:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-11T04:01:32Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3159" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cbcv-2prm-rygz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47276?format=api", "vulnerability_id": "VCID-cdq2-f4zx-sqd3", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24386", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2437", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24525", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2456", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24342", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24411", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24456", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0439" }, { "reference_url": "https://issues.chromium.org/issues/371247941", "reference_id": "371247941", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:43:04Z/" } ], "url": "https://issues.chromium.org/issues/371247941" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:43:04Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0439" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cdq2-f4zx-sqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59083?format=api", "vulnerability_id": "VCID-cfav-qfak-gyc6", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76484", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.764", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76432", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76445", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76471", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76449", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76444", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76389", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00957", "scoring_system": "epss", "scoring_elements": "0.76418", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2176" }, { "reference_url": "https://issues.chromium.org/issues/325936438", "reference_id": "325936438", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T20:51:42Z/" } ], "url": "https://issues.chromium.org/issues/325936438" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/", "reference_id": "OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T20:51:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-08T20:51:42Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2176" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cfav-qfak-gyc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350936?format=api", "vulnerability_id": "VCID-cfss-kmk3-1uht", "summary": "Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5868.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5868.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5868", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10254", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10213", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25675", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5868" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5868", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5868" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456737", "reference_id": "2456737", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456737" }, { "reference_url": "https://issues.chromium.org/issues/493256564", "reference_id": "493256564", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:50Z/" } ], "url": "https://issues.chromium.org/issues/493256564" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:50Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5868" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cfss-kmk3-1uht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47542?format=api", "vulnerability_id": "VCID-ch88-wze3-vkht", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.5879", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58777", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58796", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58778", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58758", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.5873", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58751", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.58718", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00368", "scoring_system": "epss", "scoring_elements": "0.5877", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8034" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8034", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8034" }, { "reference_url": "https://issues.chromium.org/issues/353858776", "reference_id": "353858776", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:40:49Z/" } ], "url": "https://issues.chromium.org/issues/353858776" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T16:40:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8034" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ch88-wze3-vkht" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34512?format=api", "vulnerability_id": "VCID-chwf-3ees-vucx", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06192", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06249", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06244", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06234", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06164", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06195", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06177", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0622", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06258", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8881" }, { "reference_url": "https://issues.chromium.org/issues/433800617", "reference_id": "433800617", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:37:55Z/" } ], "url": "https://issues.chromium.org/issues/433800617" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:37:55Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8881" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-chwf-3ees-vucx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96341?format=api", "vulnerability_id": "VCID-ck56-wn1x-xyeq", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6101", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57162", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57208", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57227", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57215", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57213", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00346", "scoring_system": "epss", "scoring_elements": "0.57185", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64834", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64796", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6101" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6101", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6101" }, { "reference_url": "https://issues.chromium.org/issues/343748812", "reference_id": "343748812", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:53Z/" } ], "url": "https://issues.chromium.org/issues/343748812" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/", "reference_id": "6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/", "reference_id": "U5NRNCEYS246CYGOR32MF7OGKWOWER22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6101" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ck56-wn1x-xyeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47505?format=api", "vulnerability_id": "VCID-ck94-13us-pbhd", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6991", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65114", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65098", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65117", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65078", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65046", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65072", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65035", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65084", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6991" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6991", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6991" }, { "reference_url": "https://issues.chromium.org/issues/346618785", "reference_id": "346618785", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:57:06Z/" } ], "url": "https://issues.chromium.org/issues/346618785" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:57:06Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6991" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ck94-13us-pbhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96939?format=api", "vulnerability_id": "VCID-cnvn-bkhg-a3dw", "summary": "Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7657", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16908", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17032", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17124", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16955", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17045", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17103", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-7657" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7657", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7657" }, { "reference_url": "https://issues.chromium.org/issues/427681143", "reference_id": "427681143", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:06Z/" } ], "url": "https://issues.chromium.org/issues/427681143" }, { "reference_url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:06Z/" } ], "url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-7657" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cnvn-bkhg-a3dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96508?format=api", "vulnerability_id": "VCID-crkt-7ueh-dbau", "summary": "Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26562", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26343", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26412", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32002", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32036", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36099", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1921" }, { "reference_url": "https://issues.chromium.org/issues/387583503", "reference_id": "387583503", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:23:59Z/" } ], "url": "https://issues.chromium.org/issues/387583503" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:23:59Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1921" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-crkt-7ueh-dbau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47281?format=api", "vulnerability_id": "VCID-cw13-y3s5-d7cg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70415", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70387", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70372", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.7034", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70318", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70363", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00634", "scoring_system": "epss", "scoring_elements": "0.70378", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0443" }, { "reference_url": "https://issues.chromium.org/issues/376625003", "reference_id": "376625003", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:30:28Z/" } ], "url": "https://issues.chromium.org/issues/376625003" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:30:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0443" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cw13-y3s5-d7cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59073?format=api", "vulnerability_id": "VCID-cwa7-2web-w7b2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1671", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23023", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23123", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23167", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22958", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23031", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23084", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23067", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23011", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1671" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1671", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1671" }, { "reference_url": "https://issues.chromium.org/issues/41487933", "reference_id": "41487933", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:32:23Z/" } ], "url": "https://issues.chromium.org/issues/41487933" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:32:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:32:23Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-21T20:32:23Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1671" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwa7-2web-w7b2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96953?format=api", "vulnerability_id": "VCID-cwab-m23u-n7at", "summary": "Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8583", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14093", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14148", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.13956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14038", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14091", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00046", "scoring_system": "epss", "scoring_elements": "0.14035", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15275", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1534", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15189", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8583" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8583", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8583" }, { "reference_url": "https://issues.chromium.org/issues/373794472", "reference_id": "373794472", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:18:15Z/" } ], "url": "https://issues.chromium.org/issues/373794472" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:18:15Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8583" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwab-m23u-n7at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47468?format=api", "vulnerability_id": "VCID-cwf5-rgck-rbbt", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4058", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.91003", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.90942", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.90952", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.90963", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.9097", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.90978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.90979", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06327", "scoring_system": "epss", "scoring_elements": "0.90933", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4058" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4058", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4058" }, { "reference_url": "https://issues.chromium.org/issues/332546345", "reference_id": "332546345", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T15:03:12Z/" } ], "url": "https://issues.chromium.org/issues/332546345" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T15:03:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T15:03:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4058" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwf5-rgck-rbbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64318?format=api", "vulnerability_id": "VCID-cwjd-k7er-aqgb", "summary": "chromium-browser: Out of bounds read in Web Speech", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3916.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3916.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23505", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23576", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24931", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24972", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24918", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3916" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446854", "reference_id": "2446854", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446854" }, { "reference_url": "https://issues.chromium.org/issues/482828615", "reference_id": "482828615", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T19:25:27Z/" } ], "url": "https://issues.chromium.org/issues/482828615" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T19:25:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3916" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cwjd-k7er-aqgb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47494?format=api", "vulnerability_id": "VCID-cxn7-3nw9-rbh7", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30988", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31136", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30953", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.3101", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31039", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31046", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.31002", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0012", "scoring_system": "epss", "scoring_elements": "0.30957", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5843" }, { "reference_url": "https://issues.chromium.org/issues/333940412", "reference_id": "333940412", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:02Z/" } ], "url": "https://issues.chromium.org/issues/333940412" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:56:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5843" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cxn7-3nw9-rbh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96358?format=api", "vulnerability_id": "VCID-czw8-8fdh-eka1", "summary": "Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6779", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69104", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69086", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69109", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69065", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69016", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69036", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69017", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00585", "scoring_system": "epss", "scoring_elements": "0.69067", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6779" }, { "reference_url": "https://issues.chromium.org/issues/351327767", "reference_id": "351327767", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:51Z/" } ], "url": "https://issues.chromium.org/issues/351327767" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:51Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6779" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-czw8-8fdh-eka1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96133?format=api", "vulnerability_id": "VCID-d4gt-rndb-wbat", "summary": "Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41603", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41556", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4157", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41596", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41523", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41573", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41582", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3839" }, { "reference_url": "https://issues.chromium.org/issues/41491859", "reference_id": "41491859", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://issues.chromium.org/issues/41491859" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-23T18:56:16Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3839" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d4gt-rndb-wbat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350946?format=api", "vulnerability_id": "VCID-dah7-rev6-jffr", "summary": "Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5878.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5878.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5878", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07954", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5878" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456761", "reference_id": "2456761", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456761" }, { "reference_url": "https://issues.chromium.org/issues/365089001", "reference_id": "365089001", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:53:53Z/" } ], "url": "https://issues.chromium.org/issues/365089001" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:53:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5878" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dah7-rev6-jffr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34519?format=api", "vulnerability_id": "VCID-dak5-5nct-kfhs", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35998", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36022", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35984", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35958", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36077", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36107", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.35993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00153", "scoring_system": "epss", "scoring_elements": "0.36015", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10500" }, { "reference_url": "https://issues.chromium.org/issues/435875050", "reference_id": "435875050", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-25T03:55:52Z/" } ], "url": "https://issues.chromium.org/issues/435875050" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-25T03:55:52Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10500" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dak5-5nct-kfhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350957?format=api", "vulnerability_id": "VCID-dcdp-y63b-kkde", "summary": "Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs via a brute-force attack. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5889.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5889.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5889", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00421", "published_at": "2026-04-16T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00754", "published_at": "2026-04-12T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00759", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5889" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5889", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5889" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456774", "reference_id": "2456774", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456774" }, { "reference_url": "https://issues.chromium.org/issues/486906037", "reference_id": "486906037", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:17:44Z/" } ], "url": "https://issues.chromium.org/issues/486906037" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:17:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5889" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dcdp-y63b-kkde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66592?format=api", "vulnerability_id": "VCID-ddbh-27cx-s7dw", "summary": "chromium-browser: Inappropriate implementation in App-Bound Encryption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12439.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12439.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12439", "reference_id": "", "reference_type": "", "scores": [ { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00065", "published_at": "2026-04-04T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.0006", "published_at": "2026-04-16T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00064", "published_at": "2026-04-08T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00059", "published_at": "2026-04-09T12:55:00Z" }, { "value": "3e-05", "scoring_system": "epss", "scoring_elements": "0.00061", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12439" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413865", "reference_id": "2413865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413865" }, { "reference_url": "https://issues.chromium.org/issues/382234536", "reference_id": "382234536", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:00:53Z/" } ], "url": "https://issues.chromium.org/issues/382234536" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:00:53Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12439" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddbh-27cx-s7dw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96504?format=api", "vulnerability_id": "VCID-ddbx-2xsp-b3ek", "summary": "Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1916", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26411", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26402", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36453", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37599", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37695", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.3765", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37663", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37676", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.3772", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1916" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1916", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1916" }, { "reference_url": "https://issues.chromium.org/issues/376493203", "reference_id": "376493203", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:14Z/" } ], "url": "https://issues.chromium.org/issues/376493203" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:14Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1916" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ddbx-2xsp-b3ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47514?format=api", "vulnerability_id": "VCID-dm1v-u4c8-f7ck", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7003", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15819", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15925", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15887", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15742", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19866", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19948", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20005", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19813", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7003" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7003" }, { "reference_url": "https://issues.chromium.org/issues/338233148", "reference_id": "338233148", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T18:37:46Z/" } ], "url": "https://issues.chromium.org/issues/338233148" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T18:37:46Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7003" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dm1v-u4c8-f7ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350937?format=api", "vulnerability_id": "VCID-dm39-2c62-7bb6", "summary": "Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5869.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5869.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0813", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08481", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16984", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16924", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5869" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456777", "reference_id": "2456777", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456777" }, { "reference_url": "https://issues.chromium.org/issues/493708165", "reference_id": "493708165", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T13:44:57Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:39:36Z/" } ], "url": "https://issues.chromium.org/issues/493708165" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:39:36Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T13:44:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5869" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dm39-2c62-7bb6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96008?format=api", "vulnerability_id": "VCID-dmdh-urc6-hyaz", "summary": "Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37723", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37688", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37641", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37704", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3769", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37677", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37625", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37748", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2631" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:23:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/41495878", "reference_id": "41495878", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:23:35Z/" } ], "url": "https://issues.chromium.org/issues/41495878" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:23:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:23:35Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:23:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2631" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dmdh-urc6-hyaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96353?format=api", "vulnerability_id": "VCID-dnjz-ad9c-tye8", "summary": "Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6774", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59199", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.5918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.592", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59183", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59164", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59129", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59152", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59116", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00375", "scoring_system": "epss", "scoring_elements": "0.59167", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6774" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6774", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6774" }, { "reference_url": "https://issues.chromium.org/issues/346898524", "reference_id": "346898524", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:46Z/" } ], "url": "https://issues.chromium.org/issues/346898524" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:46Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6774" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dnjz-ad9c-tye8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47499?format=api", "vulnerability_id": "VCID-dpnh-vhy1-4ucf", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6290", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.6263", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.6254", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62572", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62538", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62588", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62605", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62623", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00431", "scoring_system": "epss", "scoring_elements": "0.62612", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6290" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6290", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6290" }, { "reference_url": "https://issues.chromium.org/issues/342428008", "reference_id": "342428008", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:29Z/" } ], "url": "https://issues.chromium.org/issues/342428008" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/", "reference_id": "T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/", "reference_id": "WHV5WTU27YOIBIM2CON42SHWY6J2HPRS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6290" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dpnh-vhy1-4ucf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47478?format=api", "vulnerability_id": "VCID-dujg-8zc9-53ek", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5830", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90878", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90807", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.9083", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90841", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90856", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06188", "scoring_system": "epss", "scoring_elements": "0.90854", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5830" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5830", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5830" }, { "reference_url": "https://issues.chromium.org/issues/342456991", "reference_id": "342456991", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T03:55:42Z/" } ], "url": "https://issues.chromium.org/issues/342456991" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T03:55:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T03:55:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T03:55:42Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5830" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dujg-8zc9-53ek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350947?format=api", "vulnerability_id": "VCID-dvc2-qesm-jkd5", "summary": "Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5879.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5879.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15502", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35308", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5879" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456779", "reference_id": "2456779", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456779" }, { "reference_url": "https://issues.chromium.org/issues/40073848", "reference_id": "40073848", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:57Z/" } ], "url": "https://issues.chromium.org/issues/40073848" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5879" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvc2-qesm-jkd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59101?format=api", "vulnerability_id": "VCID-dvgp-y1pz-1ff8", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3158", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80658", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80596", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80634", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.8065", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80637", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80629", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80582", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01427", "scoring_system": "epss", "scoring_elements": "0.80604", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3158" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3158", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3158" }, { "reference_url": "https://issues.chromium.org/issues/329965696", "reference_id": "329965696", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:33Z/" } ], "url": "https://issues.chromium.org/issues/329965696" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/", "reference_id": "EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-11T04:01:33Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3158" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvgp-y1pz-1ff8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47266?format=api", "vulnerability_id": "VCID-dvuw-89yr-h7hc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12693", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85255", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85269", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85267", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85264", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85204", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85222", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85224", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02469", "scoring_system": "epss", "scoring_elements": "0.85246", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12693" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12693", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12693" }, { "reference_url": "https://issues.chromium.org/issues/382190919", "reference_id": "382190919", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:44Z/" } ], "url": "https://issues.chromium.org/issues/382190919" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12693" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvuw-89yr-h7hc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350979?format=api", "vulnerability_id": "VCID-dwqg-vuy2-2uhe", "summary": "Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5911.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5911.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07353", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07366", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09688", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5911" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456810", "reference_id": "2456810", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456810" }, { "reference_url": "https://issues.chromium.org/issues/485785246", "reference_id": "485785246", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:07:13Z/" } ], "url": "https://issues.chromium.org/issues/485785246" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:07:13Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5911" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dwqg-vuy2-2uhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64383?format=api", "vulnerability_id": "VCID-dyzh-rwzx-mkgx", "summary": "chromium-browser: Insufficient data validation in Navigation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3545.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3545.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3545", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30504", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30457", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32042", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32076", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32041", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32008", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31995", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32047", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3545" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3545", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3545" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444615", "reference_id": "2444615", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444615" }, { "reference_url": "https://issues.chromium.org/issues/487383169", "reference_id": "487383169", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T14:09:31Z/" } ], "url": "https://issues.chromium.org/issues/487383169" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T14:09:31Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3545" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dyzh-rwzx-mkgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96075?format=api", "vulnerability_id": "VCID-e2xh-b12b-g3hr", "summary": "Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3168", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79716", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79689", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.7971", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79694", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79688", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79645", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79667", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79653", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01295", "scoring_system": "epss", "scoring_elements": "0.79682", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3168" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3168", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3168" }, { "reference_url": "https://issues.chromium.org/issues/323813642", "reference_id": "323813642", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T14:58:53Z/" } ], "url": "https://issues.chromium.org/issues/323813642" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-17T14:58:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3168" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e2xh-b12b-g3hr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66594?format=api", "vulnerability_id": "VCID-e3br-r15s-bqee", "summary": "chromium-browser: Use after free in Ozone", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12438.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12438.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25235", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25309", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25278", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25225", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26087", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25853", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25922", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26045", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12438" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413868", "reference_id": "2413868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413868" }, { "reference_url": "https://issues.chromium.org/issues/433027577", "reference_id": "433027577", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:42Z/" } ], "url": "https://issues.chromium.org/issues/433027577" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:42Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12438" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3br-r15s-bqee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47270?format=api", "vulnerability_id": "VCID-e54n-ssfq-9ya6", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.6315", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63152", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63138", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63116", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63073", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63102", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63066", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63118", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63135", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0434" }, { "reference_url": "https://issues.chromium.org/issues/374627491", "reference_id": "374627491", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:53:27Z/" } ], "url": "https://issues.chromium.org/issues/374627491" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-15T14:53:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0434" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e54n-ssfq-9ya6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47290?format=api", "vulnerability_id": "VCID-e6py-jm3k-a3ck", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27633", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27725", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27682", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.2782", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27611", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27678", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27721", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2137" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2137", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2137" }, { "reference_url": "https://issues.chromium.org/issues/398999390", "reference_id": "398999390", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:38Z/" } ], "url": "https://issues.chromium.org/issues/398999390" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:38Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-2137" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e6py-jm3k-a3ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47554?format=api", "vulnerability_id": "VCID-e8cj-guq1-2uar", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39838", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39805", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39788", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39818", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39842", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39762", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39817", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9123" }, { "reference_url": "https://issues.chromium.org/issues/365884464", "reference_id": "365884464", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T03:55:49Z/" } ], "url": "https://issues.chromium.org/issues/365884464" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T03:55:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9123" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8cj-guq1-2uar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64232?format=api", "vulnerability_id": "VCID-e8mr-b3wv-gufm", "summary": "chromium-browser: Use after free in Blink", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4449.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4449.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29253", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29279", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29404", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29282", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4449" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449397", "reference_id": "2449397", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449397" }, { "reference_url": "https://issues.chromium.org/issues/487117772", "reference_id": "487117772", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:43Z/" } ], "url": "https://issues.chromium.org/issues/487117772" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:43Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4449" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e8mr-b3wv-gufm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64443?format=api", "vulnerability_id": "VCID-e9zy-fjs9-kbeq", "summary": "chromium-browser: Out of bounds read and write in Tint", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3062.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3062.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08646", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08671", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08655", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08574", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3062" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442071", "reference_id": "2442071", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442071" }, { "reference_url": "https://issues.chromium.org/issues/483751167", "reference_id": "483751167", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:31Z/" } ], "url": "https://issues.chromium.org/issues/483751167" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:31Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3062" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9zy-fjs9-kbeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68965?format=api", "vulnerability_id": "VCID-edca-yux6-hfg2", "summary": "chromium: Chrome V8 Type Confusion Read/Write", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6554.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6554.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6554", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76138", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76237", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76196", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76221", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76197", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76195", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.7617", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.7615", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00937", "scoring_system": "epss", "scoring_elements": "0.76183", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6554" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6554", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6554" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375684", "reference_id": "2375684", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2375684" }, { "reference_url": "https://issues.chromium.org/issues/427663123", "reference_id": "427663123", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-17T03:55:36Z/" } ], "url": "https://issues.chromium.org/issues/427663123" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-17T03:55:36Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6554" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-edca-yux6-hfg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47484?format=api", "vulnerability_id": "VCID-eeq5-gjbb-wyet", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5835", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27543", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27691", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.2773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.2752", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27588", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27631", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27636", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27591", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00099", "scoring_system": "epss", "scoring_elements": "0.27534", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5835" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5835", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5835" }, { "reference_url": "https://issues.chromium.org/issues/341991535", "reference_id": "341991535", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:20Z/" } ], "url": "https://issues.chromium.org/issues/341991535" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:20Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:20Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5835" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eeq5-gjbb-wyet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96985?format=api", "vulnerability_id": "VCID-eg1s-nqjw-b3f6", "summary": "Incorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31936", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32063", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31977", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0906" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0906", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0906" }, { "reference_url": "https://issues.chromium.org/issues/467448811", "reference_id": "467448811", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-20T14:38:21Z/" } ], "url": "https://issues.chromium.org/issues/467448811" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-20T14:38:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0906" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eg1s-nqjw-b3f6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64126?format=api", "vulnerability_id": "VCID-ehkc-zgaa-23fy", "summary": "chromium-browser: Out of bounds read in CSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4674.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24875", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24917", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24862", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25055", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24897", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450567", "reference_id": "2450567", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450567" }, { "reference_url": "https://issues.chromium.org/issues/488188166", "reference_id": "488188166", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:38Z/" } ], "url": "https://issues.chromium.org/issues/488188166" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-4674" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehkc-zgaa-23fy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96286?format=api", "vulnerability_id": "VCID-ehpx-cudz-zqae", "summary": "Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5493", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64819", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64749", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64777", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6474", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6479", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64821", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6481", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.64782", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5493" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5493", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5493" }, { "reference_url": "https://issues.chromium.org/issues/339877165", "reference_id": "339877165", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:22:42Z/" } ], "url": "https://issues.chromium.org/issues/339877165" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:22:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:22:42Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:22:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5493" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehpx-cudz-zqae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96355?format=api", "vulnerability_id": "VCID-ekue-zrh2-27ex", "summary": "Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6776", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61261", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61232", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61253", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.6124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61221", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61175", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61217", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6776" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6776", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6776" }, { "reference_url": "https://issues.chromium.org/issues/346692546", "reference_id": "346692546", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:48Z/" } ], "url": "https://issues.chromium.org/issues/346692546" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:48Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6776" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ekue-zrh2-27ex" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96464?format=api", "vulnerability_id": "VCID-en8g-26ps-8qbz", "summary": "Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12725", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25055", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24974", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25029", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25631", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00133", "scoring_system": "epss", "scoring_elements": "0.32923", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12725" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12725", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12725" }, { "reference_url": "https://issues.chromium.org/issues/443906252", "reference_id": "443906252", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-21T05:02:07Z/" } ], "url": "https://issues.chromium.org/issues/443906252" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-21T05:02:07Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12725" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-en8g-26ps-8qbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350934?format=api", "vulnerability_id": "VCID-eppu-2256-nud8", "summary": "Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5866.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5866.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23656", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23557", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34024", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5866" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456787", "reference_id": "2456787", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456787" }, { "reference_url": "https://issues.chromium.org/issues/492218537", "reference_id": "492218537", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:36:24Z/" } ], "url": "https://issues.chromium.org/issues/492218537" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:36:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5866" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eppu-2256-nud8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64229?format=api", "vulnerability_id": "VCID-erw2-rh9x-nybk", "summary": "chromium-browser: Out of bounds read and write in WebGL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4440.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4440.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22526", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22434", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22512", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22416", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22438", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4440" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449394", "reference_id": "2449394", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449394" }, { "reference_url": "https://issues.chromium.org/issues/485935305", "reference_id": "485935305", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:17Z/" } ], "url": "https://issues.chromium.org/issues/485935305" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:17Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4440" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-erw2-rh9x-nybk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96946?format=api", "vulnerability_id": "VCID-es45-v7v3-gkcy", "summary": "Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8576", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41462", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41439", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43902", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43948", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8576" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8576", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8576" }, { "reference_url": "https://issues.chromium.org/issues/414760982", "reference_id": "414760982", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:39:48Z/" } ], "url": "https://issues.chromium.org/issues/414760982" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:39:48Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8576" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-es45-v7v3-gkcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65161?format=api", "vulnerability_id": "VCID-etf2-r8hv-efh3", "summary": "chromium-browser: Incorrect security UI in Split View", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0907.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0907.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32063", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31936", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31977", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32006", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32009", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32103", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31925", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431122", "reference_id": "2431122", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431122" }, { "reference_url": "https://issues.chromium.org/issues/444653104", "reference_id": "444653104", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-20T14:35:38Z/" } ], "url": "https://issues.chromium.org/issues/444653104" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-20T14:35:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0907" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-etf2-r8hv-efh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47548?format=api", "vulnerability_id": "VCID-euu3-mp7s-7bb3", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8637", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50952", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.5095", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50947", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50989", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50968", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50909", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50935", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00275", "scoring_system": "epss", "scoring_elements": "0.50893", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8637" }, { "reference_url": "https://issues.chromium.org/issues/361784548", "reference_id": "361784548", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:17Z/" } ], "url": "https://issues.chromium.org/issues/361784548" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-13T03:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8637" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-euu3-mp7s-7bb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97104?format=api", "vulnerability_id": "VCID-ev82-7tj6-zkgg", "summary": "Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3925", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0642", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06455", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06444", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06493", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06535", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06529", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0727", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0728", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.072", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3925" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3925", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3925" }, { "reference_url": "https://issues.chromium.org/issues/418214610", "reference_id": "418214610", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:40:08Z/" } ], "url": "https://issues.chromium.org/issues/418214610" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:40:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3925" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ev82-7tj6-zkgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350952?format=api", "vulnerability_id": "VCID-ezsm-r6h7-b3hu", "summary": "Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5884.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5884.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15637", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15604", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15502", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33598", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5884" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5884", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5884" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456788", "reference_id": "2456788", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456788" }, { "reference_url": "https://issues.chromium.org/issues/484547633", "reference_id": "484547633", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:56:00Z/" } ], "url": "https://issues.chromium.org/issues/484547633" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:56:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5884" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ezsm-r6h7-b3hu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96370?format=api", "vulnerability_id": "VCID-f4pg-8mqs-bkaq", "summary": "Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7256", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.6426", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.6425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64264", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64252", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64225", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64196", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64224", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64184", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00462", "scoring_system": "epss", "scoring_elements": "0.64234", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7256" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7256", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7256" }, { "reference_url": "https://issues.chromium.org/issues/354748060", "reference_id": "354748060", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-03T03:56:05Z/" } ], "url": "https://issues.chromium.org/issues/354748060" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-03T03:56:05Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7256" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f4pg-8mqs-bkaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66468?format=api", "vulnerability_id": "VCID-f9cc-vq7n-7feh", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13224.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20487", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13224" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13224", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13224" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415524", "reference_id": "2415524", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415524" }, { "reference_url": "https://issues.chromium.org/issues/450328966", "reference_id": "450328966", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:27Z/" } ], "url": "https://issues.chromium.org/issues/450328966" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13224" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-f9cc-vq7n-7feh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96134?format=api", "vulnerability_id": "VCID-fazb-vu1j-qkcg", "summary": "Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3989", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.3984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39891", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39881", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39868", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00181", "scoring_system": "epss", "scoring_elements": "0.39813", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00237", "scoring_system": "epss", "scoring_elements": "0.46798", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3840" }, { "reference_url": "https://issues.chromium.org/issues/41493458", "reference_id": "41493458", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://issues.chromium.org/issues/41493458" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T19:32:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3840" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fazb-vu1j-qkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47504?format=api", "vulnerability_id": "VCID-fbem-1qpe-aqda", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6989", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50832", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50831", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50828", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50847", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50791", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50817", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50774", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6989" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6989", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6989" }, { "reference_url": "https://issues.chromium.org/issues/349342289", "reference_id": "349342289", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:01:11Z/" } ], "url": "https://issues.chromium.org/issues/349342289" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T20:01:11Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6989" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbem-1qpe-aqda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47540?format=api", "vulnerability_id": "VCID-fbhx-fq7g-w3hb", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7981", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66715", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66704", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66724", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66711", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6664", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66666", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66689", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7981" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7981", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7981" }, { "reference_url": "https://issues.chromium.org/issues/40067456", "reference_id": "40067456", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:37:45Z/" } ], "url": "https://issues.chromium.org/issues/40067456" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-21T20:37:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7981" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fbhx-fq7g-w3hb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97115?format=api", "vulnerability_id": "VCID-fe4a-beyp-rkby", "summary": "Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4445", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27774", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27925", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27968", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27826", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27868", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4445" }, { "reference_url": "https://issues.chromium.org/issues/486421953", "reference_id": "486421953", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:57Z/" } ], "url": "https://issues.chromium.org/issues/486421953" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4445" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fe4a-beyp-rkby" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350949?format=api", "vulnerability_id": "VCID-fe9g-f832-93ge", "summary": "Policy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5881.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5881.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5881", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03418", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0339", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06931", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5881" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5881", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5881" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456757", "reference_id": "2456757", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456757" }, { "reference_url": "https://issues.chromium.org/issues/454162508", "reference_id": "454162508", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:56:18Z/" } ], "url": "https://issues.chromium.org/issues/454162508" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:56:18Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5881" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fe9g-f832-93ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63900?format=api", "vulnerability_id": "VCID-fene-srh1-b3gp", "summary": "chromium-browser: Integer overflow in Codecs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5274.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5274.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5274", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19778", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21073", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2103", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20978", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20916", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20997", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5274" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5274", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5274" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453692", "reference_id": "2453692", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453692" }, { "reference_url": "https://issues.chromium.org/issues/488596746", "reference_id": "488596746", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:29:34Z/" } ], "url": "https://issues.chromium.org/issues/488596746" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:29:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-5274" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fene-srh1-b3gp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59098?format=api", "vulnerability_id": "VCID-fkyq-rccj-fuan", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03715", "scoring_system": "epss", "scoring_elements": "0.87966", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03715", "scoring_system": "epss", "scoring_elements": "0.87946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03715", "scoring_system": "epss", "scoring_elements": "0.87976", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03715", "scoring_system": "epss", "scoring_elements": "0.87984", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03715", "scoring_system": "epss", "scoring_elements": "0.87973", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04295", "scoring_system": "epss", "scoring_elements": "0.88839", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04295", "scoring_system": "epss", "scoring_elements": "0.88823", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04919", "scoring_system": "epss", "scoring_elements": "0.89629", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2887" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2887", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2887" }, { "reference_url": "https://issues.chromium.org/issues/330588502", "reference_id": "330588502", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-04T04:00:11Z/" } ], "url": "https://issues.chromium.org/issues/330588502" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/", "reference_id": "3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-04T04:00:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/", "reference_id": "G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-04T04:00:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/", "reference_id": "IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-04T04:00:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html", "reference_id": "stable-channel-update-for-desktop_26.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-04T04:00:11Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2887" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fkyq-rccj-fuan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34542?format=api", "vulnerability_id": "VCID-fm1v-h981-hfat", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11756.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11756.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11756", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24449", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24518", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24562", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24578", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.24534", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00084", "scoring_system": "epss", "scoring_elements": "0.2448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25253", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25213", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27675", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11756" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413269", "reference_id": "2413269", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413269" }, { "reference_url": "https://issues.chromium.org/issues/447192722", "reference_id": "447192722", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:17Z/" } ], "url": "https://issues.chromium.org/issues/447192722" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11756" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fm1v-h981-hfat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96994?format=api", "vulnerability_id": "VCID-fmm5-bjps-u7he", "summary": "Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1862", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16935", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16991", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16773", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16861", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16918", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16893", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19265", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1932", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19227", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-1862" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1862", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1862" }, { "reference_url": "https://issues.chromium.org/issues/479726070", "reference_id": "479726070", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-03T21:18:18Z/" } ], "url": "https://issues.chromium.org/issues/479726070" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-03T21:18:18Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-1862" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmm5-bjps-u7he" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64241?format=api", "vulnerability_id": "VCID-fptw-w5qg-8qh7", "summary": "chromium-browser: Out of bounds read in Skia", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4460.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4460.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23728", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23757", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4460" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449412", "reference_id": "2449412", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449412" }, { "reference_url": "https://issues.chromium.org/issues/490254124", "reference_id": "490254124", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:31:06Z/" } ], "url": "https://issues.chromium.org/issues/490254124" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:31:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4460" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fptw-w5qg-8qh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59074?format=api", "vulnerability_id": "VCID-fsra-m4tw-fbhk", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1672", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28466", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28588", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28501", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28541", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28542", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28499", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.2845", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1672" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1672", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1672" }, { "reference_url": "https://issues.chromium.org/issues/41485789", "reference_id": "41485789", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:04:39Z/" } ], "url": "https://issues.chromium.org/issues/41485789" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:04:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:04:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-17T18:04:39Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1672" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsra-m4tw-fbhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51275?format=api", "vulnerability_id": "VCID-fsrh-9pjx-1bgs", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55895", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55833", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55834", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55885", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55888", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55897", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.55878", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00329", "scoring_system": "epss", "scoring_elements": "0.5586", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0812" }, { "reference_url": "https://crbug.com/1484394", "reference_id": "1484394", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:33Z/" } ], "url": "https://crbug.com/1484394" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:33Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T20:28:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0812" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fsrh-9pjx-1bgs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96414?format=api", "vulnerability_id": "VCID-fts7-2szz-bke1", "summary": "Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0451", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34686", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34624", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34653", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34656", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34616", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34593", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34711", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34581", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.4851", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0451" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0451", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0451" }, { "reference_url": "https://issues.chromium.org/issues/40061026", "reference_id": "40061026", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:27:13Z/" } ], "url": "https://issues.chromium.org/issues/40061026" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-07T21:27:13Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0451" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fts7-2szz-bke1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96942?format=api", "vulnerability_id": "VCID-fxe5-hz1y-p3b4", "summary": "Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20961", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20901", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.2401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24081", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24098", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24055", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23998", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23968", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24035", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8011" }, { "reference_url": "https://issues.chromium.org/issues/430572435", "reference_id": "430572435", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-25T03:55:17Z/" } ], "url": "https://issues.chromium.org/issues/430572435" }, { "reference_url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-25T03:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8011" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fxe5-hz1y-p3b4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51274?format=api", "vulnerability_id": "VCID-fzgh-mk5w-8ubx", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0811", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56659", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56609", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.5663", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.5666", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56665", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56674", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00338", "scoring_system": "epss", "scoring_elements": "0.56628", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0811" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0811", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0811" }, { "reference_url": "https://crbug.com/1494490", "reference_id": "1494490", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T18:31:12Z/" } ], "url": "https://crbug.com/1494490" }, { "reference_url": "http://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html", "reference_id": "Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T18:31:12Z/" } ], "url": "http://packetstormsecurity.com/files/177172/Chrome-chrome.pageCapture.saveAsMHTML-Extension-API-Blocked-Origin-Bypass.html" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T18:31:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T18:31:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-16T18:31:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0811" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fzgh-mk5w-8ubx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51267?format=api", "vulnerability_id": "VCID-g1nu-japp-wbec", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0805", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33032", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33111", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33144", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32973", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33019", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33049", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33053", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33015", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3299", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0805" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0805", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0805" }, { "reference_url": "https://crbug.com/1514925", "reference_id": "1514925", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:32:45Z/" } ], "url": "https://crbug.com/1514925" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:32:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:32:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-24T16:32:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0805" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g1nu-japp-wbec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66467?format=api", "vulnerability_id": "VCID-g2tg-4jum-qkdq", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13226.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13226.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13226", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26561", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13226" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13226", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13226" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415526", "reference_id": "2415526", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415526" }, { "reference_url": "https://issues.chromium.org/issues/446113732", "reference_id": "446113732", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:31Z/" } ], "url": "https://issues.chromium.org/issues/446113732" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:31Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13226" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g2tg-4jum-qkdq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47523?format=api", "vulnerability_id": "VCID-g442-up9e-z3f2", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47683", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47621", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47616", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.4764", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47625", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47596", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47617", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47566", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7550" }, { "reference_url": "https://issues.chromium.org/issues/355256380", "reference_id": "355256380", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T19:28:07Z/" } ], "url": "https://issues.chromium.org/issues/355256380" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T19:28:07Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7550" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g442-up9e-z3f2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47472?format=api", "vulnerability_id": "VCID-g8mm-2jmc-zuh3", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4559", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61269", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61311", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61271", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61289", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61304", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61255", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61283", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00879", "scoring_system": "epss", "scoring_elements": "0.7529", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4559" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4559", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4559" }, { "reference_url": "https://issues.chromium.org/issues/331369797", "reference_id": "331369797", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T13:13:49Z/" } ], "url": "https://issues.chromium.org/issues/331369797" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T13:13:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/", "reference_id": "IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T13:13:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/", "reference_id": "LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T13:13:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html", "reference_id": "stable-channel-update-for-desktop_7.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-08T13:13:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4559" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8mm-2jmc-zuh3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96406?format=api", "vulnerability_id": "VCID-gc4t-7ghq-9qbu", "summary": "Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9963", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40303", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.403", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40313", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40275", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40314", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40236", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9963" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9963", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9963" }, { "reference_url": "https://issues.chromium.org/issues/328278718", "reference_id": "328278718", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:43:27Z/" } ], "url": "https://issues.chromium.org/issues/328278718" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:43:27Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9963" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gc4t-7ghq-9qbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96663?format=api", "vulnerability_id": "VCID-gdn6-smyz-j3fm", "summary": "Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3619", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31107", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31163", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31119", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31209", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31251", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31072", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31125", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31155", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3619" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3619", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3619" }, { "reference_url": "https://issues.chromium.org/issues/409619251", "reference_id": "409619251", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:38:46Z/" } ], "url": "https://issues.chromium.org/issues/409619251" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:38:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3619" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gdn6-smyz-j3fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51283?format=api", "vulnerability_id": "VCID-ge6a-3w19-d7ba", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1077", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77036", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76939", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76969", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76951", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76983", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76994", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.76996", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1077" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1077", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1077" }, { "reference_url": "https://crbug.com/1511085", "reference_id": "1511085", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:24Z/" } ], "url": "https://crbug.com/1511085" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/", "reference_id": "NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:24Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/", "reference_id": "XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1077" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ge6a-3w19-d7ba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96433?format=api", "vulnerability_id": "VCID-ge74-2md4-hqgv", "summary": "Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29751", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.2983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29734", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29861", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29907", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29821", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10892" }, { "reference_url": "https://issues.chromium.org/issues/444048019", "reference_id": "444048019", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T17:03:34Z/" } ], "url": "https://issues.chromium.org/issues/444048019" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T17:03:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10892" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ge74-2md4-hqgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64653?format=api", "vulnerability_id": "VCID-gey8-v54f-rqhn", "summary": "chromium-browser: Use after free in Ozone", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2321.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32239", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3217", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32338", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32163", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32212", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2321" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2321", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2321" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439074", "reference_id": "2439074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439074" }, { "reference_url": "https://issues.chromium.org/issues/461877477", "reference_id": "461877477", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:22Z/" } ], "url": "https://issues.chromium.org/issues/461877477" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:22Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2321" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gey8-v54f-rqhn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34511?format=api", "vulnerability_id": "VCID-gj24-r1kr-1qg7", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31631", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31674", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31633", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31597", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31725", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3164", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3167", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8880" }, { "reference_url": "https://issues.chromium.org/issues/433533359", "reference_id": "433533359", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:31Z/" } ], "url": "https://issues.chromium.org/issues/433533359" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:31Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8880" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gj24-r1kr-1qg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47537?format=api", "vulnerability_id": "VCID-gkwa-9h3v-q3bq", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7978", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54435", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54467", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54474", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54457", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54447", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00313", "scoring_system": "epss", "scoring_elements": "0.54415", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7978" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7978", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7978" }, { "reference_url": "https://issues.chromium.org/issues/40060358", "reference_id": "40060358", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:23:16Z/" } ], "url": "https://issues.chromium.org/issues/40060358" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:23:16Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7978" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkwa-9h3v-q3bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47489?format=api", "vulnerability_id": "VCID-gkza-cdmr-8kgc", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48084", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48105", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48055", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48107", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48102", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48126", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48101", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48112", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5838" }, { "reference_url": "https://issues.chromium.org/issues/342522151", "reference_id": "342522151", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:59Z/" } ], "url": "https://issues.chromium.org/issues/342522151" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5838" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gkza-cdmr-8kgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64324?format=api", "vulnerability_id": "VCID-gm3s-spcn-7udg", "summary": "chromium-browser: Insufficient policy enforcement in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3941.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3941.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3941", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09724", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09822", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09795", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09857", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10801", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.1096", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.10937", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3941" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3941", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3941" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446863", "reference_id": "2446863", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446863" }, { "reference_url": "https://issues.chromium.org/issues/474670215", "reference_id": "474670215", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:37:08Z/" } ], "url": "https://issues.chromium.org/issues/474670215" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:37:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3941" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gm3s-spcn-7udg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350933?format=api", "vulnerability_id": "VCID-gte6-2nmf-17ed", "summary": "Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5865.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5865.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5865", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28321", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5865" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5865", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5865" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456782", "reference_id": "2456782", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456782" }, { "reference_url": "https://issues.chromium.org/issues/491884710", "reference_id": "491884710", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:44Z/" } ], "url": "https://issues.chromium.org/issues/491884710" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5865" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gte6-2nmf-17ed" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64234?format=api", "vulnerability_id": "VCID-gtvc-bxas-pbfd", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4461.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4461.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23728", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23757", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449399", "reference_id": "2449399", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449399" }, { "reference_url": "https://issues.chromium.org/issues/490558172", "reference_id": "490558172", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:17:24Z/" } ], "url": "https://issues.chromium.org/issues/490558172" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:17:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4461" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gtvc-bxas-pbfd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65164?format=api", "vulnerability_id": "VCID-gwaw-v9x7-ufef", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0902.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0902.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28601", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28672", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28673", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28581", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28759", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28566", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28632", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0902" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431126", "reference_id": "2431126", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431126" }, { "reference_url": "https://issues.chromium.org/issues/469143679", "reference_id": "469143679", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-20T15:29:24Z/" } ], "url": "https://issues.chromium.org/issues/469143679" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-20T15:29:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0902" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gwaw-v9x7-ufef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96397?format=api", "vulnerability_id": "VCID-gyb8-r6sx-dyfq", "summary": "Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75094", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75067", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75056", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75014", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75044", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.7502", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75054", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75065", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00862", "scoring_system": "epss", "scoring_elements": "0.75088", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9859" }, { "reference_url": "https://issues.chromium.org/issues/346197738", "reference_id": "346197738", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T18:27:21Z/" } ], "url": "https://issues.chromium.org/issues/346197738" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9859" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gyb8-r6sx-dyfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350944?format=api", "vulnerability_id": "VCID-gz5r-x3cv-9yh6", "summary": "Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5876.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5876.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5876", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0782", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07834", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07848", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10288", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5876" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5876", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5876" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456764", "reference_id": "2456764", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456764" }, { "reference_url": "https://issues.chromium.org/issues/41485206", "reference_id": "41485206", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-11T03:02:42Z/" } ], "url": "https://issues.chromium.org/issues/41485206" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-11T03:02:42Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5876" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gz5r-x3cv-9yh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47476?format=api", "vulnerability_id": "VCID-gzer-ha74-rud6", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5159", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60217", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.6013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60155", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60189", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.6021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60178", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5159" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5159", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5159" }, { "reference_url": "https://issues.chromium.org/issues/335613092", "reference_id": "335613092", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:13Z/" } ], "url": "https://issues.chromium.org/issues/335613092" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/", "reference_id": "5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/", "reference_id": "FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:13Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5159" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gzer-ha74-rud6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59078?format=api", "vulnerability_id": "VCID-h1qs-sdxq-fqg7", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55551", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.5549", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55491", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55542", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55543", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55553", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00325", "scoring_system": "epss", "scoring_elements": "0.55532", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1676" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1676" }, { "reference_url": "https://issues.chromium.org/issues/40944847", "reference_id": "40944847", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:58:40Z/" } ], "url": "https://issues.chromium.org/issues/40944847" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:58:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-11-05T15:58:40Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1676" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h1qs-sdxq-fqg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350940?format=api", "vulnerability_id": "VCID-h4bc-hpby-53a2", "summary": "Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5872.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5872.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5872", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34024", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5872" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456794", "reference_id": "2456794", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456794" }, { "reference_url": "https://issues.chromium.org/issues/496281816", "reference_id": "496281816", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:54Z/" } ], "url": "https://issues.chromium.org/issues/496281816" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5872" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h4bc-hpby-53a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96416?format=api", "vulnerability_id": "VCID-h5kz-vcq9-1bgh", "summary": "Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0611", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70143", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.7012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00625", "scoring_system": "epss", "scoring_elements": "0.70183", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70469", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00637", "scoring_system": "epss", "scoring_elements": "0.70511", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01092", "scoring_system": "epss", "scoring_elements": "0.7797", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01092", "scoring_system": "epss", "scoring_elements": "0.77954", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0611" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0611", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0611" }, { "reference_url": "https://issues.chromium.org/issues/386143468", "reference_id": "386143468", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T20:02:12Z/" } ], "url": "https://issues.chromium.org/issues/386143468" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-22T20:02:12Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0611" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5kz-vcq9-1bgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34528?format=api", "vulnerability_id": "VCID-hgdv-3a81-xbh2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11208.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11208.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11208", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11763", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11845", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11898", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11908", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11869", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11841", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1253", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12487", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14213", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11208" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11208", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11208" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413254", "reference_id": "2413254", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413254" }, { "reference_url": "https://issues.chromium.org/issues/397878997", "reference_id": "397878997", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T14:04:05Z/" } ], "url": "https://issues.chromium.org/issues/397878997" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T14:04:05Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11208" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hgdv-3a81-xbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64330?format=api", "vulnerability_id": "VCID-hh5j-vytm-cfda", "summary": "chromium-browser: Use after free in WindowDialog", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3924.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3924.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3924", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30665", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30701", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3924" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3924", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3924" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446871", "reference_id": "2446871", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446871" }, { "reference_url": "https://issues.chromium.org/issues/487338366", "reference_id": "487338366", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:20:27Z/" } ], "url": "https://issues.chromium.org/issues/487338366" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:20:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3924" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh5j-vytm-cfda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96400?format=api", "vulnerability_id": "VCID-hhh2-h1h9-47e5", "summary": "Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9957", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60561", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60582", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60499", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60526", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60544", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9957" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9957", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9957" }, { "reference_url": "https://issues.chromium.org/issues/358151317", "reference_id": "358151317", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T20:00:08Z/" } ], "url": "https://issues.chromium.org/issues/358151317" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T20:00:08Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9957" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhh2-h1h9-47e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96974?format=api", "vulnerability_id": "VCID-hhme-jc9c-wua5", "summary": "Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9866", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18651", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18702", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0006", "scoring_system": "epss", "scoring_elements": "0.18799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19714", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19667", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19517", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9866" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9866", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9866" }, { "reference_url": "https://issues.chromium.org/issues/379337758", "reference_id": "379337758", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-04T03:55:44Z/" } ], "url": "https://issues.chromium.org/issues/379337758" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-04T03:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-9866" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhme-jc9c-wua5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64503?format=api", "vulnerability_id": "VCID-hv8x-2qvm-6fc2", "summary": "chromium-browser: Heap buffer overflow in Media", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2650.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2650.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2650", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07792", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0775", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07871", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0785", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07836", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07839", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07794", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07852", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2650" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2650", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2650" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440808", "reference_id": "2440808", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440808" }, { "reference_url": "https://issues.chromium.org/issues/476461867", "reference_id": "476461867", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-19T04:55:53Z/" } ], "url": "https://issues.chromium.org/issues/476461867" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-19T04:55:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2650" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hv8x-2qvm-6fc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64646?format=api", "vulnerability_id": "VCID-hvrw-kcqp-vkff", "summary": "chromium-browser: Inappropriate implementation in File input", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2322.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05703", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05732", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05805", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05784", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05776", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0577", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05744", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0574", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05779", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2322" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2322", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2322" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439064", "reference_id": "2439064", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439064" }, { "reference_url": "https://issues.chromium.org/issues/470928605", "reference_id": "470928605", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T20:48:12Z/" } ], "url": "https://issues.chromium.org/issues/470928605" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T20:48:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2322" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hvrw-kcqp-vkff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64388?format=api", "vulnerability_id": "VCID-hy6v-dksh-eba8", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3543.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3543.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3543", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24661", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3543" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3543", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3543" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444622", "reference_id": "2444622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444622" }, { "reference_url": "https://issues.chromium.org/issues/485267831", "reference_id": "485267831", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:15:32Z/" } ], "url": "https://issues.chromium.org/issues/485267831" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:15:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3543" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hy6v-dksh-eba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66403?format=api", "vulnerability_id": "VCID-hya4-e9c1-qfg3", "summary": "chromium-browser: Bad cast in Loader", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13720.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13720.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13720", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28317", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35035", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13720" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13720", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13720" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418466", "reference_id": "2418466", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418466" }, { "reference_url": "https://issues.chromium.org/issues/457818670", "reference_id": "457818670", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:45Z/" } ], "url": "https://issues.chromium.org/issues/457818670" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:45Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13720" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hya4-e9c1-qfg3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64654?format=api", "vulnerability_id": "VCID-j1e8-svxg-53gu", "summary": "chromium-browser: Heap buffer overflow in Codecs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2314.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2314.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2314", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14714", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14673", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14635", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14579", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14757", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14565", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14654", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2314" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2314", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2314" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439076", "reference_id": "2439076", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439076" }, { "reference_url": "https://issues.chromium.org/issues/478560268", "reference_id": "478560268", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:20Z/" } ], "url": "https://issues.chromium.org/issues/478560268" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:20Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2314" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j1e8-svxg-53gu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34516?format=api", "vulnerability_id": "VCID-j37e-6ba3-jfg5", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37064", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37045", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37019", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37177", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37007", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37057", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.3707", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9478" }, { "reference_url": "https://issues.chromium.org/issues/437825940", "reference_id": "437825940", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-28T03:55:21Z/" } ], "url": "https://issues.chromium.org/issues/437825940" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_26.html", "reference_id": "stable-channel-update-for-desktop_26.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-28T03:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_26.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-9478" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j37e-6ba3-jfg5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350928?format=api", "vulnerability_id": "VCID-j6ca-hcw4-bke7", "summary": "Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5860.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5860.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5860", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09771", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09784", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09735", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3144", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5860" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5860", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5860" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456759", "reference_id": "2456759", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456759" }, { "reference_url": "https://issues.chromium.org/issues/486495143", "reference_id": "486495143", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:39Z/" } ], "url": "https://issues.chromium.org/issues/486495143" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:39Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5860" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ca-hcw4-bke7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59103?format=api", "vulnerability_id": "VCID-j736-y8am-xbah", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3832", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90425", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90462", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90469", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90461", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90455", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90441", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05754", "scoring_system": "epss", "scoring_elements": "0.90437", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3832" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3832", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3832" }, { "reference_url": "https://issues.chromium.org/issues/331358160", "reference_id": "331358160", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T20:00:59Z/" } ], "url": "https://issues.chromium.org/issues/331358160" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T20:00:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T20:00:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T20:00:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-14T20:00:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3832" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j736-y8am-xbah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96342?format=api", "vulnerability_id": "VCID-j7q1-jhtq-d7dh", "summary": "Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6102", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68144", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68162", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68139", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68191", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68231", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68217", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68184", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6102" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6102", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6102" }, { "reference_url": "https://issues.chromium.org/issues/339169163", "reference_id": "339169163", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:54Z/" } ], "url": "https://issues.chromium.org/issues/339169163" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/", "reference_id": "6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:54Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/", "reference_id": "U5NRNCEYS246CYGOR32MF7OGKWOWER22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-21T03:55:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6102" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j7q1-jhtq-d7dh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66596?format=api", "vulnerability_id": "VCID-j823-r57d-97cx", "summary": "chromium-browser: Policy bypass in Extensions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12436.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12436.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12436", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02568", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02324", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02376", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02354", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02341", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0234", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02582", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02586", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02591", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12436" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12436", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12436" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413851", "reference_id": "2413851", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413851" }, { "reference_url": "https://issues.chromium.org/issues/40054742", "reference_id": "40054742", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:58:21Z/" } ], "url": "https://issues.chromium.org/issues/40054742" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:58:21Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12436" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j823-r57d-97cx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47289?format=api", "vulnerability_id": "VCID-j9bt-u7v1-mkgt", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2136", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43125", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43081", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43066", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4306", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43088", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43027", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4308", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43092", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2136" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2136" }, { "reference_url": "https://issues.chromium.org/issues/395032416", "reference_id": "395032416", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:34Z/" } ], "url": "https://issues.chromium.org/issues/395032416" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-2136" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j9bt-u7v1-mkgt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64223?format=api", "vulnerability_id": "VCID-jath-p7kj-xkb5", "summary": "chromium-browser: Out of bounds memory access in WebGL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4439.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4439.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4439", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22526", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22434", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22512", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22416", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22357", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22438", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4439" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4439", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4439" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449384", "reference_id": "2449384", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449384" }, { "reference_url": "https://issues.chromium.org/issues/475877320", "reference_id": "475877320", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:20Z/" } ], "url": "https://issues.chromium.org/issues/475877320" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:20Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4439" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jath-p7kj-xkb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64321?format=api", "vulnerability_id": "VCID-jbp7-wmxx-cfds", "summary": "chromium-browser: Out of bounds read in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3926.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3926.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3926", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25015", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24829", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25055", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24897", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24957", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26244", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26298", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26239", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3926" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3926", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3926" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446859", "reference_id": "2446859", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446859" }, { "reference_url": "https://issues.chromium.org/issues/478659010", "reference_id": "478659010", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T14:43:09Z/" } ], "url": "https://issues.chromium.org/issues/478659010" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T14:43:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3926" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jbp7-wmxx-cfds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97094?format=api", "vulnerability_id": "VCID-jckd-f5kt-9yan", "summary": "Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.2417", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24132", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25298", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25374", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25345", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25291", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25262", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2533", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3537" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3537", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3537" }, { "reference_url": "https://issues.chromium.org/issues/474266014", "reference_id": "474266014", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:58Z/" } ], "url": "https://issues.chromium.org/issues/474266014" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:58Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3537" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jckd-f5kt-9yan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350964?format=api", "vulnerability_id": "VCID-jcqn-xvsp-eyb1", "summary": "Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5896.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5896.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03418", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0339", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08428", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5896" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456756", "reference_id": "2456756", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456756" }, { "reference_url": "https://issues.chromium.org/issues/40064543", "reference_id": "40064543", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:09:26Z/" } ], "url": "https://issues.chromium.org/issues/40064543" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:09:26Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5896" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcqn-xvsp-eyb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64386?format=api", "vulnerability_id": "VCID-jf3p-zc2c-7ydj", "summary": "chromium-browser: Inappropriate implementation in CSS", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3541.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3541.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3541", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23392", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00078", "scoring_system": "epss", "scoring_elements": "0.23352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24638", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24709", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24722", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24681", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24592", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24661", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3541" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3541", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3541" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444619", "reference_id": "2444619", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444619" }, { "reference_url": "https://issues.chromium.org/issues/484811719", "reference_id": "484811719", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:06:53Z/" } ], "url": "https://issues.chromium.org/issues/484811719" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T16:06:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3541" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jf3p-zc2c-7ydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350965?format=api", "vulnerability_id": "VCID-jg3y-nbqx-2qhk", "summary": "Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5897.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5897.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5897", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5897" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5897", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5897" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456748", "reference_id": "2456748", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456748" }, { "reference_url": "https://issues.chromium.org/issues/419921726", "reference_id": "419921726", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:00:28Z/" } ], "url": "https://issues.chromium.org/issues/419921726" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:00:28Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5897" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jg3y-nbqx-2qhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350983?format=api", "vulnerability_id": "VCID-jpyw-dj8s-x3em", "summary": "Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5915.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5915.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5915", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13212", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16712", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27699", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5915" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5915", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5915" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456795", "reference_id": "2456795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456795" }, { "reference_url": "https://issues.chromium.org/issues/494341335", "reference_id": "494341335", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T14:34:34Z/" } ], "url": "https://issues.chromium.org/issues/494341335" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T14:34:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5915" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jpyw-dj8s-x3em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96077?format=api", "vulnerability_id": "VCID-jqrx-fcqr-wfg1", "summary": "Use after free in WebRTC in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3170", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72885", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72842", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72867", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72851", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72843", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72794", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.7279", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00738", "scoring_system": "epss", "scoring_elements": "0.72828", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3170" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3170", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3170" }, { "reference_url": "https://issues.chromium.org/issues/41488824", "reference_id": "41488824", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-18T18:03:49Z/" } ], "url": "https://issues.chromium.org/issues/41488824" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-18T18:03:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3170" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jqrx-fcqr-wfg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63892?format=api", "vulnerability_id": "VCID-jr1y-txur-ebgr", "summary": "chromium-browser: Heap buffer overflow in GPU", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5272.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5272.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5272", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06094", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06771", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06838", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06842", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06836", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06829", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06748", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06799", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5272" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5272", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5272" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453680", "reference_id": "2453680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453680" }, { "reference_url": "https://issues.chromium.org/issues/491732188", "reference_id": "491732188", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:59:59Z/" } ], "url": "https://issues.chromium.org/issues/491732188" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:59:59Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5272" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jr1y-txur-ebgr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47528?format=api", "vulnerability_id": "VCID-jrwn-cxgc-rbcy", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7968", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79771", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79744", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79766", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.7975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79743", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79702", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79724", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79709", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01303", "scoring_system": "epss", "scoring_elements": "0.79737", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7968" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7968", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7968" }, { "reference_url": "https://issues.chromium.org/issues/349253666", "reference_id": "349253666", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:25Z/" } ], "url": "https://issues.chromium.org/issues/349253666" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:25Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7968" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrwn-cxgc-rbcy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34538?format=api", "vulnerability_id": "VCID-jx5n-hjrz-1ydv", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11219.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11219.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11219", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08193", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08257", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08277", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08267", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08247", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08561", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.1", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11219" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11219", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11219" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413258", "reference_id": "2413258", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413258" }, { "reference_url": "https://issues.chromium.org/issues/439772737", "reference_id": "439772737", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T13:36:31Z/" } ], "url": "https://issues.chromium.org/issues/439772737" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T13:36:31Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11219" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx5n-hjrz-1ydv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64313?format=api", "vulnerability_id": "VCID-jzhh-svqk-fuat", "summary": "chromium-browser: Integer overflow in WebML", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23505", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23576", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24931", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24972", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24918", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446848", "reference_id": "2446848", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446848" }, { "reference_url": "https://issues.chromium.org/issues/481776048", "reference_id": "481776048", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T12:57:48Z/" } ], "url": "https://issues.chromium.org/issues/481776048" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T12:57:48Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3914" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzhh-svqk-fuat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96673?format=api", "vulnerability_id": "VCID-jzwa-xv6a-ufgw", "summary": "Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4050", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35693", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35626", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35708", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35733", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35614", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.3566", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00151", "scoring_system": "epss", "scoring_elements": "0.35683", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4050" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4050", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4050" }, { "reference_url": "https://issues.chromium.org/issues/409342999", "reference_id": "409342999", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-06T02:55:34Z/" } ], "url": "https://issues.chromium.org/issues/409342999" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-06T02:55:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4050" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jzwa-xv6a-ufgw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47507?format=api", "vulnerability_id": "VCID-k1pq-gfyb-nqcv", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6995", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31912", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31873", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31838", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31966", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32008", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31827", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3188", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6995" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6995", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6995" }, { "reference_url": "https://issues.chromium.org/issues/343938078", "reference_id": "343938078", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T19:22:09Z/" } ], "url": "https://issues.chromium.org/issues/343938078" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T19:22:09Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6995" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k1pq-gfyb-nqcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96473?format=api", "vulnerability_id": "VCID-k4kf-hvym-nfd6", "summary": "Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15463", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15527", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15613", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15668", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15635", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.156", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15537", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21473", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21419", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12909" }, { "reference_url": "https://issues.chromium.org/issues/361116749", "reference_id": "361116749", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:14Z/" } ], "url": "https://issues.chromium.org/issues/361116749" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:41:14Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12909" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k4kf-hvym-nfd6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96949?format=api", "vulnerability_id": "VCID-k57k-h41e-hbay", "summary": "Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18019", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18069", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17961", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8579" }, { "reference_url": "https://issues.chromium.org/issues/407791462", "reference_id": "407791462", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:31:51Z/" } ], "url": "https://issues.chromium.org/issues/407791462" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:31:51Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8579" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k57k-h41e-hbay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59105?format=api", "vulnerability_id": "VCID-kcsu-b91y-t7g5", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3834", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63623", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.6368", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63644", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63692", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63677", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63661", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.63609", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0045", "scoring_system": "epss", "scoring_elements": "0.6365", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3834" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3834", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3834" }, { "reference_url": "https://issues.chromium.org/issues/326607008", "reference_id": "326607008", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://issues.chromium.org/issues/326607008" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T19:24:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3834" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kcsu-b91y-t7g5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96948?format=api", "vulnerability_id": "VCID-ke3x-ajgw-s3av", "summary": "Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8578", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41433", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41462", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41439", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41448", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43902", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00214", "scoring_system": "epss", "scoring_elements": "0.43948", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8578" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8578", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8578" }, { "reference_url": "https://issues.chromium.org/issues/423387026", "reference_id": "423387026", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:33:35Z/" } ], "url": "https://issues.chromium.org/issues/423387026" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:33:35Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8578" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ke3x-ajgw-s3av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47534?format=api", "vulnerability_id": "VCID-keqa-qrda-xqbu", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7975", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47586", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47525", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47544", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.4752", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47501", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47521", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.4747", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7975" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7975", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7975" }, { "reference_url": "https://issues.chromium.org/issues/347588491", "reference_id": "347588491", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:09:08Z/" } ], "url": "https://issues.chromium.org/issues/347588491" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:09:08Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7975" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-keqa-qrda-xqbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66593?format=api", "vulnerability_id": "VCID-kfsu-z2wc-zqb5", "summary": "chromium-browser: Inappropriate implementation in Autofill", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12440.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12440.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06913", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06986", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06989", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.0698", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06975", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07229", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07284", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07206", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12440" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413866", "reference_id": "2413866", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413866" }, { "reference_url": "https://issues.chromium.org/issues/430555440", "reference_id": "430555440", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:59:31Z/" } ], "url": "https://issues.chromium.org/issues/430555440" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:59:31Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12440" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kfsu-z2wc-zqb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96631?format=api", "vulnerability_id": "VCID-kj7m-t28f-akce", "summary": "Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3073", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40097", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40103", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40066", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40047", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40079", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40105", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40026", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40093", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3073" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3073", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3073" }, { "reference_url": "https://issues.chromium.org/issues/388680893", "reference_id": "388680893", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:07:27Z/" } ], "url": "https://issues.chromium.org/issues/388680893" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-15T14:07:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3073" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kj7m-t28f-akce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59072?format=api", "vulnerability_id": "VCID-kk71-tdbb-yqgp", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1670", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66835", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66767", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66792", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66764", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66814", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66828", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66848", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66834", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66802", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1670" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1670", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1670" }, { "reference_url": "https://issues.chromium.org/issues/41481374", "reference_id": "41481374", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-21T16:10:10Z/" } ], "url": "https://issues.chromium.org/issues/41481374" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-21T16:10:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-21T16:10:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-21T16:10:10Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1670" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kk71-tdbb-yqgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96352?format=api", "vulnerability_id": "VCID-kkgg-9crf-zbg4", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6773", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69752", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69718", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6974", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69725", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69712", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69673", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.6965", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.69701", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6773" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6773", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6773" }, { "reference_url": "https://issues.chromium.org/issues/347724915", "reference_id": "347724915", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:44Z/" } ], "url": "https://issues.chromium.org/issues/347724915" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6773" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kkgg-9crf-zbg4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350962?format=api", "vulnerability_id": "VCID-kntf-5ubj-1be5", "summary": "Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5894.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5894.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5894", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03418", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0339", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05549", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5894" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5894", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5894" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456807", "reference_id": "2456807", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456807" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5894" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kntf-5ubj-1be5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66597?format=api", "vulnerability_id": "VCID-kq3y-vxg1-nbcb", "summary": "chromium-browser: Race in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12432.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12432.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12432", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15557", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15761", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15729", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15695", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.1563", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16424", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1651", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16563", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16626", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12432" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12432", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12432" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413859", "reference_id": "2413859", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413859" }, { "reference_url": "https://issues.chromium.org/issues/439522866", "reference_id": "439522866", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:43Z/" } ], "url": "https://issues.chromium.org/issues/439522866" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:43Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12432" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kq3y-vxg1-nbcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350971?format=api", "vulnerability_id": "VCID-kqjd-8w3j-wqcm", "summary": "Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5903.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5903.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03418", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0339", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08892", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456749", "reference_id": "2456749", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456749" }, { "reference_url": "https://issues.chromium.org/issues/483771899", "reference_id": "483771899", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:13:40Z/" } ], "url": "https://issues.chromium.org/issues/483771899" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:13:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5903" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kqjd-8w3j-wqcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66465?format=api", "vulnerability_id": "VCID-ktjv-8dj1-dbhq", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13229.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13229.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13229" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415527", "reference_id": "2415527", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415527" }, { "reference_url": "https://issues.chromium.org/issues/446113731", "reference_id": "446113731", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:28Z/" } ], "url": "https://issues.chromium.org/issues/446113731" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13229" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ktjv-8dj1-dbhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96288?format=api", "vulnerability_id": "VCID-ku48-4fhr-53cs", "summary": "Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.5622", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56244", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56262", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56287", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56276", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.56271", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00334", "scoring_system": "epss", "scoring_elements": "0.5624", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5495" }, { "reference_url": "https://issues.chromium.org/issues/338103465", "reference_id": "338103465", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:09:28Z/" } ], "url": "https://issues.chromium.org/issues/338103465" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:09:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:09:28Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:09:28Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5495" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ku48-4fhr-53cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64333?format=api", "vulnerability_id": "VCID-ku6h-fwbx-jfea", "summary": "chromium-browser: Unsafe navigation in Navigation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3930.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3930.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3930", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06918", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07751", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3930" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3930", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3930" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447256", "reference_id": "2447256", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447256" }, { "reference_url": "https://issues.chromium.org/issues/476898368", "reference_id": "476898368", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T02:56:21Z/" } ], "url": "https://issues.chromium.org/issues/476898368" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T02:56:21Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3930" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ku6h-fwbx-jfea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47546?format=api", "vulnerability_id": "VCID-kubz-v57e-wfe4", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8198", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5684", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56845", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56853", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56809", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.5679", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00341", "scoring_system": "epss", "scoring_elements": "0.56841", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8198" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8198", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8198" }, { "reference_url": "https://issues.chromium.org/issues/360758697", "reference_id": "360758697", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-05T03:55:51Z/" } ], "url": "https://issues.chromium.org/issues/360758697" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-05T03:55:51Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8198" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kubz-v57e-wfe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64652?format=api", "vulnerability_id": "VCID-kv54-x8mg-6qha", "summary": "chromium-browser: Inappropriate implementation in Animation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2317.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04398", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04412", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04484", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04476", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04461", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04443", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04424", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04435", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04468", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2317" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2317", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2317" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439073", "reference_id": "2439073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439073" }, { "reference_url": "https://issues.chromium.org/issues/464173573", "reference_id": "464173573", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:51:46Z/" } ], "url": "https://issues.chromium.org/issues/464173573" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:51:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2317" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kv54-x8mg-6qha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47486?format=api", "vulnerability_id": "VCID-kzf2-z6tv-w3hh", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5836", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64437", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64466", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64432", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64472", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.6446", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00467", "scoring_system": "epss", "scoring_elements": "0.64396", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69696", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5836" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5836", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5836" }, { "reference_url": "https://issues.chromium.org/issues/341875171", "reference_id": "341875171", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:58Z/" } ], "url": "https://issues.chromium.org/issues/341875171" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:58Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:58Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5836" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kzf2-z6tv-w3hh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65882?format=api", "vulnerability_id": "VCID-m2a1-v6jc-kqbh", "summary": "chromium-browser: Google Chrome V8: Out-of-bounds read and write leads to heap corruption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14766.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14766.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14766", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27893", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27983", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27986", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27944", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28081", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27876", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27942", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14766" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14766", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14766" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422948", "reference_id": "2422948", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422948" }, { "reference_url": "https://issues.chromium.org/issues/466786677", "reference_id": "466786677", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-18T04:55:20Z/" } ], "url": "https://issues.chromium.org/issues/466786677" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-18T04:55:20Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-14766" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2a1-v6jc-kqbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96467?format=api", "vulnerability_id": "VCID-m2q1-15ug-cudj", "summary": "Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12729", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06236", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06303", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.0629", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06567", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06583", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06618", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15998", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12729" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12729", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12729" }, { "reference_url": "https://issues.chromium.org/issues/454354281", "reference_id": "454354281", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:10:19Z/" } ], "url": "https://issues.chromium.org/issues/454354281" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:10:19Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12729" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2q1-15ug-cudj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47269?format=api", "vulnerability_id": "VCID-m344-92r3-57ac", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93815", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93786", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93793", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93763", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93773", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.12088", "scoring_system": "epss", "scoring_elements": "0.93777", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0291" }, { "reference_url": "https://issues.chromium.org/issues/383356864", "reference_id": "383356864", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T19:45:48Z/" } ], "url": "https://issues.chromium.org/issues/383356864" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-08T19:45:48Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0291" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m344-92r3-57ac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63057?format=api", "vulnerability_id": "VCID-m4hs-41n2-8bbz", "summary": "Malicious pages could use Firefox for Android to pass FIDO: links to the OS and trigger the \"hybrid\" passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9956", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05504", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05492", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05528", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.0555", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05524", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05511", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05489", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9956" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9956", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9956" }, { "reference_url": "https://issues.chromium.org/issues/370482421", "reference_id": "370482421", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T20:01:37Z/" } ], "url": "https://issues.chromium.org/issues/370482421" }, { "reference_url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14", "reference_id": "mfsa2025-14", "reference_type": "", "scores": [ { "value": "high", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.mozilla.org/en-US/security/advisories/mfsa2025-14" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T20:01:37Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9956" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4hs-41n2-8bbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47543?format=api", "vulnerability_id": "VCID-m4yn-u4qr-1yce", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66572", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66561", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.6658", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66568", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66536", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66502", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66528", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66499", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00513", "scoring_system": "epss", "scoring_elements": "0.66547", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8035" }, { "reference_url": "https://issues.chromium.org/issues/40059470", "reference_id": "40059470", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:20:41Z/" } ], "url": "https://issues.chromium.org/issues/40059470" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:20:41Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8035" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m4yn-u4qr-1yce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96465?format=api", "vulnerability_id": "VCID-m534-2qgb-nfef", "summary": "Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25801", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25887", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25855", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25898", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26438", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26652", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26507", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0014", "scoring_system": "epss", "scoring_elements": "0.34206", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12726" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12726", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12726" }, { "reference_url": "https://issues.chromium.org/issues/447172715", "reference_id": "447172715", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:41Z/" } ], "url": "https://issues.chromium.org/issues/447172715" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12726" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m534-2qgb-nfef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59093?format=api", "vulnerability_id": "VCID-m5um-4e29-gfau", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.5345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53543", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53508", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53525", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53542", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53496", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53445", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00302", "scoring_system": "epss", "scoring_elements": "0.53476", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2883" }, { "reference_url": "https://issues.chromium.org/issues/327807820", "reference_id": "327807820", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-14T00:51:27Z/" } ], "url": "https://issues.chromium.org/issues/327807820" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/", "reference_id": "3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-14T00:51:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3YUWGSMA5X2NQP5XEFCLRWNX6246GZ2C/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/", "reference_id": "G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-14T00:51:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G3RKI7VTQSIAI3PVZGRCHOSELTQXQ5FQ/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/", "reference_id": "IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-14T00:51:27Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IQMRHKDEG4J7TMRRRGUGW6GS4MVBX5IT/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html", "reference_id": "stable-channel-update-for-desktop_26.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-14T00:51:27Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_26.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2883" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m5um-4e29-gfau" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350972?format=api", "vulnerability_id": "VCID-m84v-xahm-rubz", "summary": "Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5904.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5904.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08224", "published_at": "2026-04-16T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00754", "published_at": "2026-04-12T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00764", "published_at": "2026-04-09T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00755", "published_at": "2026-04-13T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00759", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5904" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456796", "reference_id": "2456796", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456796" }, { "reference_url": "https://issues.chromium.org/issues/483851888", "reference_id": "483851888", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:14:24Z/" } ], "url": "https://issues.chromium.org/issues/483851888" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:14:24Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5904" ], "risk_score": 3.7, "exploitability": "0.5", "weighted_severity": "7.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m84v-xahm-rubz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96132?format=api", "vulnerability_id": "VCID-m947-x8gn-dybn", "summary": "Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3838", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44092", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.4403", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44046", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44063", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44061", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.4401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44755", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3838" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3838", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3838" }, { "reference_url": "https://issues.chromium.org/issues/328278717", "reference_id": "328278717", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T15:29:04Z/" } ], "url": "https://issues.chromium.org/issues/328278717" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T15:29:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T15:29:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T15:29:04Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-19T15:29:04Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3838" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m947-x8gn-dybn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47278?format=api", "vulnerability_id": "VCID-m98j-wthn-yff3", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0440", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23968", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24056", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24014", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23958", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24107", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24145", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23926", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.23993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24039", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0440" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0440", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0440" }, { "reference_url": "https://issues.chromium.org/issues/40067914", "reference_id": "40067914", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:39:42Z/" } ], "url": "https://issues.chromium.org/issues/40067914" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:39:42Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0440" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m98j-wthn-yff3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66405?format=api", "vulnerability_id": "VCID-mhd8-qg19-cqg1", "summary": "chromium-browser: Use after free in Media Stream", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13638.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13638.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41548", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41528", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4155", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41517", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41543", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41519", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13638" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13638", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13638" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418468", "reference_id": "2418468", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418468" }, { "reference_url": "https://issues.chromium.org/issues/448046109", "reference_id": "448046109", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:43Z/" } ], "url": "https://issues.chromium.org/issues/448046109" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:43Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13638" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhd8-qg19-cqg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96481?format=api", "vulnerability_id": "VCID-mhfc-jc5n-gfbu", "summary": "Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1426", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60167", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.6016", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60146", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60128", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60081", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60075", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60125", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00391", "scoring_system": "epss", "scoring_elements": "0.60139", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1426" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1426" }, { "reference_url": "https://issues.chromium.org/issues/383465163", "reference_id": "383465163", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:08:33Z/" } ], "url": "https://issues.chromium.org/issues/383465163" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:08:33Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1426" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mhfc-jc5n-gfbu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47553?format=api", "vulnerability_id": "VCID-mmtm-79qv-y3f9", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.92211", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.92194", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.92198", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.92203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.922", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.92174", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.9218", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08189", "scoring_system": "epss", "scoring_elements": "0.92183", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9122" }, { "reference_url": "https://issues.chromium.org/issues/365802567", "reference_id": "365802567", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:24:14Z/" } ], "url": "https://issues.chromium.org/issues/365802567" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:24:14Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9122" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mmtm-79qv-y3f9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96142?format=api", "vulnerability_id": "VCID-msy4-5tju-c3ak", "summary": "Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49231", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49305", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49258", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49253", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.4928", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49262", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49211", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49259", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3845" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3845" }, { "reference_url": "https://issues.chromium.org/issues/323583084", "reference_id": "323583084", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://issues.chromium.org/issues/323583084" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:50:32Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3845" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-msy4-5tju-c3ak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96405?format=api", "vulnerability_id": "VCID-mug4-6rdz-1uhm", "summary": "Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9962", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20103", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20018", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20076", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20121", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20181", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20239", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19965", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20089", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9962" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9962", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9962" }, { "reference_url": "https://issues.chromium.org/issues/364508693", "reference_id": "364508693", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:44:14Z/" } ], "url": "https://issues.chromium.org/issues/364508693" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:44:14Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9962" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mug4-6rdz-1uhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47254?format=api", "vulnerability_id": "VCID-mv9m-jyjx-cfbm", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11113", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61993", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61962", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61951", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61925", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61895", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61944", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11113" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11113", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11113" }, { "reference_url": "https://issues.chromium.org/issues/360274917", "reference_id": "360274917", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T20:21:02Z/" } ], "url": "https://issues.chromium.org/issues/360274917" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T20:21:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11113" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mv9m-jyjx-cfbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96072?format=api", "vulnerability_id": "VCID-n12n-mxuw-3ke8", "summary": "Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67534", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67609", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67574", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67607", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67621", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67598", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67585", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67533", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00539", "scoring_system": "epss", "scoring_elements": "0.67555", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3157" }, { "reference_url": "https://issues.chromium.org/issues/331237485", "reference_id": "331237485", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:09Z/" } ], "url": "https://issues.chromium.org/issues/331237485" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/", "reference_id": "5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5EW66LXDACTB5FCHLUPZOGD2KA2J62Q2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/", "reference_id": "EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EVEJEW7UCSUSK2J2FYQRZZPI74P2D3JP/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/", "reference_id": "NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:09Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NDHNEFD76ORM7WBWAEZT6HSYDMZVIED4/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-25T04:00:09Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3157" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n12n-mxuw-3ke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350960?format=api", "vulnerability_id": "VCID-n42w-7gws-n7dz", "summary": "Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5892.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5892.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5892", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5892" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5892", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5892" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456791", "reference_id": "2456791", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456791" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5892" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "6.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n42w-7gws-n7dz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47244?format=api", "vulnerability_id": "VCID-n4j3-th65-kyhu", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85873", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85795", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85813", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85818", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85836", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85846", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85859", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85855", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1283" }, { "reference_url": "https://issues.chromium.org/issues/41494860", "reference_id": "41494860", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/" } ], "url": "https://issues.chromium.org/issues/41494860" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE/", "reference_id": "KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KN32XXNHIR6KBS4BYQTZV2JQFN4D6ZSE/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE/", "reference_id": "WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:56:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSCIL2WH2L4R4KWSRCTDWBPAMOJIYBJE/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1283" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4j3-th65-kyhu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96369?format=api", "vulnerability_id": "VCID-n536-qxue-zkej", "summary": "Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7255", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69947", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69911", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69934", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69919", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69905", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.6987", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69847", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00616", "scoring_system": "epss", "scoring_elements": "0.69895", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7255" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7255", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7255" }, { "reference_url": "https://issues.chromium.org/issues/352872238", "reference_id": "352872238", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-02T14:44:45Z/" } ], "url": "https://issues.chromium.org/issues/352872238" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-02T14:44:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7255" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n536-qxue-zkej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64127?format=api", "vulnerability_id": "VCID-n5d6-9gwm-vkc7", "summary": "chromium-browser: Use after free in FedCM", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4680.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4680.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34093", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34024", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34057", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34056", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33989", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34124", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33984", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34026", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4680" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4680", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4680" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450568", "reference_id": "2450568", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450568" }, { "reference_url": "https://issues.chromium.org/issues/491869946", "reference_id": "491869946", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:49:16Z/" } ], "url": "https://issues.chromium.org/issues/491869946" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:49:16Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-4680" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5d6-9gwm-vkc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66586?format=api", "vulnerability_id": "VCID-n5xg-jepy-sbcx", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12727.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12727.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26311", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26397", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26406", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26359", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27217", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.2701", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00098", "scoring_system": "epss", "scoring_elements": "0.27079", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34768", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12727" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413858", "reference_id": "2413858", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413858" }, { "reference_url": "https://issues.chromium.org/issues/454485895", "reference_id": "454485895", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:41Z/" } ], "url": "https://issues.chromium.org/issues/454485895" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12727" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n5xg-jepy-sbcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96242?format=api", "vulnerability_id": "VCID-nc25-hahz-myek", "summary": "Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4950", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35334", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35296", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35353", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35283", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.354", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4950" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4950", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4950" }, { "reference_url": "https://issues.chromium.org/issues/40065403", "reference_id": "40065403", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-21T04:01:02Z/" } ], "url": "https://issues.chromium.org/issues/40065403" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-21T04:01:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/", "reference_id": "NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-21T04:01:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-21T04:01:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/", "reference_id": "WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-21T04:01:02Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4950" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nc25-hahz-myek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350945?format=api", "vulnerability_id": "VCID-nc2x-jyqw-8qa8", "summary": "Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34024", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5877" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456744", "reference_id": "2456744", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456744" }, { "reference_url": "https://issues.chromium.org/issues/333024273", "reference_id": "333024273", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:53:22Z/" } ], "url": "https://issues.chromium.org/issues/333024273" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-13T17:53:22Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5877" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nc2x-jyqw-8qa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350967?format=api", "vulnerability_id": "VCID-neem-fet6-pfdg", "summary": "Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5899.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5899.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5899", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02823", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17292", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17234", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17329", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17342", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5899" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5899", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5899" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456773", "reference_id": "2456773", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456773" }, { "reference_url": "https://issues.chromium.org/issues/474817168", "reference_id": "474817168", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:02:18Z/" } ], "url": "https://issues.chromium.org/issues/474817168" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:02:18Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5899" ], "risk_score": 3.6, "exploitability": "0.5", "weighted_severity": "7.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-neem-fet6-pfdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47284?format=api", "vulnerability_id": "VCID-nh48-1r8z-c3bs", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25971", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26069", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26024", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.25965", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26131", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26172", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2594", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.2606", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0448" }, { "reference_url": "https://issues.chromium.org/issues/377948403", "reference_id": "377948403", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:21:41Z/" } ], "url": "https://issues.chromium.org/issues/377948403" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:21:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0448" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nh48-1r8z-c3bs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96627?format=api", "vulnerability_id": "VCID-nku3-ejb7-e7av", "summary": "Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3069", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48171", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48132", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48107", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48118", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.4809", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48111", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48061", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48114", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00248", "scoring_system": "epss", "scoring_elements": "0.48109", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3069" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3069", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3069" }, { "reference_url": "https://issues.chromium.org/issues/40060076", "reference_id": "40060076", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:13Z/" } ], "url": "https://issues.chromium.org/issues/40060076" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:13Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3069" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nku3-ejb7-e7av" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350973?format=api", "vulnerability_id": "VCID-nmme-f7b2-qbcu", "summary": "Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03985", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04027", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05756", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07489", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456780", "reference_id": "2456780", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456780" }, { "reference_url": "https://issues.chromium.org/issues/483899628", "reference_id": "483899628", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:54:00Z/" } ], "url": "https://issues.chromium.org/issues/483899628" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-09T15:54:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5905" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmme-f7b2-qbcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96395?format=api", "vulnerability_id": "VCID-nmue-gwtf-vyc4", "summary": "Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9369", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30773", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30838", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30749", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30879", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30927", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30747", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00119", "scoring_system": "epss", "scoring_elements": "0.30805", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9369" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9369", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9369" }, { "reference_url": "https://issues.chromium.org/issues/368208152", "reference_id": "368208152", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:42:50Z/" } ], "url": "https://issues.chromium.org/issues/368208152" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T18:42:50Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9369" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nmue-gwtf-vyc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96431?format=api", "vulnerability_id": "VCID-npma-6cc2-gbbh", "summary": "Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16635", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16756", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16698", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16897", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16681", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16766", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1682", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10890" }, { "reference_url": "https://issues.chromium.org/issues/430336833", "reference_id": "430336833", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:06:38Z/" } ], "url": "https://issues.chromium.org/issues/430336833" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-09-24T17:06:38Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10890" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-npma-6cc2-gbbh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64647?format=api", "vulnerability_id": "VCID-nw39-3fus-fkbt", "summary": "chromium-browser: Inappropriate implementation in PictureInPicture", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2318.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08826", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0876", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08838", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2318" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2318", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2318" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439067", "reference_id": "2439067", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439067" }, { "reference_url": "https://issues.chromium.org/issues/363930141", "reference_id": "363930141", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:35:23Z/" } ], "url": "https://issues.chromium.org/issues/363930141" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:35:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2318" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nw39-3fus-fkbt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64332?format=api", "vulnerability_id": "VCID-nx9y-phy4-1bb8", "summary": "chromium-browser: Insufficient policy enforcement in PDF", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3939.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3939.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3939", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06918", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07665", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07751", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3939" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3939", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3939" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446873", "reference_id": "2446873", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446873" }, { "reference_url": "https://issues.chromium.org/issues/40058077", "reference_id": "40058077", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:16:54Z/" } ], "url": "https://issues.chromium.org/issues/40058077" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:16:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3939" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nx9y-phy4-1bb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64233?format=api", "vulnerability_id": "VCID-p2tt-caau-rya1", "summary": "chromium-browser: Stack buffer overflow in WebRTC", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4444.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4444.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4444", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20874", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20965", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20981", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20937", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21108", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20824", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20903", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4444" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4444", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4444" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449398", "reference_id": "2449398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449398" }, { "reference_url": "https://issues.chromium.org/issues/486349161", "reference_id": "486349161", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:00Z/" } ], "url": "https://issues.chromium.org/issues/486349161" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4444" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p2tt-caau-rya1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96135?format=api", "vulnerability_id": "VCID-p3ts-q4qw-1qch", "summary": "Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3841", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.5427", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54355", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54323", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.54276", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00311", "scoring_system": "epss", "scoring_elements": "0.543", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3841" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3841", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3841" }, { "reference_url": "https://issues.chromium.org/issues/330376742", "reference_id": "330376742", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://issues.chromium.org/issues/330376742" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T18:44:03Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3841" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p3ts-q4qw-1qch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96144?format=api", "vulnerability_id": "VCID-p3wp-rb44-7ygm", "summary": "Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32407", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32311", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32348", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32319", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3227", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32444", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3847" }, { "reference_url": "https://issues.chromium.org/issues/328690293", "reference_id": "328690293", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://issues.chromium.org/issues/328690293" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-07T17:48:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3847" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p3wp-rb44-7ygm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95934?format=api", "vulnerability_id": "VCID-par5-g7n2-pyct", "summary": "Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1938", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59876", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59857", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59873", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59852", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59838", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59787", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00387", "scoring_system": "epss", "scoring_elements": "0.59817", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1938" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1938", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1938" }, { "reference_url": "https://issues.chromium.org/issues/324596281", "reference_id": "324596281", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-01T18:38:49Z/" } ], "url": "https://issues.chromium.org/issues/324596281" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/", "reference_id": "FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-01T18:38:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FGWSP5MIK7CDWJQHN2SJJX2YGSSS7E4O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/", "reference_id": "L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-01T18:38:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L6KJCEJWJR5Z54Z75LRJGELDNMFDKLZG/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-01T18:38:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_27.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/", "reference_id": "YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-01T18:38:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YTGM2WHYSZAUUPENB7YO6E5ONAKE6AKJ/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1938" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-par5-g7n2-pyct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65162?format=api", "vulnerability_id": "VCID-pc5u-qka6-mqft", "summary": "chromium-browser: Insufficient policy enforcement in Network", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0905.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0905.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09335", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09281", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09421", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09434", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09405", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09391", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09385", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09297", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09373", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431123", "reference_id": "2431123", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431123" }, { "reference_url": "https://issues.chromium.org/issues/465466773", "reference_id": "465466773", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-20T14:41:12Z/" } ], "url": "https://issues.chromium.org/issues/465466773" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-01-20T14:41:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0905" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pc5u-qka6-mqft" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34522?format=api", "vulnerability_id": "VCID-pcjq-3qj5-zbbq", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28162", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.2825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28207", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28149", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.283", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28344", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28135", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28201", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28243", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10502" }, { "reference_url": "https://issues.chromium.org/issues/438038775", "reference_id": "438038775", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-25T03:55:54Z/" } ], "url": "https://issues.chromium.org/issues/438038775" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-25T03:55:54Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10502" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcjq-3qj5-zbbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64231?format=api", "vulnerability_id": "VCID-pcs2-h7um-auga", "summary": "chromium-browser: Out of bounds write in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4450.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4450.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28035", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27887", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27938", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27979", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27937", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27878", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28077", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27872", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4450" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449396", "reference_id": "2449396", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449396" }, { "reference_url": "https://issues.chromium.org/issues/487746373", "reference_id": "487746373", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:40Z/" } ], "url": "https://issues.chromium.org/issues/487746373" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:40Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4450" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pcs2-h7um-auga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96404?format=api", "vulnerability_id": "VCID-pekh-tzgu-uqgd", "summary": "Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9961", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60561", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60582", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60499", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60526", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60544", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9961" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9961", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9961" }, { "reference_url": "https://issues.chromium.org/issues/357776197", "reference_id": "357776197", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:51:35Z/" } ], "url": "https://issues.chromium.org/issues/357776197" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:51:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9961" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pekh-tzgu-uqgd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96292?format=api", "vulnerability_id": "VCID-pevd-19t4-2qcm", "summary": "Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79802", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79734", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79741", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.7977", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79777", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79799", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79783", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01307", "scoring_system": "epss", "scoring_elements": "0.79775", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5499" }, { "reference_url": "https://issues.chromium.org/issues/339877167", "reference_id": "339877167", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-31T16:16:21Z/" } ], "url": "https://issues.chromium.org/issues/339877167" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-31T16:16:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-31T16:16:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-05-31T16:16:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5499" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pevd-19t4-2qcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47526?format=api", "vulnerability_id": "VCID-pff7-gknz-cfeg", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74938", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74961", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.7493", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74891", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74919", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74893", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00853", "scoring_system": "epss", "scoring_elements": "0.74926", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7966" }, { "reference_url": "https://issues.chromium.org/issues/355465305", "reference_id": "355465305", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:23Z/" } ], "url": "https://issues.chromium.org/issues/355465305" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-27T03:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7966" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pff7-gknz-cfeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64130?format=api", "vulnerability_id": "VCID-pg29-vrqh-pka8", "summary": "chromium-browser: Use after free in Dawn", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4676.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4676.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4676", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30636", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30701", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30655", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30611", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30665", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4676" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4676", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4676" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450571", "reference_id": "2450571", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450571" }, { "reference_url": "https://issues.chromium.org/issues/488613135", "reference_id": "488613135", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:53Z/" } ], "url": "https://issues.chromium.org/issues/488613135" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" } ], "aliases": [ "CVE-2026-4676" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pg29-vrqh-pka8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34534?format=api", "vulnerability_id": "VCID-pg9a-gjuw-kfcg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11213", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23436", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23506", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23532", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23555", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23478", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24313", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26233", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11213" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11213", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11213" }, { "reference_url": "https://issues.chromium.org/issues/443408317", "reference_id": "443408317", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T15:00:19Z/" } ], "url": "https://issues.chromium.org/issues/443408317" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T15:00:19Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11213" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pg9a-gjuw-kfcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64129?format=api", "vulnerability_id": "VCID-pgw2-3qy2-5ban", "summary": "chromium-browser: Heap buffer overflow in WebGL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4675.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4675.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22113", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22139", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22194", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22058", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4675" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450570", "reference_id": "2450570", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450570" }, { "reference_url": "https://issues.chromium.org/issues/488270257", "reference_id": "488270257", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:46Z/" } ], "url": "https://issues.chromium.org/issues/488270257" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-4675" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgw2-3qy2-5ban" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64381?format=api", "vulnerability_id": "VCID-pmf2-vmfr-fkar", "summary": "chromium-browser: Inappropriate implementation in WebAudio", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3540.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3540.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3540", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22568", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22526", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23795", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23868", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23884", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23783", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23751", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23821", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3540" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3540", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3540" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444612", "reference_id": "2444612", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444612" }, { "reference_url": "https://issues.chromium.org/issues/484088917", "reference_id": "484088917", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:57Z/" } ], "url": "https://issues.chromium.org/issues/484088917" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3540" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmf2-vmfr-fkar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64132?format=api", "vulnerability_id": "VCID-pmwr-4j1v-s7gu", "summary": "chromium-browser: Out of bounds read in WebAudio", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4677.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4677.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4677", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23552", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23622", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23596", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2354", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23725", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23505", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23576", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4677" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450573", "reference_id": "2450573", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450573" }, { "reference_url": "https://issues.chromium.org/issues/490533968", "reference_id": "490533968", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:48:00Z/" } ], "url": "https://issues.chromium.org/issues/490533968" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:48:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" } ], "aliases": [ "CVE-2026-4677" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pmwr-4j1v-s7gu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95926?format=api", "vulnerability_id": "VCID-pqrn-hm1a-mudt", "summary": "Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94976", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94958", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94963", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94965", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94968", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94943", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94945", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94946", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.16918", "scoring_system": "epss", "scoring_elements": "0.94955", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12382" }, { "reference_url": "https://issues.chromium.org/issues/379516109", "reference_id": "379516109", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:59:02Z/" } ], "url": "https://issues.chromium.org/issues/379516109" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-12T17:59:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12382" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pqrn-hm1a-mudt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47556?format=api", "vulnerability_id": "VCID-psgp-p8nd-wkcg", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31073", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31123", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3113", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31086", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31042", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3117", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31217", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31037", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31093", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9603" }, { "reference_url": "https://issues.chromium.org/issues/367818758", "reference_id": "367818758", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T16:03:30Z/" } ], "url": "https://issues.chromium.org/issues/367818758" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html", "reference_id": "stable-channel-update-for-desktop_8.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T16:03:30Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9603" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psgp-p8nd-wkcg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66463?format=api", "vulnerability_id": "VCID-psry-wjkx-s7ha", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13228.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13228.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13228", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22197", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13228" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13228", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13228" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415521", "reference_id": "2415521", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415521" }, { "reference_url": "https://issues.chromium.org/issues/446124893", "reference_id": "446124893", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:29Z/" } ], "url": "https://issues.chromium.org/issues/446124893" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:29Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13228" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-psry-wjkx-s7ha" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64128?format=api", "vulnerability_id": "VCID-ptwz-uax5-mqbq", "summary": "chromium-browser: Heap buffer overflow in WebAudio", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4673.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4673.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4673", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25917", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25764", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25859", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25818", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25762", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25959", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25725", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25797", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4673" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4673", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4673" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450569", "reference_id": "2450569", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450569" }, { "reference_url": "https://issues.chromium.org/issues/485397284", "reference_id": "485397284", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:27Z/" } ], "url": "https://issues.chromium.org/issues/485397284" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:47:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" } ], "aliases": [ "CVE-2026-4673" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptwz-uax5-mqbq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64645?format=api", "vulnerability_id": "VCID-pu1d-mahg-wqd3", "summary": "chromium-browser: Inappropriate implementation in File input", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2320.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2320.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08864", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08862", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08826", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0876", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08838", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2320" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2320" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439062", "reference_id": "2439062", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439062" }, { "reference_url": "https://issues.chromium.org/issues/435684924", "reference_id": "435684924", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:10:53Z/" } ], "url": "https://issues.chromium.org/issues/435684924" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-12T15:10:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2320" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pu1d-mahg-wqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63896?format=api", "vulnerability_id": "VCID-pvbx-j8j1-dkb3", "summary": "chromium-browser: Use after free in Web MIDI", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5278.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5278.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5278", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2175", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21848", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21808", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21702", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5278" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5278", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5278" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453687", "reference_id": "2453687", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453687" }, { "reference_url": "https://issues.chromium.org/issues/490254128", "reference_id": "490254128", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:25:55Z/" } ], "url": "https://issues.chromium.org/issues/490254128" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:25:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5278" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvbx-j8j1-dkb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47481?format=api", "vulnerability_id": "VCID-pw2a-xfa9-cqec", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45698", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45749", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.457", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45691", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45721", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45699", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45702", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00229", "scoring_system": "epss", "scoring_elements": "0.45647", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57969", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5833" }, { "reference_url": "https://issues.chromium.org/issues/342602616", "reference_id": "342602616", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:54Z/" } ], "url": "https://issues.chromium.org/issues/342602616" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:54Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-14T03:55:54Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5833" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pw2a-xfa9-cqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96407?format=api", "vulnerability_id": "VCID-px8h-mbzf-ryc7", "summary": "Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9964", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40303", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.403", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40313", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40275", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40289", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40314", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40236", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9964" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9964", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9964" }, { "reference_url": "https://issues.chromium.org/issues/361711121", "reference_id": "361711121", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:42:27Z/" } ], "url": "https://issues.chromium.org/issues/361711121" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:42:27Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9964" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-px8h-mbzf-ryc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350982?format=api", "vulnerability_id": "VCID-pxwn-s2wc-y3fu", "summary": "Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5914.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5914.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04203", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04227", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04242", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06196", "published_at": "2026-04-16T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00764", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5914" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456736", "reference_id": "2456736", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456736" }, { "reference_url": "https://issues.chromium.org/issues/490023239", "reference_id": "490023239", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T14:51:33Z/" } ], "url": "https://issues.chromium.org/issues/490023239" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T14:51:33Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5914" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxwn-s2wc-y3fu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47263?format=api", "vulnerability_id": "VCID-q1wx-zn49-cuhe", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31836", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31874", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31878", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31804", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31931", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31973", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31792", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31845", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11116" }, { "reference_url": "https://issues.chromium.org/issues/40942531", "reference_id": "40942531", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:21:35Z/" } ], "url": "https://issues.chromium.org/issues/40942531" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:21:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11116" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q1wx-zn49-cuhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47477?format=api", "vulnerability_id": "VCID-q2nv-zepw-sydc", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5160", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60217", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.6013", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60155", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60125", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60175", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60189", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.6021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60196", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00392", "scoring_system": "epss", "scoring_elements": "0.60178", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5160" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5160", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5160" }, { "reference_url": "https://issues.chromium.org/issues/338161969", "reference_id": "338161969", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:14Z/" } ], "url": "https://issues.chromium.org/issues/338161969" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/", "reference_id": "5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/", "reference_id": "FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T04:00:14Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5160" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q2nv-zepw-sydc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63899?format=api", "vulnerability_id": "VCID-q45n-pmfj-f7ae", "summary": "chromium-browser: Use after free in WebGL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5285.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5285.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5285", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2175", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21848", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21808", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21702", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5285" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5285", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5285" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453691", "reference_id": "2453691", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453691" }, { "reference_url": "https://issues.chromium.org/issues/492228019", "reference_id": "492228019", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:44:59Z/" } ], "url": "https://issues.chromium.org/issues/492228019" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:44:59Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5285" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q45n-pmfj-f7ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96399?format=api", "vulnerability_id": "VCID-q556-3p3g-nfcw", "summary": "Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9955", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96592", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96594", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96596", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96599", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96576", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96581", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.29371", "scoring_system": "epss", "scoring_elements": "0.96584", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9955" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9955", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9955" }, { "reference_url": "https://issues.chromium.org/issues/370133761", "reference_id": "370133761", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:45:21Z/" } ], "url": "https://issues.chromium.org/issues/370133761" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:45:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9955" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q556-3p3g-nfcw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96078?format=api", "vulnerability_id": "VCID-q5wc-fus7-c3by", "summary": "Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3171", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77918", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77871", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77898", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77882", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77881", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77829", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77857", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77839", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01085", "scoring_system": "epss", "scoring_elements": "0.77866", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3171" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3171", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3171" }, { "reference_url": "https://issues.chromium.org/issues/41483350", "reference_id": "41483350", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-18T14:20:35Z/" } ], "url": "https://issues.chromium.org/issues/41483350" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-18T14:20:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3171" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q5wc-fus7-c3by" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350938?format=api", "vulnerability_id": "VCID-q6cv-xwf7-aub3", "summary": "Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5870.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5870.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5870", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5870" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5870", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5870" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456802", "reference_id": "2456802", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456802" }, { "reference_url": "https://issues.chromium.org/issues/495534710", "reference_id": "495534710", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:51Z/" } ], "url": "https://issues.chromium.org/issues/495534710" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:51Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5870" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q6cv-xwf7-aub3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350948?format=api", "vulnerability_id": "VCID-q8kf-7mg7-u3bp", "summary": "Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5880.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5880.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5880", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0719", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09366", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5880" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5880", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5880" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456803", "reference_id": "2456803", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456803" }, { "reference_url": "https://issues.chromium.org/issues/424995036", "reference_id": "424995036", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:55:23Z/" } ], "url": "https://issues.chromium.org/issues/424995036" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5880" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q8kf-7mg7-u3bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64385?format=api", "vulnerability_id": "VCID-q9s6-cceb-yfak", "summary": "chromium-browser: Integer overflow in Skia", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3538.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25072", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25141", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25156", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25114", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25061", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25028", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25097", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3538" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3538", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3538" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444617", "reference_id": "2444617", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444617" }, { "reference_url": "https://issues.chromium.org/issues/484983991", "reference_id": "484983991", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:56Z/" } ], "url": "https://issues.chromium.org/issues/484983991" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-05T04:55:56Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3538" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q9s6-cceb-yfak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96845?format=api", "vulnerability_id": "VCID-qb26-d55m-yqe6", "summary": "Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6191", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23685", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23578", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23623", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2364", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23598", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23541", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23726", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23507", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37662", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6191" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6191", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6191" }, { "reference_url": "https://issues.chromium.org/issues/420697404", "reference_id": "420697404", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:09Z/" } ], "url": "https://issues.chromium.org/issues/420697404" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:09Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6191" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb26-d55m-yqe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51278?format=api", "vulnerability_id": "VCID-qb3b-usf4-kfbr", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0814", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32274", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32367", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32404", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32229", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32277", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32307", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32308", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.3227", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00129", "scoring_system": "epss", "scoring_elements": "0.32238", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0814" }, { "reference_url": "https://crbug.com/1463935", "reference_id": "1463935", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:12Z/" } ], "url": "https://crbug.com/1463935" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T17:35:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0814" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qb3b-usf4-kfbr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47497?format=api", "vulnerability_id": "VCID-qdnt-cuvg-nke1", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5846", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.6532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65346", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.6531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65373", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65379", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65351", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5846" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5846", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5846" }, { "reference_url": "https://issues.chromium.org/issues/341095523", "reference_id": "341095523", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:43:31Z/" } ], "url": "https://issues.chromium.org/issues/341095523" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:43:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:43:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:43:31Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5846" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qdnt-cuvg-nke1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64502?format=api", "vulnerability_id": "VCID-qfc8-4g67-q7hv", "summary": "chromium-browser: Integer overflow in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2649.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2649.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2649", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09366", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09313", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09449", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09462", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09435", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09419", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09416", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09327", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09401", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2649" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2649", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2649" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440795", "reference_id": "2440795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440795" }, { "reference_url": "https://issues.chromium.org/issues/481074858", "reference_id": "481074858", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-19T04:55:52Z/" } ], "url": "https://issues.chromium.org/issues/481074858" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-19T04:55:52Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2649" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qfc8-4g67-q7hv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34514?format=api", "vulnerability_id": "VCID-qff9-euj8-u7f4", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2355", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23509", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23455", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23597", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23634", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23413", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23484", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23533", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8901" }, { "reference_url": "https://issues.chromium.org/issues/435139154", "reference_id": "435139154", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T18:38:41Z/" } ], "url": "https://issues.chromium.org/issues/435139154" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T18:38:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8901" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qff9-euj8-u7f4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47545?format=api", "vulnerability_id": "VCID-qg9m-wgwn-k7gt", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8194", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30317", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30321", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30277", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.3023", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.3036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30407", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30223", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00116", "scoring_system": "epss", "scoring_elements": "0.30282", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8194" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8194", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8194" }, { "reference_url": "https://issues.chromium.org/issues/360533914", "reference_id": "360533914", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-29T13:13:45Z/" } ], "url": "https://issues.chromium.org/issues/360533914" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-29T13:13:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8194" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qg9m-wgwn-k7gt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350978?format=api", "vulnerability_id": "VCID-qgys-h6hm-z3es", "summary": "Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5910.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5910.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24875", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5910" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456785", "reference_id": "2456785", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456785" }, { "reference_url": "https://issues.chromium.org/issues/485212874", "reference_id": "485212874", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:11:08Z/" } ], "url": "https://issues.chromium.org/issues/485212874" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:11:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5910" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgys-h6hm-z3es" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96466?format=api", "vulnerability_id": "VCID-qgzt-t6p5-63ej", "summary": "Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12728", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17109", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17299", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17229", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17278", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17749", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18048", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17836", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31161", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12728" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12728", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12728" }, { "reference_url": "https://issues.chromium.org/issues/452392032", "reference_id": "452392032", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:27:23Z/" } ], "url": "https://issues.chromium.org/issues/452392032" }, { "reference_url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:27:23Z/" } ], "url": "https://chromereleases.googleblog.com/2025/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12728" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qgzt-t6p5-63ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96664?format=api", "vulnerability_id": "VCID-qm7e-jszf-nyhc", "summary": "Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3620", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47861", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47796", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47821", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47807", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47778", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47797", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.47746", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00245", "scoring_system": "epss", "scoring_elements": "0.478", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3620" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3620", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3620" }, { "reference_url": "https://issues.chromium.org/issues/405292639", "reference_id": "405292639", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:36:37Z/" } ], "url": "https://issues.chromium.org/issues/405292639" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-17T13:36:37Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3620" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qm7e-jszf-nyhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64226?format=api", "vulnerability_id": "VCID-qp85-t2sn-jbf2", "summary": "chromium-browser: Integer overflow in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4452.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4452.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4452", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23858", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23728", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23804", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23818", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23774", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23717", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23687", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23757", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4452" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4452", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4452" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449388", "reference_id": "2449388", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449388" }, { "reference_url": "https://issues.chromium.org/issues/487977696", "reference_id": "487977696", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:34Z/" } ], "url": "https://issues.chromium.org/issues/487977696" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4452" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qp85-t2sn-jbf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66602?format=api", "vulnerability_id": "VCID-qy3c-5519-gbga", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12428.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12428.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12428", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1684", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.17035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1701", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16963", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16904", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17775", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17503", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17591", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17728", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12428" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12428", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12428" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413874", "reference_id": "2413874", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413874" }, { "reference_url": "https://issues.chromium.org/issues/447613211", "reference_id": "447613211", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:44Z/" } ], "url": "https://issues.chromium.org/issues/447613211" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-11T04:55:44Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12428" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qy3c-5519-gbga" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96950?format=api", "vulnerability_id": "VCID-qzrp-z4g2-yyhp", "summary": "Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8580", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16808", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16595", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.1668", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.16714", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18019", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18069", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.17961", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8580" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8580", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8580" }, { "reference_url": "https://issues.chromium.org/issues/411544197", "reference_id": "411544197", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:30:08Z/" } ], "url": "https://issues.chromium.org/issues/411544197" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:30:08Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8580" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qzrp-z4g2-yyhp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350970?format=api", "vulnerability_id": "VCID-r1c5-16y9-bugq", "summary": "Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5902.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5902.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5902", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09157", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09158", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09125", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09111", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26647", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5902" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5902", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5902" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456746", "reference_id": "2456746", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456746" }, { "reference_url": "https://issues.chromium.org/issues/483109205", "reference_id": "483109205", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:12:38Z/" } ], "url": "https://issues.chromium.org/issues/483109205" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2026-04-13T18:12:38Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5902" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r1c5-16y9-bugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63893?format=api", "vulnerability_id": "VCID-r2b4-pdwz-ybae", "summary": "chromium-browser: Inappropriate implementation in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02079", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.02073", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02547", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02527", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02516", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02515", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02521", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02526", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5283" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453681", "reference_id": "2453681", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453681" }, { "reference_url": "https://issues.chromium.org/issues/492131521", "reference_id": "492131521", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T13:56:03Z/" } ], "url": "https://issues.chromium.org/issues/492131521" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T13:56:03Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-5283" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r2b4-pdwz-ybae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34532?format=api", "vulnerability_id": "VCID-r942-9k4r-9qay", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11211.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11211.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11211", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09093", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09174", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09204", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09206", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09175", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09161", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00033", "scoring_system": "epss", "scoring_elements": "0.09565", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11201", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11211" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11211", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11211" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413257", "reference_id": "2413257", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413257" }, { "reference_url": "https://issues.chromium.org/issues/441917796", "reference_id": "441917796", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:06:28Z/" } ], "url": "https://issues.chromium.org/issues/441917796" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:06:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11211" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r942-9k4r-9qay" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96241?format=api", "vulnerability_id": "VCID-r9ek-1qag-xfh6", "summary": "Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4949", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48546", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48599", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48563", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48517", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48491", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48542", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48549", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48536", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4949" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4949", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4949" }, { "reference_url": "https://issues.chromium.org/issues/326607001", "reference_id": "326607001", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:48:34Z/" } ], "url": "https://issues.chromium.org/issues/326607001" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:48:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/", "reference_id": "NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:48:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:48:34Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/", "reference_id": "WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-16T17:48:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4949" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r9ek-1qag-xfh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47498?format=api", "vulnerability_id": "VCID-rbbc-r1cu-pqfn", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5847", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65387", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.6532", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65346", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.6531", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65373", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65392", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65379", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00485", "scoring_system": "epss", "scoring_elements": "0.65351", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5847" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5847", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5847" }, { "reference_url": "https://issues.chromium.org/issues/341313077", "reference_id": "341313077", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:44:08Z/" } ], "url": "https://issues.chromium.org/issues/341313077" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:44:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:44:08Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:44:08Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5847" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rbbc-r1cu-pqfn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34539?format=api", "vulnerability_id": "VCID-rhjp-frwe-k7dq", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10716", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10791", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10848", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10861", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10805", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11499", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1144", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13099", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11458" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413261", "reference_id": "2413261", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413261" }, { "reference_url": "https://issues.chromium.org/issues/443196747", "reference_id": "443196747", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:18Z/" } ], "url": "https://issues.chromium.org/issues/443196747" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:18Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11458" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rhjp-frwe-k7dq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96403?format=api", "vulnerability_id": "VCID-rjde-qv1n-mbdc", "summary": "Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9960", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60587", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60561", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60582", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60567", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60546", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60499", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60526", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60495", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60544", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9960" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9960", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9960" }, { "reference_url": "https://issues.chromium.org/issues/354748063", "reference_id": "354748063", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:55:46Z/" } ], "url": "https://issues.chromium.org/issues/354748063" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:55:46Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9960" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rjde-qv1n-mbdc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96426?format=api", "vulnerability_id": "VCID-rmeb-2jks-muh5", "summary": "Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1006", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.5602", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56022", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56001", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55984", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55957", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.55979", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56008", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0033", "scoring_system": "epss", "scoring_elements": "0.56011", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1006" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1006" }, { "reference_url": "https://issues.chromium.org/issues/390590778", "reference_id": "390590778", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:09:20Z/" } ], "url": "https://issues.chromium.org/issues/390590778" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:09:20Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1006" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmeb-2jks-muh5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66599?format=api", "vulnerability_id": "VCID-rmh9-tsfc-bufv", "summary": "chromium-browser: Object lifecycle issue in Media", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12430.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12430.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12430", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11002", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11186", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11195", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11163", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00037", "scoring_system": "epss", "scoring_elements": "0.11137", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11785", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11568", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11654", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11741", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12430" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12430", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12430" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413853", "reference_id": "2413853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413853" }, { "reference_url": "https://issues.chromium.org/issues/442860743", "reference_id": "442860743", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:05:29Z/" } ], "url": "https://issues.chromium.org/issues/442860743" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:05:29Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12430" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rmh9-tsfc-bufv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47506?format=api", "vulnerability_id": "VCID-rs1x-2m11-y7bf", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6994", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72743", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72704", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72727", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.7271", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.727", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72656", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72674", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72652", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00732", "scoring_system": "epss", "scoring_elements": "0.72691", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6994" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6994", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6994" }, { "reference_url": "https://issues.chromium.org/issues/339686368", "reference_id": "339686368", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:35:20Z/" } ], "url": "https://issues.chromium.org/issues/339686368" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:35:20Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6994" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rs1x-2m11-y7bf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64235?format=api", "vulnerability_id": "VCID-rs5v-j4mp-bqdd", "summary": "chromium-browser: Heap buffer overflow in WebAudio", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4443.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4443.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4443", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22726", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22622", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22687", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22665", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22608", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.2277", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22559", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22635", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4443" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4443", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4443" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449401", "reference_id": "2449401", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449401" }, { "reference_url": "https://issues.chromium.org/issues/485292589", "reference_id": "485292589", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:05Z/" } ], "url": "https://issues.chromium.org/issues/485292589" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:05Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4443" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rs5v-j4mp-bqdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96626?format=api", "vulnerability_id": "VCID-rs7n-jww2-k7fa", "summary": "Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3068", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52453", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52442", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52427", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52413", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.5235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52344", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52397", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52392", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3068" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3068", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3068" }, { "reference_url": "https://issues.chromium.org/issues/401823929", "reference_id": "401823929", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:11Z/" } ], "url": "https://issues.chromium.org/issues/401823929" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:11Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3068" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rs7n-jww2-k7fa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51280?format=api", "vulnerability_id": "VCID-rt4q-wt24-s3bb", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1059", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.7199", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71913", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71932", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71908", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71947", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71959", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71966", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00698", "scoring_system": "epss", "scoring_elements": "0.71949", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1059" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1059", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1059" }, { "reference_url": "https://crbug.com/1514777", "reference_id": "1514777", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:34Z/" } ], "url": "https://crbug.com/1514777" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/", "reference_id": "NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NEUXJY3YC3VGIJW2AOHL4NZ7ZK7BRYWY/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:34Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/", "reference_id": "XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCVKRHRWPMITSVFBHQBSNXOVJAKT547Q/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1059" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rt4q-wt24-s3bb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64501?format=api", "vulnerability_id": "VCID-rtnu-jasm-4fc1", "summary": "chromium-browser: Heap buffer overflow in PDFium", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2648.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2648.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2648", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10194", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10135", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10291", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10322", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10281", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10262", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10257", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10228", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2648" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2648", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2648" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440791", "reference_id": "2440791", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2440791" }, { "reference_url": "https://issues.chromium.org/issues/477033835", "reference_id": "477033835", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-19T04:55:54Z/" } ], "url": "https://issues.chromium.org/issues/477033835" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-19T04:55:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2648" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rtnu-jasm-4fc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47515?format=api", "vulnerability_id": "VCID-rw7g-2nce-4qe4", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7004", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22152", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22234", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22253", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22212", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22151", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2227", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22098", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.2218", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7004" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7004", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7004" }, { "reference_url": "https://issues.chromium.org/issues/40063014", "reference_id": "40063014", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T17:36:40Z/" } ], "url": "https://issues.chromium.org/issues/40063014" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-08T17:36:40Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7004" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rw7g-2nce-4qe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59109?format=api", "vulnerability_id": "VCID-rz47-7yc6-2ybw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4331", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78563", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78636", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78606", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78614", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78632", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78602", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78576", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01163", "scoring_system": "epss", "scoring_elements": "0.78595", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4331" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4331" }, { "reference_url": "https://issues.chromium.org/issues/335003891", "reference_id": "335003891", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://issues.chromium.org/issues/335003891" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/", "reference_id": "IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6/", "reference_id": "L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/", "reference_id": "LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4331" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rz47-7yc6-2ybw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96343?format=api", "vulnerability_id": "VCID-rzcc-kwub-43f5", "summary": "Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68144", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68162", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68139", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68191", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68206", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68231", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68217", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00557", "scoring_system": "epss", "scoring_elements": "0.68184", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6103" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6103", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6103" }, { "reference_url": "https://issues.chromium.org/issues/344639860", "reference_id": "344639860", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T14:29:53Z/" } ], "url": "https://issues.chromium.org/issues/344639860" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/", "reference_id": "6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T14:29:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6HYUEHZ35ZPY2EONVZCGO6LPT3AMLZCP/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T14:29:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_18.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/", "reference_id": "U5NRNCEYS246CYGOR32MF7OGKWOWER22", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-20T14:29:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5NRNCEYS246CYGOR32MF7OGKWOWER22/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6103" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzcc-kwub-43f5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350966?format=api", "vulnerability_id": "VCID-rzdc-3uut-byhc", "summary": "Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5898.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5898.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5898", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5898" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5898", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5898" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457217", "reference_id": "2457217", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457217" }, { "reference_url": "https://issues.chromium.org/issues/470295118", "reference_id": "470295118", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:01:05Z/" } ], "url": "https://issues.chromium.org/issues/470295118" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:01:05Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5898" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzdc-3uut-byhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47522?format=api", "vulnerability_id": "VCID-rzpj-7mb5-cudf", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7536", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57536", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57535", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57551", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.5753", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57509", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.5748", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57502", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57479", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57531", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7536" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7536", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7536" }, { "reference_url": "https://issues.chromium.org/issues/354847246", "reference_id": "354847246", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T20:36:54Z/" } ], "url": "https://issues.chromium.org/issues/354847246" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T20:36:54Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7536" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzpj-7mb5-cudf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47538?format=api", "vulnerability_id": "VCID-rzrj-bph9-1qe9", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7979", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03846", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03942", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.0391", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03893", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03866", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03888", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03897", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03912", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03917", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7979" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7979", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7979" }, { "reference_url": "https://issues.chromium.org/issues/356064205", "reference_id": "356064205", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T14:38:59Z/" } ], "url": "https://issues.chromium.org/issues/356064205" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T14:38:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7979" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzrj-bph9-1qe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64387?format=api", "vulnerability_id": "VCID-rzsj-3prf-yfhj", "summary": "chromium-browser: Object lifecycle issue in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3539.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3539", "reference_id": "", "reference_type": "", "scores": [ { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.0071", "published_at": "2026-04-02T12:55:00Z" }, { "value": "8e-05", "scoring_system": "epss", "scoring_elements": "0.00707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00797", "published_at": "2026-04-13T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00812", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00809", "published_at": "2026-04-09T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00802", "published_at": "2026-04-11T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00796", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00808", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3539" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3539", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3539" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444620", "reference_id": "2444620", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2444620" }, { "reference_url": "https://issues.chromium.org/issues/483853098", "reference_id": "483853098", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T20:08:53Z/" } ], "url": "https://issues.chromium.org/issues/483853098" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-04T20:08:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3539" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rzsj-3prf-yfhj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64445?format=api", "vulnerability_id": "VCID-s341-a9t6-xufu", "summary": "chromium-browser: Inappropriate implementation in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3063.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3063.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3063", "reference_id": "", "reference_type": "", "scores": [ { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0042", "published_at": "2026-04-02T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00398", "published_at": "2026-04-16T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.0041", "published_at": "2026-04-09T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00408", "published_at": "2026-04-11T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00405", "published_at": "2026-04-12T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00403", "published_at": "2026-04-13T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00419", "published_at": "2026-04-04T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00412", "published_at": "2026-04-07T12:55:00Z" }, { "value": "6e-05", "scoring_system": "epss", "scoring_elements": "0.00409", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3063" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442074", "reference_id": "2442074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442074" }, { "reference_url": "https://issues.chromium.org/issues/485287859", "reference_id": "485287859", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:34Z/" } ], "url": "https://issues.chromium.org/issues/485287859" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:34Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3063" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s341-a9t6-xufu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/76356?format=api", "vulnerability_id": "VCID-s3jn-6gnf-wfhr", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4947.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4947.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4947", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51309", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52107", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52099", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00287", "scoring_system": "epss", "scoring_elements": "0.52134", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58106", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58119", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58095", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58075", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4947" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4947", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4947" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281874", "reference_id": "2281874", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281874" }, { "reference_url": "https://issues.chromium.org/issues/340221135", "reference_id": "340221135", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-23T20:01:07Z/" } ], "url": "https://issues.chromium.org/issues/340221135" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-23T20:01:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/", "reference_id": "NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-23T20:01:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-23T20:01:07Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/", "reference_id": "WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2024-05-23T20:01:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4947" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s3jn-6gnf-wfhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59081?format=api", "vulnerability_id": "VCID-s6qu-s7m7-xyer", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2174", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32454", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32405", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.3248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32484", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32446", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32419", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32546", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32581", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2174" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2174", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2174" }, { "reference_url": "https://issues.chromium.org/issues/325866363", "reference_id": "325866363", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:27:11Z/" } ], "url": "https://issues.chromium.org/issues/325866363" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/", "reference_id": "OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:27:11Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OYEGSHTMXIPXD5OW5CXVWQS3ZUBCBSXG/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-28T14:27:11Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2174" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s6qu-s7m7-xyer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47474?format=api", "vulnerability_id": "VCID-s7ew-m1ae-wfgh", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5157", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72339", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72258", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72278", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72254", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72292", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72305", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72327", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72311", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00713", "scoring_system": "epss", "scoring_elements": "0.72297", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5157" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5157", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5157" }, { "reference_url": "https://issues.chromium.org/issues/336012573", "reference_id": "336012573", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/" } ], "url": "https://issues.chromium.org/issues/336012573" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/", "reference_id": "5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5KEVD4433KTOCYY6V4I7MMYKQ6URUS4L/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/", "reference_id": "FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FX6IYZ6XF7B2WE66NFPNI2NHWJFI6VDF/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-29T14:18:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5157" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7ew-m1ae-wfgh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96462?format=api", "vulnerability_id": "VCID-sb7m-7d3y-j7ca", "summary": "Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17541", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17595", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17646", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17674", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17691", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18258", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.1855", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18341", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12435" }, { "reference_url": "https://issues.chromium.org/issues/446463993", "reference_id": "446463993", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:55:32Z/" } ], "url": "https://issues.chromium.org/issues/446463993" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:55:32Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12435" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sb7m-7d3y-j7ca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96384?format=api", "vulnerability_id": "VCID-sb9t-4vjy-fbb7", "summary": "Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7970", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48845", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48814", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48788", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48796", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48766", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.48745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00254", "scoring_system": "epss", "scoring_elements": "0.488", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7970" }, { "reference_url": "https://issues.chromium.org/issues/358485426", "reference_id": "358485426", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-04T13:55:35Z/" } ], "url": "https://issues.chromium.org/issues/358485426" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-04T13:55:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7970" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sb9t-4vjy-fbb7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96507?format=api", "vulnerability_id": "VCID-sbba-7wah-s3dm", "summary": "Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.296", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29648", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29469", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29571", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00152", "scoring_system": "epss", "scoring_elements": "0.35894", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54886", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00318", "scoring_system": "epss", "scoring_elements": "0.54924", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1919" }, { "reference_url": "https://issues.chromium.org/issues/392375312", "reference_id": "392375312", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:13Z/" } ], "url": "https://issues.chromium.org/issues/392375312" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-06T04:55:13Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1919" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sbba-7wah-s3dm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96624?format=api", "vulnerability_id": "VCID-scf9-tqkj-pkbk", "summary": "Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00328", "scoring_system": "epss", "scoring_elements": "0.55698", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60231", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60263", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60281", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60295", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60316", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00393", "scoring_system": "epss", "scoring_elements": "0.60302", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60734", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00401", "scoring_system": "epss", "scoring_elements": "0.60777", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3066" }, { "reference_url": "https://issues.chromium.org/issues/405140652", "reference_id": "405140652", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:17Z/" } ], "url": "https://issues.chromium.org/issues/405140652" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3066" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-scf9-tqkj-pkbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64316?format=api", "vulnerability_id": "VCID-sfc1-6x1b-4bbk", "summary": "chromium-browser: Incorrect security UI in PictureInPicture", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3942.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3942.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3942", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08073", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08096", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08817", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3942" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3942", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3942" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446852", "reference_id": "2446852", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446852" }, { "reference_url": "https://issues.chromium.org/issues/475238879", "reference_id": "475238879", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:32:53Z/" } ], "url": "https://issues.chromium.org/issues/475238879" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-12T14:32:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3942" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sfc1-6x1b-4bbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34541?format=api", "vulnerability_id": "VCID-sfzb-f5dh-zyae", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11460.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11460.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23908", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23975", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24021", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.24039", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23996", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.2394", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.2477", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00085", "scoring_system": "epss", "scoring_elements": "0.24731", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00097", "scoring_system": "epss", "scoring_elements": "0.26683", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11460" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413252", "reference_id": "2413252", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413252" }, { "reference_url": "https://issues.chromium.org/issues/446722008", "reference_id": "446722008", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:15Z/" } ], "url": "https://issues.chromium.org/issues/446722008" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:15Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11460" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sfzb-f5dh-zyae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47552?format=api", "vulnerability_id": "VCID-sjw8-nhyv-wfhc", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9121", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41229", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.4121", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41232", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41186", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41197", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41228", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41154", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00192", "scoring_system": "epss", "scoring_elements": "0.41202", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9121" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9121", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9121" }, { "reference_url": "https://issues.chromium.org/issues/363538434", "reference_id": "363538434", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:26:41Z/" } ], "url": "https://issues.chromium.org/issues/363538434" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:26:41Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9121" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjw8-nhyv-wfhc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47251?format=api", "vulnerability_id": "VCID-sjyh-asvp-sbfh", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11112", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61993", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61962", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61951", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61894", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61925", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61895", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0042", "scoring_system": "epss", "scoring_elements": "0.61944", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11112" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11112", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11112" }, { "reference_url": "https://issues.chromium.org/issues/354824998", "reference_id": "354824998", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T20:19:06Z/" } ], "url": "https://issues.chromium.org/issues/354824998" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T20:19:06Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11112" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjyh-asvp-sbfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47509?format=api", "vulnerability_id": "VCID-sk1q-3r7z-5yd7", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6997", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66705", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66671", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6663", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66679", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6997" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6997", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6997" }, { "reference_url": "https://issues.chromium.org/issues/325293263", "reference_id": "325293263", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T16:02:39Z/" } ], "url": "https://issues.chromium.org/issues/325293263" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T16:02:39Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6997" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sk1q-3r7z-5yd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47557?format=api", "vulnerability_id": "VCID-skfq-61mt-8qhb", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17182", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17339", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17301", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17243", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17363", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17409", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17189", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1728", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10229" }, { "reference_url": "https://issues.chromium.org/issues/371011220", "reference_id": "371011220", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:37:18Z/" } ], "url": "https://issues.chromium.org/issues/371011220" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html", "reference_id": "stable-channel-update-for-desktop_22.html", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-23T14:37:18Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_22.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10229" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-skfq-61mt-8qhb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47551?format=api", "vulnerability_id": "VCID-skhu-dhab-wfgj", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9120", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45426", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45449", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45419", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.4542", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45407", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45427", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00226", "scoring_system": "epss", "scoring_elements": "0.45371", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9120" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9120" }, { "reference_url": "https://issues.chromium.org/issues/365254285", "reference_id": "365254285", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:25:39Z/" } ], "url": "https://issues.chromium.org/issues/365254285" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-25T16:25:39Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_24.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9120" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-skhu-dhab-wfgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47249?format=api", "vulnerability_id": "VCID-sm3e-j1k9-wka9", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11111", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37098", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37103", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37114", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3708", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37052", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.3718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37208", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37039", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.37091", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11111" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11111", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11111" }, { "reference_url": "https://issues.chromium.org/issues/360520331", "reference_id": "360520331", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:26:29Z/" } ], "url": "https://issues.chromium.org/issues/360520331" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:26:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11111" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sm3e-j1k9-wka9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95923?format=api", "vulnerability_id": "VCID-sm8x-4zcp-2uet", "summary": "Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12053", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29225", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29292", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29297", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2925", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29198", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29326", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29375", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29187", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29251", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12053" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12053", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12053" }, { "reference_url": "https://issues.chromium.org/issues/379009132", "reference_id": "379009132", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-03T19:07:36Z/" } ], "url": "https://issues.chromium.org/issues/379009132" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-03T19:07:36Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12053" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sm8x-4zcp-2uet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96402?format=api", "vulnerability_id": "VCID-smtf-356n-57g7", "summary": "Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9959", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68188", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68172", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68197", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68183", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.6815", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.6811", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68128", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68106", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00556", "scoring_system": "epss", "scoring_elements": "0.68157", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9959" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9959", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9959" }, { "reference_url": "https://issues.chromium.org/issues/368672129", "reference_id": "368672129", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:57:36Z/" } ], "url": "https://issues.chromium.org/issues/368672129" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:57:36Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9959" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-smtf-356n-57g7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96364?format=api", "vulnerability_id": "VCID-snc8-e46j-9fa2", "summary": "Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7020", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3107", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31083", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31038", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31214", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31034", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3112", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.31127", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7020" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7020", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7020" }, { "reference_url": "https://issues.chromium.org/issues/40076065", "reference_id": "40076065", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-24T18:31:06Z/" } ], "url": "https://issues.chromium.org/issues/40076065" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7020" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-snc8-e46j-9fa2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34520?format=api", "vulnerability_id": "VCID-sr4v-uc24-ubgg", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10501.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-10501.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34333", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34269", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34297", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34298", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34257", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34234", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34361", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34225", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34268", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10501" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10501", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10501" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397867", "reference_id": "2397867", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2397867" }, { "reference_url": "https://issues.chromium.org/issues/440737137", "reference_id": "440737137", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T16:57:27Z/" } ], "url": "https://issues.chromium.org/issues/440737137" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-24T16:57:27Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10501" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sr4v-uc24-ubgg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96757?format=api", "vulnerability_id": "VCID-ss8z-vqjp-sff2", "summary": "Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5280", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70605", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.7059", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70575", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70511", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70529", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70506", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70552", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00641", "scoring_system": "epss", "scoring_elements": "0.70567", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5280" }, { "reference_url": "https://issues.chromium.org/issues/417169470", "reference_id": "417169470", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-29T03:55:45Z/" } ], "url": "https://issues.chromium.org/issues/417169470" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-29T03:55:45Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5280" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ss8z-vqjp-sff2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47488?format=api", "vulnerability_id": "VCID-st5n-m835-3fg1", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5837", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48198", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48119", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4814", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48089", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48142", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48137", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48161", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48134", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48145", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5837" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5837", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5837" }, { "reference_url": "https://issues.chromium.org/issues/342415789", "reference_id": "342415789", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:31:38Z/" } ], "url": "https://issues.chromium.org/issues/342415789" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:31:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:31:38Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:31:38Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5837" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-st5n-m835-3fg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96079?format=api", "vulnerability_id": "VCID-sx5u-ua47-kbgc", "summary": "Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3172", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73557", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73517", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.7354", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73521", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73514", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73495", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73467", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0077", "scoring_system": "epss", "scoring_elements": "0.73503", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3172" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3172", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3172" }, { "reference_url": "https://issues.chromium.org/issues/40942152", "reference_id": "40942152", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-23T16:51:00Z/" } ], "url": "https://issues.chromium.org/issues/40942152" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-23T16:51:00Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3172" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sx5u-ua47-kbgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350926?format=api", "vulnerability_id": "VCID-sxav-2n8n-wkb9", "summary": "Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5858.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5858.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5858", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08776", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08778", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08755", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08741", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00081", "scoring_system": "epss", "scoring_elements": "0.23792", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5858" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5858", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5858" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456793", "reference_id": "2456793", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456793" }, { "reference_url": "https://issues.chromium.org/issues/493319454", "reference_id": "493319454", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:36Z/" } ], "url": "https://issues.chromium.org/issues/493319454" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:36Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5858" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxav-2n8n-wkb9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96391?format=api", "vulnerability_id": "VCID-sxsf-3x3h-vff3", "summary": "Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21249", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21341", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21309", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21256", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21393", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21448", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21199", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00069", "scoring_system": "epss", "scoring_elements": "0.21279", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8907" }, { "reference_url": "https://issues.chromium.org/issues/360642942", "reference_id": "360642942", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T15:32:10Z/" } ], "url": "https://issues.chromium.org/issues/360642942" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T15:32:10Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8907" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sxsf-3x3h-vff3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96777?format=api", "vulnerability_id": "VCID-sy2e-sgft-53b3", "summary": "Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5419", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.8715", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.87144", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.87138", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.87133", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.87092", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.8711", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.87103", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.87123", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03257", "scoring_system": "epss", "scoring_elements": "0.8713", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5419" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5419", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5419" }, { "reference_url": "https://issues.chromium.org/issues/420636529", "reference_id": "420636529", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:00Z/" } ], "url": "https://issues.chromium.org/issues/420636529" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-08-20T03:56:00Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5419" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sy2e-sgft-53b3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96357?format=api", "vulnerability_id": "VCID-t394-vs34-1fa9", "summary": "Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6778", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.94019", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.93988", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.93996", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.94", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.94004", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.93976", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.12757", "scoring_system": "epss", "scoring_elements": "0.93985", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6778" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6778", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6778" }, { "reference_url": "https://issues.chromium.org/issues/341136300", "reference_id": "341136300", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:50Z/" } ], "url": "https://issues.chromium.org/issues/341136300" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T03:55:50Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6778" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t394-vs34-1fa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64648?format=api", "vulnerability_id": "VCID-t3kt-44gv-j3dr", "summary": "chromium-browser: Inappropriate implementation in Downloads", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2323.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2323.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01025", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0105", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01055", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01053", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01032", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01041", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2323" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2323", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2323" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439068", "reference_id": "2439068", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439068" }, { "reference_url": "https://issues.chromium.org/issues/467442136", "reference_id": "467442136", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T20:19:07Z/" } ], "url": "https://issues.chromium.org/issues/467442136" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-02-11T20:19:07Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2323" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t3kt-44gv-j3dr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47490?format=api", "vulnerability_id": "VCID-t5k7-mt9a-5yfw", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31296", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.314", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31441", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31262", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31315", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31345", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31305", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5839" }, { "reference_url": "https://issues.chromium.org/issues/340122160", "reference_id": "340122160", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:45:43Z/" } ], "url": "https://issues.chromium.org/issues/340122160" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:45:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:45:43Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:45:43Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5839" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t5k7-mt9a-5yfw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96007?format=api", "vulnerability_id": "VCID-t5t1-22yg-rqgv", "summary": "Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2630", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31528", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31429", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31396", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31432", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31475", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31471", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31441", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31387", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3157", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2630" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2630", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2630" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T15:15:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/41481877", "reference_id": "41481877", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T15:15:00Z/" } ], "url": "https://issues.chromium.org/issues/41481877" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T15:15:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T15:15:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T15:15:00Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2630" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t5t1-22yg-rqgv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96136?format=api", "vulnerability_id": "VCID-t5uy-rm9d-9bcx", "summary": "Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3843", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67354", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67431", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67395", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67441", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.6742", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67407", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67355", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67377", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3843" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3843", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3843" }, { "reference_url": "https://issues.chromium.org/issues/41486690", "reference_id": "41486690", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://issues.chromium.org/issues/41486690" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-22T18:27:07Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3843" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t5uy-rm9d-9bcx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96505?format=api", "vulnerability_id": "VCID-t69n-d8kz-ukdh", "summary": "Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25128", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24902", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24971", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.25016", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.2503", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33986", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41436", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41479", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-1917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-1917" }, { "reference_url": "https://issues.chromium.org/issues/329476341", "reference_id": "329476341", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:28:41Z/" } ], "url": "https://issues.chromium.org/issues/329476341" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-05T14:28:41Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-1917" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t69n-d8kz-ukdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96472?format=api", "vulnerability_id": "VCID-t6a7-tdcw-zuhv", "summary": "Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12907", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36999", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36943", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37007", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.37015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.3698", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00161", "scoring_system": "epss", "scoring_elements": "0.36954", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.4929", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00259", "scoring_system": "epss", "scoring_elements": "0.49263", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12907" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12907", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12907" }, { "reference_url": "https://issues.chromium.org/issues/427367145", "reference_id": "427367145", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-14T04:55:40Z/" } ], "url": "https://issues.chromium.org/issues/427367145" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-14T04:55:40Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12907" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t6a7-tdcw-zuhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96396?format=api", "vulnerability_id": "VCID-t7xz-yw5y-mqaq", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9370", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9370" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9370" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t7xz-yw5y-mqaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96006?format=api", "vulnerability_id": "VCID-t8p3-3evv-kfg1", "summary": "Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43414", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43475", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43415", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43431", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43462", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43444", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.4343", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43379", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0021", "scoring_system": "epss", "scoring_elements": "0.43441", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2629" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T14:29:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/41487721", "reference_id": "41487721", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T14:29:15Z/" } ], "url": "https://issues.chromium.org/issues/41487721" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T14:29:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T14:29:15Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T14:29:15Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2629" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t8p3-3evv-kfg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66610?format=api", "vulnerability_id": "VCID-t9td-h5q7-vkhx", "summary": "chromium-browser: Out of bounds memory access in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12036.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12036.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12036", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1929", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19368", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19424", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19376", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19319", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20267", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2021", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2234", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12036" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12036", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12036" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413259", "reference_id": "2413259", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413259" }, { "reference_url": "https://issues.chromium.org/issues/452296415", "reference_id": "452296415", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:14Z/" } ], "url": "https://issues.chromium.org/issues/452296415" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:14Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12036" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t9td-h5q7-vkhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64310?format=api", "vulnerability_id": "VCID-tby7-d6uk-xqcu", "summary": "chromium-browser: Use after free in TextEncoding", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3921.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3921.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3921", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30665", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30701", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3921" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3921", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3921" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446845", "reference_id": "2446845", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446845" }, { "reference_url": "https://issues.chromium.org/issues/484946544", "reference_id": "484946544", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:09:13Z/" } ], "url": "https://issues.chromium.org/issues/484946544" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:09:13Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3921" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tby7-d6uk-xqcu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350980?format=api", "vulnerability_id": "VCID-tbzs-axfh-77au", "summary": "Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5912.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5912.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5912", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1946", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19355", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19413", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.001", "scoring_system": "epss", "scoring_elements": "0.27703", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5912" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5912", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5912" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456775", "reference_id": "2456775", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456775" }, { "reference_url": "https://issues.chromium.org/issues/486498791", "reference_id": "486498791", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:03:09Z/" } ], "url": "https://issues.chromium.org/issues/486498791" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:03:09Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5912" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tbzs-axfh-77au" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96952?format=api", "vulnerability_id": "VCID-tfc2-749m-sqh1", "summary": "Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8582", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19192", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.1927", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00062", "scoring_system": "epss", "scoring_elements": "0.19327", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.207", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20751", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.2069", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8582" }, { "reference_url": "https://issues.chromium.org/issues/40089450", "reference_id": "40089450", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:24:17Z/" } ], "url": "https://issues.chromium.org/issues/40089450" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:24:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8582" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tfc2-749m-sqh1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66393?format=api", "vulnerability_id": "VCID-tkvr-d1xj-ykar", "summary": "chromium-browser: Side-channel information leakage in Navigation and Loading", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13992.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13992.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13992", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08199", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11519", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11713", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11724", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11687", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11662", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.1179", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11573", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00039", "scoring_system": "epss", "scoring_elements": "0.11658", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13992" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13992", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13992" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418680", "reference_id": "2418680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418680" }, { "reference_url": "https://issues.chromium.org/issues/40095391", "reference_id": "40095391", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:36:03Z/" } ], "url": "https://issues.chromium.org/issues/40095391" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T19:36:03Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13992" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tkvr-d1xj-ykar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350927?format=api", "vulnerability_id": "VCID-tkx7-9rpf-pyeh", "summary": "Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5859.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5859.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5859", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23552", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5859" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5859", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5859" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456812", "reference_id": "2456812", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456812" }, { "reference_url": "https://issues.chromium.org/issues/494158331", "reference_id": "494158331", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:37Z/" } ], "url": "https://issues.chromium.org/issues/494158331" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:37Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5859" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tkx7-9rpf-pyeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66598?format=api", "vulnerability_id": "VCID-tt6a-jnve-77cg", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12433.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12433.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12433", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03494", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03617", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03573", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03544", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03519", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03895", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03909", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03915", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.03886", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12433" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12433", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12433" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413867", "reference_id": "2413867", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413867" }, { "reference_url": "https://issues.chromium.org/issues/449760249", "reference_id": "449760249", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:10:25Z/" } ], "url": "https://issues.chromium.org/issues/449760249" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T21:10:25Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12433" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6a-jnve-77cg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47267?format=api", "vulnerability_id": "VCID-tt6y-5hu2-xfcj", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12694", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66798", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.6681", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66825", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66845", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66831", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66763", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66789", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00519", "scoring_system": "epss", "scoring_elements": "0.66761", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12694" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12694", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12694" }, { "reference_url": "https://issues.chromium.org/issues/368222741", "reference_id": "368222741", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:46Z/" } ], "url": "https://issues.chromium.org/issues/368222741" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-20T04:55:46Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12694" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt6y-5hu2-xfcj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96287?format=api", "vulnerability_id": "VCID-tu8y-g873-sbb8", "summary": "Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66848", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66814", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66839", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66812", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66861", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66894", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00521", "scoring_system": "epss", "scoring_elements": "0.66881", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5494" }, { "reference_url": "https://issues.chromium.org/issues/338071106", "reference_id": "338071106", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:19:45Z/" } ], "url": "https://issues.chromium.org/issues/338071106" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:19:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:19:45Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:19:45Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5494" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tu8y-g873-sbb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47555?format=api", "vulnerability_id": "VCID-tvek-ujxy-mug2", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57474", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57497", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57501", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57516", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57493", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57444", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0035", "scoring_system": "epss", "scoring_elements": "0.57467", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9602" }, { "reference_url": "https://issues.chromium.org/issues/368241697", "reference_id": "368241697", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T16:11:31Z/" } ], "url": "https://issues.chromium.org/issues/368241697" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html", "reference_id": "stable-channel-update-for-desktop_8.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-09T16:11:31Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_8.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9602" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tvek-ujxy-mug2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350943?format=api", "vulnerability_id": "VCID-tynp-q2w1-vkde", "summary": "Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5875.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5875.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5875", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05317", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05329", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05306", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06931", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5875" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5875", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5875" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456790", "reference_id": "2456790", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456790" }, { "reference_url": "https://issues.chromium.org/issues/430198264", "reference_id": "430198264", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-11T03:00:07Z/" } ], "url": "https://issues.chromium.org/issues/430198264" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-11T03:00:07Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5875" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tynp-q2w1-vkde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64237?format=api", "vulnerability_id": "VCID-tzqb-c1he-gffz", "summary": "chromium-browser: Use after free in WebRTC", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4446.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4446.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27925", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27781", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27868", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27874", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27774", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27968", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27759", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27826", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4446" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449405", "reference_id": "2449405", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449405" }, { "reference_url": "https://issues.chromium.org/issues/486421954", "reference_id": "486421954", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:54Z/" } ], "url": "https://issues.chromium.org/issues/486421954" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4446" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tzqb-c1he-gffz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47471?format=api", "vulnerability_id": "VCID-u1sp-38g8-xfan", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4558.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-4558.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0238", "scoring_system": "epss", "scoring_elements": "0.85013", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0238", "scoring_system": "epss", "scoring_elements": "0.84992", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85519", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85554", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85544", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85524", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85503", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85566", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02579", "scoring_system": "epss", "scoring_elements": "0.85568", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4558" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4558" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/15", "reference_id": "15", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/15" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/16", "reference_id": "16", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/16" }, { "reference_url": "http://seclists.org/fulldisclosure/2024/Jul/18", "reference_id": "18", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "http://seclists.org/fulldisclosure/2024/Jul/18" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279689", "reference_id": "2279689", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2279689" }, { "reference_url": "https://issues.chromium.org/issues/337766133", "reference_id": "337766133", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://issues.chromium.org/issues/337766133" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/", "reference_id": "BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BWFSZNNWSQYDRYKNLBDGEXXKMBXDYQ3F/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/", "reference_id": "FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FAWEKDQTHPN7NFEMLIWP7YMIZ2DHF36N/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/", "reference_id": "IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/", "reference_id": "LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8180", "reference_id": "RHSA-2024:8180", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8492", "reference_id": "RHSA-2024:8492", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8492" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8496", "reference_id": "RHSA-2024:8496", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:8496" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9144", "reference_id": "RHSA-2024:9144", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9144" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9636", "reference_id": "RHSA-2024:9636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9646", "reference_id": "RHSA-2024:9646", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9646" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9653", "reference_id": "RHSA-2024:9653", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9653" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9679", "reference_id": "RHSA-2024:9679", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9679" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9680", "reference_id": "RHSA-2024:9680", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:9680" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10364", "reference_id": "RHSA-2025:10364", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:10364" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html", "reference_id": "stable-channel-update-for-desktop_7.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-09T04:00:46Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_7.html" }, { "reference_url": "https://usn.ubuntu.com/6996-1/", "reference_id": "USN-6996-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6996-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4558" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u1sp-38g8-xfan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96154?format=api", "vulnerability_id": "VCID-u3qp-1wrx-6fg1", "summary": "Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3914", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49149", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49223", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49177", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49172", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49198", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49181", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49184", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4913", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49178", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3914" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3914", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3914" }, { "reference_url": "https://issues.chromium.org/issues/330759272", "reference_id": "330759272", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://issues.chromium.org/issues/330759272" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T15:38:34Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3914" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u3qp-1wrx-6fg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64320?format=api", "vulnerability_id": "VCID-u4th-7235-tbfv", "summary": "chromium-browser: Incorrect security UI in PictureInPicture", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3927.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3927.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08004", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08012", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08052", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08073", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08096", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08087", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08706", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08831", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08817", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3927" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446857", "reference_id": "2446857", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446857" }, { "reference_url": "https://issues.chromium.org/issues/474948986", "reference_id": "474948986", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T12:48:55Z/" } ], "url": "https://issues.chromium.org/issues/474948986" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-13T12:48:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3927" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4th-7235-tbfv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47282?format=api", "vulnerability_id": "VCID-u5gh-nrfj-vbbj", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0446", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20987", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21049", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20997", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21166", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21221", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20935", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21016", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21076", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0446" }, { "reference_url": "https://issues.chromium.org/issues/359949844", "reference_id": "359949844", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:27:55Z/" } ], "url": "https://issues.chromium.org/issues/359949844" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:27:55Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0446" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u5gh-nrfj-vbbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96293?format=api", "vulnerability_id": "VCID-u72f-asx2-rueu", "summary": "Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21422", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21522", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21428", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21558", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21617", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.21373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0007", "scoring_system": "epss", "scoring_elements": "0.2145", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5500" }, { "reference_url": "https://issues.chromium.org/issues/40069622", "reference_id": "40069622", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-25T14:26:55Z/" } ], "url": "https://issues.chromium.org/issues/40069622" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-25T14:26:55Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5500" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u72f-asx2-rueu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47274?format=api", "vulnerability_id": "VCID-u7nr-jpbg-hbbc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0437", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20028", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2015", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20105", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20047", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20212", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20269", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20074", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20131", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0437" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0437", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0437" }, { "reference_url": "https://issues.chromium.org/issues/378623799", "reference_id": "378623799", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:35Z/" } ], "url": "https://issues.chromium.org/issues/378623799" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T15:01:35Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0437" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u7nr-jpbg-hbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66600?format=api", "vulnerability_id": "VCID-u8bu-bhfy-j3ff", "summary": "chromium-browser: Inappropriate implementation in Extensions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12431.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12431.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12431", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04162", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04248", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04232", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04217", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04193", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04483", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04496", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04531", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04457", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12431" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12431", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12431" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413869", "reference_id": "2413869", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413869" }, { "reference_url": "https://issues.chromium.org/issues/436887350", "reference_id": "436887350", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:03:05Z/" } ], "url": "https://issues.chromium.org/issues/436887350" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:03:05Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12431" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8bu-bhfy-j3ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96366?format=api", "vulnerability_id": "VCID-u8db-dw2g-gkhk", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7024", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31451", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31454", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31417", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31551", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31594", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31409", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31462", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31493", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31497", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7024" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7024", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7024" }, { "reference_url": "https://issues.chromium.org/issues/334120897", "reference_id": "334120897", "reference_type": "", "scores": [ { "value": "9.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-25T17:44:35Z/" } ], "url": "https://issues.chromium.org/issues/334120897" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7024" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8db-dw2g-gkhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64238?format=api", "vulnerability_id": "VCID-u8pg-4uns-sqd3", "summary": "chromium-browser: Heap buffer overflow in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4448.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22388", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22359", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22379", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22279", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22433", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22221", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22304", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4448" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449406", "reference_id": "2449406", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449406" }, { "reference_url": "https://issues.chromium.org/issues/486972661", "reference_id": "486972661", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:46Z/" } ], "url": "https://issues.chromium.org/issues/486972661" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:34:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4448" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8pg-4uns-sqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64230?format=api", "vulnerability_id": "VCID-u8s8-4qjn-z3d6", "summary": "chromium-browser: Use after free in Extensions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4458.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4458.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08294", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08224", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08364", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08344", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08291", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08355", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4458" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449395", "reference_id": "2449395", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449395" }, { "reference_url": "https://issues.chromium.org/issues/489619753", "reference_id": "489619753", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:28Z/" } ], "url": "https://issues.chromium.org/issues/489619753" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:33:28Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4458" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u8s8-4qjn-z3d6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34510?format=api", "vulnerability_id": "VCID-u9mq-tb44-4kbc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8879", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29455", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29532", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29487", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29436", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29604", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29426", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00111", "scoring_system": "epss", "scoring_elements": "0.29529", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-8879" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8879", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8879" }, { "reference_url": "https://issues.chromium.org/issues/432035817", "reference_id": "432035817", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:32Z/" } ], "url": "https://issues.chromium.org/issues/432035817" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:32Z/" } ], "url": "https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-8879" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9mq-tb44-4kbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95921?format=api", "vulnerability_id": "VCID-u9yr-eqh8-v3b6", "summary": "Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11395", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52398", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52443", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52351", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52379", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0029", "scoring_system": "epss", "scoring_elements": "0.52345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00542", "scoring_system": "epss", "scoring_elements": "0.67735", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11395" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11395", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11395" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://issues.chromium.org/issues/377384894", "reference_id": "377384894", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T20:11:29Z/" } ], "url": "https://issues.chromium.org/issues/377384894" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-19T20:11:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11395" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u9yr-eqh8-v3b6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96354?format=api", "vulnerability_id": "VCID-uegf-7d1c-y3c4", "summary": "Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6775", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61261", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61232", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61253", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.6124", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61221", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61175", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61203", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61169", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00409", "scoring_system": "epss", "scoring_elements": "0.61217", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6775" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6775", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6775" }, { "reference_url": "https://issues.chromium.org/issues/347373236", "reference_id": "347373236", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T22:15:21Z/" } ], "url": "https://issues.chromium.org/issues/347373236" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-16T22:15:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6775" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uegf-7d1c-y3c4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64292?format=api", "vulnerability_id": "VCID-uf5c-xr9t-13dn", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3910.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3910.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3910", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69787", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0061", "scoring_system": "epss", "scoring_elements": "0.69771", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.7126", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00665", "scoring_system": "epss", "scoring_elements": "0.71214", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73454", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00769", "scoring_system": "epss", "scoring_elements": "0.73477", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73997", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73983", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00797", "scoring_system": "epss", "scoring_elements": "0.73949", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3910" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3910", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3910" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447199", "reference_id": "2447199", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2447199" }, { "reference_url": "https://issues.chromium.org/issues/491410818", "reference_id": "491410818", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-03-13T16:45:44Z/" } ], "url": "https://issues.chromium.org/issues/491410818" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-03-13T16:45:44Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3910" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uf5c-xr9t-13dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96688?format=api", "vulnerability_id": "VCID-ug4c-yce8-tbfa", "summary": "Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4096", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41478", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41483", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41451", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41436", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41449", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41476", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41403", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41453", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00195", "scoring_system": "epss", "scoring_elements": "0.41462", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4096" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4096", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4096" }, { "reference_url": "https://issues.chromium.org/issues/409911705", "reference_id": "409911705", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-06T02:57:49Z/" } ], "url": "https://issues.chromium.org/issues/409911705" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-06T02:57:49Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4096" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ug4c-yce8-tbfa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34525?format=api", "vulnerability_id": "VCID-uh78-mxcb-aud5", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11205.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11205.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11205", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2351", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23581", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23644", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23601", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23545", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24435", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00083", "scoring_system": "epss", "scoring_elements": "0.24402", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26302", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11205" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11205", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11205" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413265", "reference_id": "2413265", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413265" }, { "reference_url": "https://issues.chromium.org/issues/442444724", "reference_id": "442444724", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:17Z/" } ], "url": "https://issues.chromium.org/issues/442444724" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-08T04:55:17Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11205" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uh78-mxcb-aud5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59092?format=api", "vulnerability_id": "VCID-uhn4-egfc-ebda", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2628", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39639", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39655", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39604", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.3962", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39657", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39648", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39633", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39579", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0018", "scoring_system": "epss", "scoring_elements": "0.39662", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2628" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2628", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2628" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T18:00:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/41487774", "reference_id": "41487774", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T18:00:59Z/" } ], "url": "https://issues.chromium.org/issues/41487774" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T18:00:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T18:00:59Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-17T18:00:59Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2628" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uhn4-egfc-ebda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47541?format=api", "vulnerability_id": "VCID-uqb8-znvh-9fgu", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50438", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50472", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50449", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50434", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50402", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50432", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00269", "scoring_system": "epss", "scoring_elements": "0.50385", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8033" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8033", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8033" }, { "reference_url": "https://issues.chromium.org/issues/350256139", "reference_id": "350256139", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:06:38Z/" } ], "url": "https://issues.chromium.org/issues/350256139" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-22T13:06:38Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8033" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uqb8-znvh-9fgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65166?format=api", "vulnerability_id": "VCID-uqyz-yjh5-vyh6", "summary": "chromium-browser: Use after free in ANGLE", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0908.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0908.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1447", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14672", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14578", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14683", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14756", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14564", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14653", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14712", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0908" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431128", "reference_id": "2431128", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431128" }, { "reference_url": "https://issues.chromium.org/issues/452209503", "reference_id": "452209503", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:18Z/" } ], "url": "https://issues.chromium.org/issues/452209503" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:18Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0908" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uqyz-yjh5-vyh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59084?format=api", "vulnerability_id": "VCID-ursd-c1rf-tyeq", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35161", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.352", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35228", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35109", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35153", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35179", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35183", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35148", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35124", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2400" }, { "reference_url": "https://issues.chromium.org/issues/327696052", "reference_id": "327696052", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-12T18:14:17Z/" } ], "url": "https://issues.chromium.org/issues/327696052" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-12T18:14:17Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_12.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T55OZ7JOMLNT5ICM4DTCZOJZD6TZICKO/", "reference_id": "T55OZ7JOMLNT5ICM4DTCZOJZD6TZICKO", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-12T18:14:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T55OZ7JOMLNT5ICM4DTCZOJZD6TZICKO/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIKPDCUMQNF2DFB7TU3V4ISJ7WFJH7YI/", "reference_id": "VIKPDCUMQNF2DFB7TU3V4ISJ7WFJH7YI", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-12T18:14:17Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIKPDCUMQNF2DFB7TU3V4ISJ7WFJH7YI/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2400" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ursd-c1rf-tyeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47246?format=api", "vulnerability_id": "VCID-us37-cg5p-3fcc", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10487", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53222", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53163", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53214", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53199", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53183", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53128", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53152", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.5312", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00298", "scoring_system": "epss", "scoring_elements": "0.53171", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10487" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10487", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10487" }, { "reference_url": "https://issues.chromium.org/issues/375123371", "reference_id": "375123371", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T03:55:21Z/" } ], "url": "https://issues.chromium.org/issues/375123371" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-31T03:55:21Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10487" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-us37-cg5p-3fcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47288?format=api", "vulnerability_id": "VCID-uvbr-kyc1-wkdw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2135", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40269", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40204", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40257", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40267", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40279", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40241", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00185", "scoring_system": "epss", "scoring_elements": "0.40221", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.41978", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00198", "scoring_system": "epss", "scoring_elements": "0.4195", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2135" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2135", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2135" }, { "reference_url": "https://issues.chromium.org/issues/400052777", "reference_id": "400052777", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:35Z/" } ], "url": "https://issues.chromium.org/issues/400052777" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-03-12T04:00:35Z/" } ], "url": "https://chromereleases.googleblog.com/2025/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-2135" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvbr-kyc1-wkdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64323?format=api", "vulnerability_id": "VCID-uvuf-mbkh-eqah", "summary": "chromium-browser: Use after free in Agents", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3917.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3917.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30665", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30701", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3917" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446861", "reference_id": "2446861", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446861" }, { "reference_url": "https://issues.chromium.org/issues/483569512", "reference_id": "483569512", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T12:59:13Z/" } ], "url": "https://issues.chromium.org/issues/483569512" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T12:59:13Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3917" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uvuf-mbkh-eqah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34524?format=api", "vulnerability_id": "VCID-uweq-7973-xyam", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10585", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72022", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.72005", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.7199", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71951", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.7197", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71947", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71985", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.007", "scoring_system": "epss", "scoring_elements": "0.71998", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10585" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10585", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10585" }, { "reference_url": "https://issues.chromium.org/issues/445380761", "reference_id": "445380761", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-09-25T03:55:48Z/" } ], "url": "https://issues.chromium.org/issues/445380761" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-09-25T03:55:48Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10585" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uweq-7973-xyam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96398?format=api", "vulnerability_id": "VCID-uxa6-xukh-rqhe", "summary": "Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9954", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92661", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92638", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92643", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92648", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92647", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.9262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92626", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.09069", "scoring_system": "epss", "scoring_elements": "0.92627", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9954" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9954", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9954" }, { "reference_url": "https://issues.chromium.org/issues/367755363", "reference_id": "367755363", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:45:28Z/" } ], "url": "https://issues.chromium.org/issues/367755363" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-16T19:45:28Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9954" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uxa6-xukh-rqhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350951?format=api", "vulnerability_id": "VCID-uy3v-ru2f-fqcd", "summary": "Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5883.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5883.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5883", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15238", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5883" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5883", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5883" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456769", "reference_id": "2456769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456769" }, { "reference_url": "https://issues.chromium.org/issues/482958590", "reference_id": "482958590", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T17:36:45Z/" } ], "url": "https://issues.chromium.org/issues/482958590" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T17:36:45Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5883" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uy3v-ru2f-fqcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64317?format=api", "vulnerability_id": "VCID-uybs-1w1h-23cs", "summary": "chromium-browser: Use after free in Extensions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3919.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3919.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08988", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08962", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.0904", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09041", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09073", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.09075", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.09979", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10125", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00034", "scoring_system": "epss", "scoring_elements": "0.10104", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3919" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446853", "reference_id": "2446853", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446853" }, { "reference_url": "https://issues.chromium.org/issues/444176961", "reference_id": "444176961", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:06:35Z/" } ], "url": "https://issues.chromium.org/issues/444176961" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:06:35Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3919" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uybs-1w1h-23cs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65883?format=api", "vulnerability_id": "VCID-uz9z-q1dw-vuf2", "summary": "chromium-browser: Chromium: Use after free in WebGPU allows remote attacker to exploit heap corruption", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14765.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-14765.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14765", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32092", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31999", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32035", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32038", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31966", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32132", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.31954", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00127", "scoring_system": "epss", "scoring_elements": "0.32006", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14765" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14765", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14765" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422949", "reference_id": "2422949", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2422949" }, { "reference_url": "https://issues.chromium.org/issues/448294721", "reference_id": "448294721", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-17T13:59:35Z/" } ], "url": "https://issues.chromium.org/issues/448294721" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-17T13:59:35Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-14765" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uz9z-q1dw-vuf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64242?format=api", "vulnerability_id": "VCID-uzn5-ghpu-57e5", "summary": "chromium-browser: Heap buffer overflow in WebRTC", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4463.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4463.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21055", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20874", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20965", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20981", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20937", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20884", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.21108", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20824", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20903", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4463" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449413", "reference_id": "2449413", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449413" }, { "reference_url": "https://issues.chromium.org/issues/491358681", "reference_id": "491358681", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:16:36Z/" } ], "url": "https://issues.chromium.org/issues/491358681" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:16:36Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4463" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uzn5-ghpu-57e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350976?format=api", "vulnerability_id": "VCID-v1qf-79xm-bbg2", "summary": "Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5908.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5908.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5908", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24875", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5908" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5908", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5908" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456751", "reference_id": "2456751", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456751" }, { "reference_url": "https://issues.chromium.org/issues/485115554", "reference_id": "485115554", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:28:27Z/" } ], "url": "https://issues.chromium.org/issues/485115554" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:28:27Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5908" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v1qf-79xm-bbg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63908?format=api", "vulnerability_id": "VCID-v2gf-rqxb-57ae", "summary": "chromium-browser: Use after free in Dawn", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5281.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.0", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0303", "scoring_system": "epss", "scoring_elements": "0.86598", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03034", "scoring_system": "epss", "scoring_elements": "0.86631", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.87191", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.87173", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.87186", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.8718", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.87176", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.87145", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03278", "scoring_system": "epss", "scoring_elements": "0.87165", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5281" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453700", "reference_id": "2453700", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453700" }, { "reference_url": "https://issues.chromium.org/issues/491518608", "reference_id": "491518608", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-04-01T16:16:11Z/" } ], "url": "https://issues.chromium.org/issues/491518608" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2026-04-01T16:16:11Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5281" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2gf-rqxb-57ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350968?format=api", "vulnerability_id": "VCID-v5a1-1ceu-ebhv", "summary": "Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03459", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03418", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0339", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03367", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00031", "scoring_system": "epss", "scoring_elements": "0.08892", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456763", "reference_id": "2456763", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456763" }, { "reference_url": "https://issues.chromium.org/issues/475265304", "reference_id": "475265304", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:03:11Z/" } ], "url": "https://issues.chromium.org/issues/475265304" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T18:03:11Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5900" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v5a1-1ceu-ebhv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59077?format=api", "vulnerability_id": "VCID-v6qa-35bx-73gs", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1675", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.28588", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00105", "scoring_system": "epss", "scoring_elements": "0.2878", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34846", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34837", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34865", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.3487", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34832", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00145", "scoring_system": "epss", "scoring_elements": "0.34808", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-1675" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1675", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1675" }, { "reference_url": "https://issues.chromium.org/issues/41486208", "reference_id": "41486208", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T20:02:40Z/" } ], "url": "https://issues.chromium.org/issues/41486208" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/", "reference_id": "PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T20:02:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PWWBMVQTSERVBXSXCZVUKIMEDNQUQ7O3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/", "reference_id": "QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T20:02:40Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QDCMYQ3J45NHQ4EJREM3BJNNKB5BK4Y7/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html", "reference_id": "stable-channel-update-for-desktop_20.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T20:02:40Z/" } ], "url": "https://chromereleases.googleblog.com/2024/02/stable-channel-update-for-desktop_20.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-1675" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v6qa-35bx-73gs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96393?format=api", "vulnerability_id": "VCID-vafg-8w1y-8bb3", "summary": "Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26313", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26216", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26274", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.2632", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26382", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26424", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26197", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00094", "scoring_system": "epss", "scoring_elements": "0.26265", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31918", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8909" }, { "reference_url": "https://issues.chromium.org/issues/341353783", "reference_id": "341353783", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T14:46:00Z/" } ], "url": "https://issues.chromium.org/issues/341353783" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-18T14:46:00Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8909" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vafg-8w1y-8bb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/65160?format=api", "vulnerability_id": "VCID-vb1c-9uuq-bkev", "summary": "chromium-browser: Inappropriate implementation in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0900.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-0900.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0900", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10228", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1017", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10326", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10356", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10315", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10297", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10293", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1019", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10264", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0900" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0900", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0900" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431121", "reference_id": "2431121", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431121" }, { "reference_url": "https://issues.chromium.org/issues/465730465", "reference_id": "465730465", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:20Z/" } ], "url": "https://issues.chromium.org/issues/465730465" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-21T04:55:20Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0900" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vb1c-9uuq-bkev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97105?format=api", "vulnerability_id": "VCID-vd5f-rhmg-hfe6", "summary": "Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3932", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06883", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06933", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06918", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06973", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07004", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07008", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07751", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07665", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3932" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3932", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3932" }, { "reference_url": "https://issues.chromium.org/issues/478296121", "reference_id": "478296121", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:01:05Z/" } ], "url": "https://issues.chromium.org/issues/478296121" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T03:01:05Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3932" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vd5f-rhmg-hfe6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66587?format=api", "vulnerability_id": "VCID-vdba-4s6g-hufr", "summary": "chromium-browser: Policy bypass in Extensions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12445.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12445.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12445", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03072", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03178", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03137", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.0311", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03097", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03464", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.0348", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03451", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12445" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12445", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12445" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413847", "reference_id": "2413847", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413847" }, { "reference_url": "https://issues.chromium.org/issues/428397712", "reference_id": "428397712", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:01:44Z/" } ], "url": "https://issues.chromium.org/issues/428397712" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T21:01:44Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12445" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vdba-4s6g-hufr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96743?format=api", "vulnerability_id": "VCID-vej8-dj8m-a3cu", "summary": "Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00102", "scoring_system": "epss", "scoring_elements": "0.28053", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.3159", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31672", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31676", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31634", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31598", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31771", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31726", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31642", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5066" }, { "reference_url": "https://issues.chromium.org/issues/356658477", "reference_id": "356658477", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:31:45Z/" } ], "url": "https://issues.chromium.org/issues/356658477" }, { "reference_url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html", "reference_id": "stable-channel-update-for-desktop_27.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-28T13:31:45Z/" } ], "url": "https://chromereleases.googleblog.com/2025/05/stable-channel-update-for-desktop_27.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5066" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vej8-dj8m-a3cu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66407?format=api", "vulnerability_id": "VCID-vfhf-srxw-fqb8", "summary": "chromium-browser: Inappropriate implementation in Downloads", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13637.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13637.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13637", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00027", "scoring_system": "epss", "scoring_elements": "0.07452", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10517", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10696", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10709", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10677", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10653", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10566", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10638", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13637" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418464", "reference_id": "2418464", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418464" }, { "reference_url": "https://issues.chromium.org/issues/392375329", "reference_id": "392375329", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:44:26Z/" } ], "url": "https://issues.chromium.org/issues/392375329" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:44:26Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13637" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfhf-srxw-fqb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66470?format=api", "vulnerability_id": "VCID-vfpj-s32r-fygb", "summary": "chromium-browser: Inappropriate implementation in Compositing", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13107.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13107.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13107", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22384", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23012", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33429", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33504", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13107" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13107", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13107" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414975", "reference_id": "2414975", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414975" }, { "reference_url": "https://issues.chromium.org/issues/429440615", "reference_id": "429440615", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:35:28Z/" } ], "url": "https://issues.chromium.org/issues/429440615" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:35:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13107" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vfpj-s32r-fygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350977?format=api", "vulnerability_id": "VCID-vghg-r559-kbes", "summary": "Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5909.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5909.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5909", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24875", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5909" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5909", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5909" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456753", "reference_id": "2456753", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456753" }, { "reference_url": "https://issues.chromium.org/issues/485203821", "reference_id": "485203821", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:23:42Z/" } ], "url": "https://issues.chromium.org/issues/485203821" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-09T15:23:42Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5909" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vghg-r559-kbes" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47501?format=api", "vulnerability_id": "VCID-vhyd-eq5h-cfhm", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51018", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51078", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6292" }, { "reference_url": "https://issues.chromium.org/issues/342545100", "reference_id": "342545100", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:31Z/" } ], "url": "https://issues.chromium.org/issues/342545100" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:31Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/", "reference_id": "T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/", "reference_id": "WHV5WTU27YOIBIM2CON42SHWY6J2HPRS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6292" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhyd-eq5h-cfhm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68659?format=api", "vulnerability_id": "VCID-vk4e-qufz-5ffp", "summary": "angle: insufficient input validation can cause undefined behavior", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6558.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6558.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6558", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37959", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37993", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38004", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.38021", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00168", "scoring_system": "epss", "scoring_elements": "0.37984", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44447", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44381", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44426", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-6558" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6558", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6558" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380254", "reference_id": "2380254", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380254" }, { "reference_url": "https://issues.chromium.org/issues/427162086", "reference_id": "427162086", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-22T03:55:29Z/" } ], "url": "https://issues.chromium.org/issues/427162086" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13780", "reference_id": "RHSA-2025:13780", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13780" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13782", "reference_id": "RHSA-2025:13782", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13782" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14421", "reference_id": "RHSA-2025:14421", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14421" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14422", "reference_id": "RHSA-2025:14422", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14422" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14423", "reference_id": "RHSA-2025:14423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14432", "reference_id": "RHSA-2025:14432", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14433", "reference_id": "RHSA-2025:14433", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14434", "reference_id": "RHSA-2025:14434", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:14486", "reference_id": "RHSA-2025:14486", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:14486" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:15729", "reference_id": "RHSA-2025:15729", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:15729" }, { "reference_url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-22T03:55:29Z/" } ], "url": "https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html" }, { "reference_url": "https://usn.ubuntu.com/7702-1/", "reference_id": "USN-7702-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7702-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-6558" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vk4e-qufz-5ffp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47275?format=api", "vulnerability_id": "VCID-vnvz-a9hv-8bee", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0438", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58025", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58037", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58015", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57995", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57968", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57986", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.57963", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58018", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.5802", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0438" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0438", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0438" }, { "reference_url": "https://issues.chromium.org/issues/384186539", "reference_id": "384186539", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:34Z/" } ], "url": "https://issues.chromium.org/issues/384186539" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:45:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0438" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnvz-a9hv-8bee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96984?format=api", "vulnerability_id": "VCID-vpyv-nrjk-nkhd", "summary": "Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0903", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11384", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11584", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1155", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11525", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11586", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.1164", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11429", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11515", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11574", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0903" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0903", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0903" }, { "reference_url": "https://issues.chromium.org/issues/444803530", "reference_id": "444803530", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T15:28:55Z/" } ], "url": "https://issues.chromium.org/issues/444803530" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T15:28:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0903" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vpyv-nrjk-nkhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96628?format=api", "vulnerability_id": "VCID-vrrj-pznc-cfdx", "summary": "Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3070", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51945", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51936", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51918", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51903", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51841", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51867", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51831", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51886", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00285", "scoring_system": "epss", "scoring_elements": "0.51884", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3070" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3070", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3070" }, { "reference_url": "https://issues.chromium.org/issues/40086360", "reference_id": "40086360", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T17:49:46Z/" } ], "url": "https://issues.chromium.org/issues/40086360" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T17:49:46Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3070" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vrrj-pznc-cfdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63907?format=api", "vulnerability_id": "VCID-vscd-6s2t-bucr", "summary": "chromium-browser: Inappropriate implementation in WebGL", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5291.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5291.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06343", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.0631", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07065", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07151", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07149", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07138", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0713", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07066", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.0712", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5291" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453699", "reference_id": "2453699", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453699" }, { "reference_url": "https://issues.chromium.org/issues/490118036", "reference_id": "490118036", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T13:48:55Z/" } ], "url": "https://issues.chromium.org/issues/490118036" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-01T13:48:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5291" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vscd-6s2t-bucr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66408?format=api", "vulnerability_id": "VCID-vw5q-5y94-bqhz", "summary": "chromium-browser: Inappropriate implementation in Split View", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13636.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13636.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13636", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00088", "scoring_system": "epss", "scoring_elements": "0.25231", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31722", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31763", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31766", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31726", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.3169", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31863", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31681", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00125", "scoring_system": "epss", "scoring_elements": "0.31733", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13636" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13636", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13636" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418456", "reference_id": "2418456", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418456" }, { "reference_url": "https://issues.chromium.org/issues/446181124", "reference_id": "446181124", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:46:58Z/" } ], "url": "https://issues.chromium.org/issues/446181124" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:46:58Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13636" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vw5q-5y94-bqhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96409?format=api", "vulnerability_id": "VCID-vwsy-zaxq-83e7", "summary": "Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9966", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1727", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17419", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17432", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17383", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17328", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17441", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17487", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.17268", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00055", "scoring_system": "epss", "scoring_elements": "0.1736", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9966" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9966", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9966" }, { "reference_url": "https://issues.chromium.org/issues/364773822", "reference_id": "364773822", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:41:38Z/" } ], "url": "https://issues.chromium.org/issues/364773822" }, { "reference_url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html", "reference_id": "stable-channel-update-for-desktop_15.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-16T19:41:38Z/" } ], "url": "https://chromereleases.googleblog.com/2024/10/stable-channel-update-for-desktop_15.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-9966" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vwsy-zaxq-83e7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350954?format=api", "vulnerability_id": "VCID-vxex-hv2g-gbhk", "summary": "Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07086", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07097", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.07076", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08518", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456781", "reference_id": "2456781", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456781" }, { "reference_url": "https://issues.chromium.org/issues/485397283", "reference_id": "485397283", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/" } ], "url": "https://issues.chromium.org/issues/485397283" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5886" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vxex-hv2g-gbhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350950?format=api", "vulnerability_id": "VCID-vz9s-2tc5-xqh7", "summary": "Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5882.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5882.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5882", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07954", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5882" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5882", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5882" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456801", "reference_id": "2456801", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456801" }, { "reference_url": "https://issues.chromium.org/issues/480993682", "reference_id": "480993682", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:57:02Z/" } ], "url": "https://issues.chromium.org/issues/480993682" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:57:02Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5882" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vz9s-2tc5-xqh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96076?format=api", "vulnerability_id": "VCID-vzvf-qeyq-qfdg", "summary": "Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3169", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71926", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71937", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.7196", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71943", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71896", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71916", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00697", "scoring_system": "epss", "scoring_elements": "0.71887", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3169" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3169", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3169" }, { "reference_url": "https://issues.chromium.org/issues/41491234", "reference_id": "41491234", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-17T17:57:02Z/" } ], "url": "https://issues.chromium.org/issues/41491234" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-07-17T17:57:02Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3169" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vzvf-qeyq-qfdg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96289?format=api", "vulnerability_id": "VCID-w5hn-55q7-9udm", "summary": "Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75453", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75361", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75393", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75424", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75444", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75422", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00884", "scoring_system": "epss", "scoring_elements": "0.75411", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5496" }, { "reference_url": "https://issues.chromium.org/issues/338929744", "reference_id": "338929744", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:08:31Z/" } ], "url": "https://issues.chromium.org/issues/338929744" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:08:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:08:31Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-03T17:08:31Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5496" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5hn-55q7-9udm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47503?format=api", "vulnerability_id": "VCID-w5uj-yukt-dfdk", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6988", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50832", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50831", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50828", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50871", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50847", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50791", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50817", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00274", "scoring_system": "epss", "scoring_elements": "0.50774", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6988" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6988", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6988" }, { "reference_url": "https://issues.chromium.org/issues/349198731", "reference_id": "349198731", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:39:49Z/" } ], "url": "https://issues.chromium.org/issues/349198731" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:39:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6988" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5uj-yukt-dfdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96362?format=api", "vulnerability_id": "VCID-w6gx-jt4u-rbh7", "summary": "Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7018", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68891", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68879", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.6885", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68802", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68822", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68801", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68852", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68871", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00578", "scoring_system": "epss", "scoring_elements": "0.68893", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7018" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7018", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7018" }, { "reference_url": "https://issues.chromium.org/issues/333414305", "reference_id": "333414305", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-24T19:57:40Z/" } ], "url": "https://issues.chromium.org/issues/333414305" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7018" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6gx-jt4u-rbh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350958?format=api", "vulnerability_id": "VCID-w6jf-yzuk-rbbc", "summary": "Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5890.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5890.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5890", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0836", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08351", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08331", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08314", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11395", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5890" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5890", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5890" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456770", "reference_id": "2456770", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456770" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5890" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w6jf-yzuk-rbbc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47496?format=api", "vulnerability_id": "VCID-w7zp-rzrw-xycb", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5845", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56621", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56571", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56622", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56627", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56636", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.56611", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00337", "scoring_system": "epss", "scoring_elements": "0.5659", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5845" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5845", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5845" }, { "reference_url": "https://issues.chromium.org/issues/340178596", "reference_id": "340178596", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:42:53Z/" } ], "url": "https://issues.chromium.org/issues/340178596" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:42:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:42:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:42:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5845" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w7zp-rzrw-xycb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350942?format=api", "vulnerability_id": "VCID-wcas-mvba-4bd3", "summary": "Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5874.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5874.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5874", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20886", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.2093", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00068", "scoring_system": "epss", "scoring_elements": "0.20835", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30636", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5874" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5874", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5874" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456798", "reference_id": "2456798", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456798" }, { "reference_url": "https://issues.chromium.org/issues/485397279", "reference_id": "485397279", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-11T02:58:13Z/" } ], "url": "https://issues.chromium.org/issues/485397279" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-11T02:58:13Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5874" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wcas-mvba-4bd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64444?format=api", "vulnerability_id": "VCID-wdby-s3xj-g7h7", "summary": "chromium-browser: Out of bounds read in Media", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3061.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08603", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08523", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08646", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08671", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08668", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08633", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08655", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08574", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3061" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442073", "reference_id": "2442073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442073" }, { "reference_url": "https://issues.chromium.org/issues/482862710", "reference_id": "482862710", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:32Z/" } ], "url": "https://issues.chromium.org/issues/482862710" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-25T04:55:32Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3061" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdby-s3xj-g7h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34527?format=api", "vulnerability_id": "VCID-wdet-zcjk-ykfq", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11207.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-11207.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11207", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13198", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.1333", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13298", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13259", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00043", "scoring_system": "epss", "scoring_elements": "0.13211", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13919", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.13862", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00051", "scoring_system": "epss", "scoring_elements": "0.15837", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11207" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11207", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11207" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413260", "reference_id": "2413260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413260" }, { "reference_url": "https://issues.chromium.org/issues/428189824", "reference_id": "428189824", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:57:34Z/" } ], "url": "https://issues.chromium.org/issues/428189824" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-12T20:57:34Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11207" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wdet-zcjk-ykfq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47510?format=api", "vulnerability_id": "VCID-wjex-hd2c-bych", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6998", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66705", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66713", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66701", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66671", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6663", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66656", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.66679", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6998" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6998", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6998" }, { "reference_url": "https://issues.chromium.org/issues/340098902", "reference_id": "340098902", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:36:49Z/" } ], "url": "https://issues.chromium.org/issues/340098902" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-06T17:36:49Z/" } ], "url": "https://chromereleases.googleblog.com/2024/07/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6998" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wjex-hd2c-bych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66409?format=api", "vulnerability_id": "VCID-wk6f-5363-3fa9", "summary": "chromium-browser: Inappropriate implementation in Downloads", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13635.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13635.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13635", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01103", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01126", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01131", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0111", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01112", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.0112", "published_at": "2026-04-04T12:55:00Z" }, { "value": "7e-05", "scoring_system": "epss", "scoring_elements": "0.00609", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13635" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13635", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13635" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418457", "reference_id": "2418457", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418457" }, { "reference_url": "https://issues.chromium.org/issues/405727341", "reference_id": "405727341", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:48:06Z/" } ], "url": "https://issues.chromium.org/issues/405727341" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T21:48:06Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13635" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wk6f-5363-3fa9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66404?format=api", "vulnerability_id": "VCID-wkvg-389z-pyer", "summary": "chromium-browser: Inappropriate implementation in Passwords", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13640.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13640.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13640", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05248", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05324", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05312", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05275", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.053", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0002", "scoring_system": "epss", "scoring_elements": "0.05334", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13640" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13640", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13640" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418458", "reference_id": "2418458", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418458" }, { "reference_url": "https://issues.chromium.org/issues/452071826", "reference_id": "452071826", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:35:58Z/" } ], "url": "https://issues.chromium.org/issues/452071826" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-02T19:35:58Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13640" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wkvg-389z-pyer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350939?format=api", "vulnerability_id": "VCID-wsx4-jwca-7fh7", "summary": "Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5871.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5871.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5871", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11391", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11334", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00104", "scoring_system": "epss", "scoring_elements": "0.28321", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5871" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5871", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5871" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456792", "reference_id": "2456792", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456792" }, { "reference_url": "https://issues.chromium.org/issues/495679730", "reference_id": "495679730", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:53Z/" } ], "url": "https://issues.chromium.org/issues/495679730" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:53Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5871" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wsx4-jwca-7fh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96051?format=api", "vulnerability_id": "VCID-wt1x-6rzc-eqa7", "summary": "Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2884", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32622", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.3266", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32686", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32687", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32649", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32755", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32613", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2884" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2884", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2884" }, { "reference_url": "https://issues.chromium.org/issues/41491373", "reference_id": "41491373", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T17:31:52Z/" } ], "url": "https://issues.chromium.org/issues/41491373" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-19T17:31:52Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2884" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wt1x-6rzc-eqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96625?format=api", "vulnerability_id": "VCID-wv9g-rq72-hfct", "summary": "Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3067", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43074", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4303", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43065", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43031", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43016", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43043", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4298", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-3067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3067" }, { "reference_url": "https://issues.chromium.org/issues/376491759", "reference_id": "376491759", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:16Z/" } ], "url": "https://issues.chromium.org/issues/376491759" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-03T03:55:16Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-3067" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wv9g-rq72-hfct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51266?format=api", "vulnerability_id": "VCID-x1y6-a4rp-9fg2", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0804", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29837", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29948", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29997", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.2981", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29872", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29908", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29914", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29868", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00113", "scoring_system": "epss", "scoring_elements": "0.29819", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0804" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0804", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0804" }, { "reference_url": "https://crbug.com/1515137", "reference_id": "1515137", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T19:35:36Z/" } ], "url": "https://crbug.com/1515137" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T19:35:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T19:35:36Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-14T19:35:36Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0804" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x1y6-a4rp-9fg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66401?format=api", "vulnerability_id": "VCID-x3fw-h8gu-q7aj", "summary": "chromium-browser: Use after free in Digital Credentials", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13633.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13633.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00138", "scoring_system": "epss", "scoring_elements": "0.33684", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41548", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41528", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4155", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41517", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41503", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41543", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.4147", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00196", "scoring_system": "epss", "scoring_elements": "0.41519", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13633" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418467", "reference_id": "2418467", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418467" }, { "reference_url": "https://issues.chromium.org/issues/458082926", "reference_id": "458082926", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:47Z/" } ], "url": "https://issues.chromium.org/issues/458082926" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:47Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13633" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x3fw-h8gu-q7aj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96674?format=api", "vulnerability_id": "VCID-x4d1-jf7f-uugy", "summary": "Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4051", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31595", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31638", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31597", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31735", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31554", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00124", "scoring_system": "epss", "scoring_elements": "0.31606", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-4051" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4051" }, { "reference_url": "https://issues.chromium.org/issues/404000989", "reference_id": "404000989", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T18:54:40Z/" } ], "url": "https://issues.chromium.org/issues/404000989" }, { "reference_url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html", "reference_id": "stable-channel-update-for-desktop_29.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-06T18:54:40Z/" } ], "url": "https://chromereleases.googleblog.com/2025/04/stable-channel-update-for-desktop_29.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-4051" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4d1-jf7f-uugy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96483?format=api", "vulnerability_id": "VCID-x4up-ttsq-3khf", "summary": "Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14372", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15495", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15565", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15365", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15452", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15503", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15466", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0005", "scoring_system": "epss", "scoring_elements": "0.15428", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20638", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20624", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-14372" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14372", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-14372" }, { "reference_url": "https://issues.chromium.org/issues/460599518", "reference_id": "460599518", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-12T20:27:08Z/" } ], "url": "https://issues.chromium.org/issues/460599518" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-12T20:27:08Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-14372" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x4up-ttsq-3khf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96385?format=api", "vulnerability_id": "VCID-x9e4-duzt-kbet", "summary": "Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67969", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67956", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.6798", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67967", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67932", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67893", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67911", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67891", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00549", "scoring_system": "epss", "scoring_elements": "0.67942", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8362" }, { "reference_url": "https://issues.chromium.org/issues/357391257", "reference_id": "357391257", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-04T13:54:26Z/" } ], "url": "https://issues.chromium.org/issues/357391257" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-04T13:54:26Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8362" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x9e4-duzt-kbet" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96823?format=api", "vulnerability_id": "VCID-xb2c-e4u5-2fe3", "summary": "Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5958", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21837", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21783", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35122", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35112", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35138", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35142", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35108", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35084", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00147", "scoring_system": "epss", "scoring_elements": "0.35068", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-5958" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5958", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5958" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://issues.chromium.org/issues/420150619", "reference_id": "420150619", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-13T03:55:22Z/" } ], "url": "https://issues.chromium.org/issues/420150619" }, { "reference_url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-13T03:55:22Z/" } ], "url": "https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-5958" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xb2c-e4u5-2fe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47470?format=api", "vulnerability_id": "VCID-xb38-zgjp-gygu", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44536", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44434", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44486", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44492", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44508", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44479", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.4448", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44475", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00218", "scoring_system": "epss", "scoring_elements": "0.44497", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4060" }, { "reference_url": "https://issues.chromium.org/issues/333420620", "reference_id": "333420620", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T14:49:26Z/" } ], "url": "https://issues.chromium.org/issues/333420620" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T14:49:26Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-01T14:49:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4060" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xb38-zgjp-gygu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96432?format=api", "vulnerability_id": "VCID-xecy-4ns3-9uac", "summary": "Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29751", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29821", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.2983", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29784", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29734", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29861", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29723", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00112", "scoring_system": "epss", "scoring_elements": "0.29785", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00115", "scoring_system": "epss", "scoring_elements": "0.3031", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-10891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-10891" }, { "reference_url": "https://issues.chromium.org/issues/443765373", "reference_id": "443765373", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-25T03:55:55Z/" } ], "url": "https://issues.chromium.org/issues/443765373" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-25T03:55:55Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-10891" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xecy-4ns3-9uac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97106?format=api", "vulnerability_id": "VCID-xek4-ku8z-n7b7", "summary": "Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3936", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29185", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29237", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29048", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29111", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29154", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00108", "scoring_system": "epss", "scoring_elements": "0.29159", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3067", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30716", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30694", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3936" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3936", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3936" }, { "reference_url": "https://issues.chromium.org/issues/481920229", "reference_id": "481920229", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T15:13:57Z/" } ], "url": "https://issues.chromium.org/issues/481920229" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T15:13:57Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3936" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xek4-ku8z-n7b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97126?format=api", "vulnerability_id": "VCID-xfz2-cwzt-tqhz", "summary": "Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5292", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19612", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19556", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5292" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5292", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5292" }, { "reference_url": "https://issues.chromium.org/issues/492213293", "reference_id": "492213293", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:54:54Z/" } ], "url": "https://issues.chromium.org/issues/492213293" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:54:54Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5292" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xfz2-cwzt-tqhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47500?format=api", "vulnerability_id": "VCID-xgyr-vdpb-sfc4", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6291", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51117", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.5106", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51018", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51075", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51071", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51094", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00276", "scoring_system": "epss", "scoring_elements": "0.51078", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-6291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6291", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6291" }, { "reference_url": "https://issues.chromium.org/issues/40942995", "reference_id": "40942995", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:30Z/" } ], "url": "https://issues.chromium.org/issues/40942995" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html", "reference_id": "stable-channel-update-for-desktop_24.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:30Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop_24.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/", "reference_id": "T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T6OJ65HWXYSYMH55VDO6N36EOZFUNL4O/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/", "reference_id": "WHV5WTU27YOIBIM2CON42SHWY6J2HPRS", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:30Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WHV5WTU27YOIBIM2CON42SHWY6J2HPRS/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-6291" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgyr-vdpb-sfc4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34537?format=api", "vulnerability_id": "VCID-xnxm-5cqv-7ff9", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11216", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06668", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06718", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06743", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06752", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00025", "scoring_system": "epss", "scoring_elements": "0.06736", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07022", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00026", "scoring_system": "epss", "scoring_elements": "0.07078", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.08198", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-11216" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11216", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-11216" }, { "reference_url": "https://issues.chromium.org/issues/419721056", "reference_id": "419721056", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T13:43:06Z/" } ], "url": "https://issues.chromium.org/issues/419721056" }, { "reference_url": "https://security.gentoo.org/glsa/202511-04", "reference_id": "GLSA-202511-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202511-04" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-07T13:43:06Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop_30.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-11216" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xnxm-5cqv-7ff9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96291?format=api", "vulnerability_id": "VCID-xsx8-jc5d-9uea", "summary": "Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26491", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26294", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26287", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26346", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26393", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26384", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26333", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26265", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35311", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5498" }, { "reference_url": "https://issues.chromium.org/issues/339588211", "reference_id": "339588211", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T16:09:06Z/" } ], "url": "https://issues.chromium.org/issues/339588211" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T16:09:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T16:09:06Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-31T16:09:06Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5498" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xsx8-jc5d-9uea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66474?format=api", "vulnerability_id": "VCID-xt76-tk8k-r7c3", "summary": "chromium-browser: Out of bounds read in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9479.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9479.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9479", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22145", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00073", "scoring_system": "epss", "scoring_elements": "0.22146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22823", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33223", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33166", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33087", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.3313", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33164", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.33255", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9479" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9479", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9479" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414973", "reference_id": "2414973", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414973" }, { "reference_url": "https://issues.chromium.org/issues/390743124", "reference_id": "390743124", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:18:45Z/" } ], "url": "https://issues.chromium.org/issues/390743124" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html", "reference_id": "stable-channel-update-for-desktop_25.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:18:45Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_25.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-9479" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xt76-tk8k-r7c3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59104?format=api", "vulnerability_id": "VCID-xtcv-nv3g-nkfr", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3833", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88621", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.8868", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88666", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88673", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88661", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88656", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88638", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04149", "scoring_system": "epss", "scoring_elements": "0.88637", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-3833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3833" }, { "reference_url": "https://issues.chromium.org/issues/331383939", "reference_id": "331383939", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://issues.chromium.org/issues/331383939" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/", "reference_id": "CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWIVXXSVO5VB3NAZVFJ7CWVBN6W2735T/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/", "reference_id": "IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IDLUD644WEWGOFKMZWC2K7Z4CQOKQYR7/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/", "reference_id": "M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M4PCXKCOVBUUU6GOSN46DCPI4HMER3PJ/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/", "reference_id": "PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PCWPUBGTBNT4EW32YNZMRIPB3Y4R6XL6/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html", "reference_id": "stable-channel-update-for-desktop_16.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_16.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/", "reference_id": "WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-06-28T03:55:29Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WEP5NJUWMDRLDQUKU4LFDUHF5PCYAPIO/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-3833" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xtcv-nv3g-nkfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350935?format=api", "vulnerability_id": "VCID-xtzf-12qm-y3e5", "summary": "Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5867.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00029", "scoring_system": "epss", "scoring_elements": "0.0813", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0003", "scoring_system": "epss", "scoring_elements": "0.08481", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.1703", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16984", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16924", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5867" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456760", "reference_id": "2456760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456760" }, { "reference_url": "https://issues.chromium.org/issues/492668885", "reference_id": "492668885", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T13:44:15Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:44:31Z/" } ], "url": "https://issues.chromium.org/issues/492668885" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N" }, { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:44:31Z/" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T13:44:15Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5867" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xtzf-12qm-y3e5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350963?format=api", "vulnerability_id": "VCID-xz23-yr7q-1fgq", "summary": "Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. (Chromium security severity: Low)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5895.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5895.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5895", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10393", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10421", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10382", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.1036", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20802", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5895" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5895", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5895" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457216", "reference_id": "2457216", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2457216" }, { "reference_url": "https://issues.chromium.org/issues/374285495", "reference_id": "374285495", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:10:22Z/" } ], "url": "https://issues.chromium.org/issues/374285495" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:10:22Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5895" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xz23-yr7q-1fgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64131?format=api", "vulnerability_id": "VCID-y17q-5gas-jke9", "summary": "chromium-browser: Integer overflow in Fonts", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4679.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4679.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4679", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29276", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29177", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29203", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29243", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29248", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.2915", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29138", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4679" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4679", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4679" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450572", "reference_id": "2450572", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450572" }, { "reference_url": "https://issues.chromium.org/issues/491516670", "reference_id": "491516670", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:49:08Z/" } ], "url": "https://issues.chromium.org/issues/491516670" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:49:08Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-4679" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y17q-5gas-jke9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64327?format=api", "vulnerability_id": "VCID-y22a-fhds-mqa7", "summary": "chromium-browser: Use after free in MediaStream", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3922.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3922.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3922", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30743", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30607", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30791", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30665", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30701", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32204", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32202", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.3217", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3922" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3922", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3922" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446866", "reference_id": "2446866", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446866" }, { "reference_url": "https://issues.chromium.org/issues/485397139", "reference_id": "485397139", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:12:00Z/" } ], "url": "https://issues.chromium.org/issues/485397139" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T13:12:00Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3922" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y22a-fhds-mqa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47561?format=api", "vulnerability_id": "VCID-y533-phh6-h7ff", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10827", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74729", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74721", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.747", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74692", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.7465", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74676", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74651", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00839", "scoring_system": "epss", "scoring_elements": "0.74683", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-10827" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10827", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10827" }, { "reference_url": "https://issues.chromium.org/issues/375065084", "reference_id": "375065084", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T17:04:09Z/" } ], "url": "https://issues.chromium.org/issues/375065084" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T17:04:09Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-10827" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y533-phh6-h7ff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350959?format=api", "vulnerability_id": "VCID-y6r7-wj7c-p3bn", "summary": "Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5891", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09357", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09366", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09338", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09325", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00054", "scoring_system": "epss", "scoring_elements": "0.16794", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5891" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456771", "reference_id": "2456771", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456771" }, { "reference_url": "https://issues.chromium.org/issues/487471101", "reference_id": "487471101", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/" } ], "url": "https://issues.chromium.org/issues/487471101" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5891" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y6r7-wj7c-p3bn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47529?format=api", "vulnerability_id": "VCID-y8by-xakp-37cd", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7969", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38688", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38694", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38705", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38666", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.3864", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38681", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38703", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38634", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00173", "scoring_system": "epss", "scoring_elements": "0.38684", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7969" }, { "reference_url": "https://issues.chromium.org/issues/351865302", "reference_id": "351865302", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-05T03:55:48Z/" } ], "url": "https://issues.chromium.org/issues/351865302" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-05T03:55:48Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7969" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y8by-xakp-37cd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59089?format=api", "vulnerability_id": "VCID-ya5r-nz1z-23gw", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2626", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32024", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31899", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31933", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31972", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31969", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.3194", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31888", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.32065", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-2626" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2626", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2626" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/", "reference_id": "2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:27:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/" }, { "reference_url": "https://issues.chromium.org/issues/40945098", "reference_id": "40945098", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:27:53Z/" } ], "url": "https://issues.chromium.org/issues/40945098" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "reference_id": "6JINDYFB3MPH43ECTI72BV63K4RXSG22", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:27:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/", "reference_id": "AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:27:53Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html", "reference_id": "stable-channel-update-for-desktop_19.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-03-21T16:27:53Z/" } ], "url": "https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-2626" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ya5r-nz1z-23gw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47257?format=api", "vulnerability_id": "VCID-ydja-8d7s-sqbv", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65105", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65088", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65107", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65096", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65068", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65036", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65063", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65025", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0048", "scoring_system": "epss", "scoring_elements": "0.65074", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11114" }, { "reference_url": "https://issues.chromium.org/issues/370856871", "reference_id": "370856871", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T20:24:47Z/" } ], "url": "https://issues.chromium.org/issues/370856871" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-12T20:24:47Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11114" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ydja-8d7s-sqbv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47519?format=api", "vulnerability_id": "VCID-yegf-fz77-fkbn", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7533", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56073", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56063", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56074", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56054", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56037", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56008", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56029", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00331", "scoring_system": "epss", "scoring_elements": "0.56059", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7533" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7533", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7533" }, { "reference_url": "https://issues.chromium.org/issues/353552540", "reference_id": "353552540", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T13:26:39Z/" } ], "url": "https://issues.chromium.org/issues/353552540" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T13:26:39Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7533" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yegf-fz77-fkbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64244?format=api", "vulnerability_id": "VCID-ygk9-zgpq-9bdj", "summary": "chromium-browser: Use after free in Base", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4441.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4441.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29355", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29253", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29325", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29279", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29226", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29404", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00109", "scoring_system": "epss", "scoring_elements": "0.29282", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4441" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449415", "reference_id": "2449415", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449415" }, { "reference_url": "https://issues.chromium.org/issues/489381399", "reference_id": "489381399", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:12Z/" } ], "url": "https://issues.chromium.org/issues/489381399" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-20T14:35:12Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-4441" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ygk9-zgpq-9bdj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47279?format=api", "vulnerability_id": "VCID-yj1b-bysp-b7h1", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0441", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22886", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22966", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22929", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22872", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22985", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23028", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22821", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22895", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.22947", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0441" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0441", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0441" }, { "reference_url": "https://issues.chromium.org/issues/368628042", "reference_id": "368628042", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:36:52Z/" } ], "url": "https://issues.chromium.org/issues/368628042" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html", "reference_id": "stable-channel-update-for-desktop_14.html", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-15T14:36:52Z/" } ], "url": "https://chromereleases.googleblog.com/2025/01/stable-channel-update-for-desktop_14.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0441" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yj1b-bysp-b7h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96987?format=api", "vulnerability_id": "VCID-yq2k-m5rw-ubeq", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1220", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1220" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-1220" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yq2k-m5rw-ubeq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59110?format=api", "vulnerability_id": "VCID-ytxj-r5kb-euf9", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4368", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62261", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62329", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62283", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62305", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62315", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62296", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62231", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62279", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00426", "scoring_system": "epss", "scoring_elements": "0.62229", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-4368" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4368", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-4368" }, { "reference_url": "https://issues.chromium.org/issues/333508731", "reference_id": "333508731", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://issues.chromium.org/issues/333508731" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "reference_id": "6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/" }, { "reference_url": "https://security.gentoo.org/glsa/202412-05", "reference_id": "GLSA-202412-05", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-05" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/", "reference_id": "IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPETICRXUOGRIM4U3BCRTIKE3IZWCSBT/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6/", "reference_id": "L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L7I4FMQSOVTCIIH4XT2MJGEQRUACLPB6/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/", "reference_id": "LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LE3ASLH6QF2E5OVJI5VA3JSEPJFFFMNY/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://chromereleases.googleblog.com/2024/04/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/", "reference_id": "UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-04T04:00:10Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOC3HLIZCGMIJLJ6LME5UWUUIFLXEGRN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-4368" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ytxj-r5kb-euf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47539?format=api", "vulnerability_id": "VCID-yu3z-5wxc-6yhr", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7980", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10431", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10591", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.1062", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10587", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10563", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10518", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10589", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10451", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00036", "scoring_system": "epss", "scoring_elements": "0.10525", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-7980" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7980", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-7980" }, { "reference_url": "https://issues.chromium.org/issues/356328460", "reference_id": "356328460", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T14:14:09Z/" } ], "url": "https://issues.chromium.org/issues/356328460" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-22T14:14:09Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-7980" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yu3z-5wxc-6yhr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47265?format=api", "vulnerability_id": "VCID-yufz-y2wn-a7dj", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12692", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90137", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90118", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90126", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90125", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.9012", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.9008", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90092", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.05389", "scoring_system": "epss", "scoring_elements": "0.90112", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-12692" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12692", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-12692" }, { "reference_url": "https://issues.chromium.org/issues/382291459", "reference_id": "382291459", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-07T16:02:32Z/" } ], "url": "https://issues.chromium.org/issues/382291459" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-01-07T16:02:32Z/" } ], "url": "https://chromereleases.googleblog.com/2024/12/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-12692" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yufz-y2wn-a7dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64326?format=api", "vulnerability_id": "VCID-z1uy-svpz-7uew", "summary": "chromium-browser: Insufficient policy enforcement in Extensions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3928.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3928.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3928", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02898", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02922", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02924", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02949", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.02918", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03537", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03588", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03563", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3928" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3928", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3928" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446865", "reference_id": "2446865", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446865" }, { "reference_url": "https://issues.chromium.org/issues/435980394", "reference_id": "435980394", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T02:51:55Z/" } ], "url": "https://issues.chromium.org/issues/435980394" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-03-14T02:51:55Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3928" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z1uy-svpz-7uew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/350955?format=api", "vulnerability_id": "VCID-z2gp-g2h2-x3bm", "summary": "Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5887.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5887.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5887", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.0558", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05568", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05561", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10179", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5887" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5887", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5887" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456766", "reference_id": "2456766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456766" }, { "reference_url": "https://issues.chromium.org/issues/486079015", "reference_id": "486079015", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:58:46Z/" } ], "url": "https://issues.chromium.org/issues/486079015" }, { "reference_url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T17:58:46Z/" } ], "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5887" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z2gp-g2h2-x3bm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96389?format=api", "vulnerability_id": "VCID-z3hb-eha9-27a9", "summary": "Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42654", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42635", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42659", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42623", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42595", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42604", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42633", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42572", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00204", "scoring_system": "epss", "scoring_elements": "0.42624", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8905" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8905", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8905" }, { "reference_url": "https://issues.chromium.org/issues/359949835", "reference_id": "359949835", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T15:36:35Z/" } ], "url": "https://issues.chromium.org/issues/359949835" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T15:36:35Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8905" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z3hb-eha9-27a9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64328?format=api", "vulnerability_id": "VCID-z6td-n12w-cqcs", "summary": "chromium-browser: Heap buffer overflow in Skia", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3931.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-3931.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3931", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23555", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23373", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23592", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23445", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23496", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23514", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24827", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24871", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24815", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-3931" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3931", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-3931" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446868", "reference_id": "2446868", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2446868" }, { "reference_url": "https://issues.chromium.org/issues/417599694", "reference_id": "417599694", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T15:12:19Z/" } ], "url": "https://issues.chromium.org/issues/417599694" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-12T15:12:19Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-3931" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z6td-n12w-cqcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96475?format=api", "vulnerability_id": "VCID-z745-kejm-sbf2", "summary": "Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12911", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03679", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03761", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03764", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03788", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03749", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03727", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00016", "scoring_system": "epss", "scoring_elements": "0.03701", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09324", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09273", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12911" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12911", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12911" }, { "reference_url": "https://issues.chromium.org/issues/423670839", "reference_id": "423670839", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:50:30Z/" } ], "url": "https://issues.chromium.org/issues/423670839" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T15:50:30Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12911" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z745-kejm-sbf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64125?format=api", "vulnerability_id": "VCID-z8nt-w84w-tkew", "summary": "chromium-browser: Use after free in WebGPU", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4678.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-4678.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4678", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31539", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3144", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31481", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31406", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31581", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31397", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31451", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-4678" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-4678" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450564", "reference_id": "2450564", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2450564" }, { "reference_url": "https://issues.chromium.org/issues/491164019", "reference_id": "491164019", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:48:07Z/" } ], "url": "https://issues.chromium.org/issues/491164019" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-03-24T00:48:07Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_23.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/583861?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.164-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.164-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/994462?format=api", "purl": "pkg:deb/debian/chromium@146.0.7680.177-1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@146.0.7680.177-1" } ], "aliases": [ "CVE-2026-4678" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z8nt-w84w-tkew" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96983?format=api", "vulnerability_id": "VCID-zbmp-zauf-5yc7", "summary": "Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0901", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11335", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11538", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11503", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11542", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11596", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11385", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11469", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00038", "scoring_system": "epss", "scoring_elements": "0.11528", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-0901" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0901", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-0901" }, { "reference_url": "https://issues.chromium.org/issues/40057499", "reference_id": "40057499", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T14:06:29Z/" } ], "url": "https://issues.chromium.org/issues/40057499" }, { "reference_url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html", "reference_id": "stable-channel-update-for-desktop_13.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-20T14:06:29Z/" } ], "url": "https://chromereleases.googleblog.com/2026/01/stable-channel-update-for-desktop_13.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-0901" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbmp-zauf-5yc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96388?format=api", "vulnerability_id": "VCID-zbu2-b7gs-xkhe", "summary": "Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52775", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52719", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52769", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52753", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52737", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52682", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52674", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00294", "scoring_system": "epss", "scoring_elements": "0.52725", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-8904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8904" }, { "reference_url": "https://issues.chromium.org/issues/365376497", "reference_id": "365376497", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T15:40:22Z/" } ], "url": "https://issues.chromium.org/issues/365376497" }, { "reference_url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html", "reference_id": "stable-channel-update-for-desktop_17.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T15:40:22Z/" } ], "url": "https://chromereleases.googleblog.com/2024/09/stable-channel-update-for-desktop_17.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-8904" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zbu2-b7gs-xkhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96461?format=api", "vulnerability_id": "VCID-zc15-pprp-77bq", "summary": "Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12434", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12291", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1239", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1243", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12462", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12468", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12898", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13096", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.13043", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12977", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-12434" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12434", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12434" }, { "reference_url": "https://issues.chromium.org/issues/337356054", "reference_id": "337356054", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:42:58Z/" } ], "url": "https://issues.chromium.org/issues/337356054" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "4.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-10T20:42:58Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-12434" ], "risk_score": 1.2, "exploitability": "0.5", "weighted_severity": "2.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zc15-pprp-77bq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/97123?format=api", "vulnerability_id": "VCID-zcq4-z2c5-2ffr", "summary": "Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5288", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18378", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18323", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19471", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19608", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19612", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19564", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19506", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19477", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00063", "scoring_system": "epss", "scoring_elements": "0.19556", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5288" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5288", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5288" }, { "reference_url": "https://issues.chromium.org/issues/495507390", "reference_id": "495507390", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:50:06Z/" } ], "url": "https://issues.chromium.org/issues/495507390" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:50:06Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5288" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zcq4-z2c5-2ffr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66464?format=api", "vulnerability_id": "VCID-zf2c-w2jx-huej", "summary": "chromium-browser: Type Confusion in V8", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13230.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13230.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26561", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.3507", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35051", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35055", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35019", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34996", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34977", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.35022", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13230" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415522", "reference_id": "2415522", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415522" }, { "reference_url": "https://issues.chromium.org/issues/446124892", "reference_id": "446124892", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:28Z/" } ], "url": "https://issues.chromium.org/issues/446124892" }, { "reference_url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html", "reference_id": "stable-channel-update-for-desktop_28.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-18T04:55:28Z/" } ], "url": "https://chromereleases.googleblog.com/2025/10/stable-channel-update-for-desktop_28.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13230" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zf2c-w2jx-huej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96290?format=api", "vulnerability_id": "VCID-zh7a-qy6c-dua4", "summary": "Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5497", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72488", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72405", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72423", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.724", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72439", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72451", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72474", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72456", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00719", "scoring_system": "epss", "scoring_elements": "0.72447", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5497" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5497", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5497" }, { "reference_url": "https://issues.chromium.org/issues/339061099", "reference_id": "339061099", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T14:38:25Z/" } ], "url": "https://issues.chromium.org/issues/339061099" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/", "reference_id": "D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T14:38:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5SQOWDIVBXQYQPPBSCH7EFISYAOCTHD/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html", "reference_id": "stable-channel-update-for-desktop_30.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T14:38:25Z/" } ], "url": "https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/", "reference_id": "ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-05-31T14:38:25Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZW4TZXVPN3NLZ4UDGZP6OASUM4OVLXX2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5497" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zh7a-qy6c-dua4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96975?format=api", "vulnerability_id": "VCID-zkqv-ppkf-yfe2", "summary": "Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14277", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14385", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14443", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.14531", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00047", "scoring_system": "epss", "scoring_elements": "0.1448", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15104", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.153", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15232", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15192", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-9867" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9867", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9867" }, { "reference_url": "https://issues.chromium.org/issues/415496161", "reference_id": "415496161", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:16:51Z/" } ], "url": "https://issues.chromium.org/issues/415496161" }, { "reference_url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-03T17:16:51Z/" } ], "url": "https://chromereleases.googleblog.com/2025/09/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-9867" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkqv-ppkf-yfe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66471?format=api", "vulnerability_id": "VCID-zn27-5saa-j7c1", "summary": "chromium-browser: Inappropriate implementation in Fullscreen", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13178.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-13178.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-13178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22401", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22384", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00077", "scoring_system": "epss", "scoring_elements": "0.23012", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33472", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33504", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33391", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33425", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00136", "scoring_system": "epss", "scoring_elements": "0.33429", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-13178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-13178" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414977", "reference_id": "2414977", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414977" }, { "reference_url": "https://issues.chromium.org/issues/40068607", "reference_id": "40068607", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:28:12Z/" } ], "url": "https://issues.chromium.org/issues/40068607" }, { "reference_url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html", "reference_id": "stable-channel-update-for-desktop_21.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-11-14T15:28:12Z/" } ], "url": "https://chromereleases.googleblog.com/2024/08/stable-channel-update-for-desktop_21.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-13178" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zn27-5saa-j7c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51270?format=api", "vulnerability_id": "VCID-znf7-1xx4-8yf1", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57075", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57029", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57051", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57028", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57079", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.5708", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57092", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57071", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00344", "scoring_system": "epss", "scoring_elements": "0.57047", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0808" }, { "reference_url": "https://crbug.com/1504936", "reference_id": "1504936", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/" } ], "url": "https://crbug.com/1504936" }, { "reference_url": "https://security.gentoo.org/glsa/202402-23", "reference_id": "GLSA-202402-23", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202402-23" }, { "reference_url": "https://security.gentoo.org/glsa/202405-14", "reference_id": "GLSA-202405-14", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202405-14" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/", "reference_id": "MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMI6GXFONZV6HE3BPZO3AP6GUVQLG4JQ/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html", "reference_id": "stable-channel-update-for-desktop_23.html", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/" } ], "url": "https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_23.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/", "reference_id": "VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-05-09T23:34:13Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VXDSGAFQD4BDB4IB2O4ZUSHC3JCVQEKC/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-0808" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znf7-1xx4-8yf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47493?format=api", "vulnerability_id": "VCID-zqse-34ss-zqf5", "summary": "Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5842", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60821", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60881", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60839", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60858", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60871", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.6085", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60834", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.60785", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00627", "scoring_system": "epss", "scoring_elements": "0.70176", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-5842" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5842", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-5842" }, { "reference_url": "https://issues.chromium.org/issues/40062622", "reference_id": "40062622", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:41:24Z/" } ], "url": "https://issues.chromium.org/issues/40062622" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/", "reference_id": "7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:41:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/" }, { "reference_url": "https://security.gentoo.org/glsa/202501-09", "reference_id": "GLSA-202501-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202501-09" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "reference_id": "MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:41:24Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/" }, { "reference_url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-12T12:41:24Z/" } ], "url": "https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-5842" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zqse-34ss-zqf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96423?format=api", "vulnerability_id": "VCID-zr38-fv5c-jkfy", "summary": "Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0996", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25283", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25372", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2533", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25277", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25439", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25474", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25247", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25316", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.2536", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0996" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0996" }, { "reference_url": "https://issues.chromium.org/issues/391788835", "reference_id": "391788835", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T17:17:20Z/" } ], "url": "https://issues.chromium.org/issues/391788835" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-18T17:17:20Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0996" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr38-fv5c-jkfy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96425?format=api", "vulnerability_id": "VCID-zr5w-q9zh-nqbm", "summary": "Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0999", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.7241", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72398", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72381", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72369", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72329", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72347", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72362", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00716", "scoring_system": "epss", "scoring_elements": "0.72375", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-0999" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0999" }, { "reference_url": "https://issues.chromium.org/issues/394350433", "reference_id": "394350433", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:05:30Z/" } ], "url": "https://issues.chromium.org/issues/394350433" }, { "reference_url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html", "reference_id": "stable-channel-update-for-desktop_18.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-19T20:05:30Z/" } ], "url": "https://chromereleases.googleblog.com/2025/02/stable-channel-update-for-desktop_18.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-0999" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zr5w-q9zh-nqbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/63906?format=api", "vulnerability_id": "VCID-zrnp-ujpt-tbee", "summary": "chromium-browser: Use after free in WebCodecs", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5280.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5280.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5280", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20496", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20555", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2175", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2178", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21837", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21848", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21808", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21702", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-5280" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5280", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5280" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453698", "reference_id": "2453698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453698" }, { "reference_url": "https://issues.chromium.org/issues/491515787", "reference_id": "491515787", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:23:51Z/" } ], "url": "https://issues.chromium.org/issues/491515787" }, { "reference_url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html", "reference_id": "stable-channel-update-for-desktop_31.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-01T13:23:51Z/" } ], "url": "https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-5280" ], "risk_score": 4.3, "exploitability": "0.5", "weighted_severity": "8.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zrnp-ujpt-tbee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47264?format=api", "vulnerability_id": "VCID-zsj1-h1fk-mydz", "summary": "Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12569", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12782", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1275", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12712", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12664", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12799", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12847", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.12651", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00042", "scoring_system": "epss", "scoring_elements": "0.1273", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-11117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11117" }, { "reference_url": "https://issues.chromium.org/issues/40062534", "reference_id": "40062534", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:17:37Z/" } ], "url": "https://issues.chromium.org/issues/40062534" }, { "reference_url": "https://security.gentoo.org/glsa/202507-07", "reference_id": "GLSA-202507-07", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202507-07" }, { "reference_url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html", "reference_id": "stable-channel-update-for-desktop_12.html", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-13T15:17:37Z/" } ], "url": "https://chromereleases.googleblog.com/2024/11/stable-channel-update-for-desktop_12.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2024-11117" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zsj1-h1fk-mydz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96477?format=api", "vulnerability_id": "VCID-ztdz-bc13-huan", "summary": "Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High)", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13631", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28039", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34718", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34742", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34745", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34706", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34682", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34794", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00144", "scoring_system": "epss", "scoring_elements": "0.34714", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-13631" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13631", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-13631" }, { "reference_url": "https://issues.chromium.org/issues/448113221", "reference_id": "448113221", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:42Z/" } ], "url": "https://issues.chromium.org/issues/448113221" }, { "reference_url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html", "reference_id": "stable-channel-update-for-desktop.html", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-12-03T04:55:42Z/" } ], "url": "https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2025-13631" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ztdz-bc13-huan" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/64644?format=api", "vulnerability_id": "VCID-zunq-r482-23cm", "summary": "chromium-browser: Race in DevTools", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2319.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-2319.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07936", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0789", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08023", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08007", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.0799", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07973", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07982", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.07944", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00028", "scoring_system": "epss", "scoring_elements": "0.08002", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-2319" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439055", "reference_id": "2439055", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2439055" }, { "reference_url": "https://issues.chromium.org/issues/40071155", "reference_id": "40071155", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:23Z/" } ], "url": "https://issues.chromium.org/issues/40071155" }, { "reference_url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html", "reference_id": "stable-channel-update-for-desktop_10.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-02-12T04:55:23Z/" } ], "url": "https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop_10.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/582121?format=api", "purl": "pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" } ], "aliases": [ "CVE-2026-2319" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zunq-r482-23cm" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1" }