{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","type":"apk","namespace":"alpine","name":"qt6-qtwebengine","version":"6.11.0-r8","qualifiers":{"arch":"riscv64","distroversion":"edge","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.11.0-r9","latest_non_vulnerable_version":"6.11.1-r1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72512?format=json","vulnerability_id":"VCID-2y6c-7x9v-hubz","summary":"Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7910.json","reference_id":"","reference_type":"","scores":[{"value":"7.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7910.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7910","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06863","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7910"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7910","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7910"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467335","reference_id":"2467335","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467335"},{"reference_url":"https://issues.chromium.org/issues/497543810","reference_id":"497543810","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-12T20:06:46Z/"}],"url":"https://issues.chromium.org/issues/497543810"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-12T20:06:46Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7910"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2y6c-7x9v-hubz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72101?format=json","vulnerability_id":"VCID-37yd-xyd5-8feb","summary":"Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7933.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7933.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7933","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.07439","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7933"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7933","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7933"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467400","reference_id":"2467400","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467400"},{"reference_url":"https://issues.chromium.org/issues/488585490","reference_id":"488585490","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:51:16Z/"}],"url":"https://issues.chromium.org/issues/488585490"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:51:16Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7933"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-37yd-xyd5-8feb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72176?format=json","vulnerability_id":"VCID-3p1h-9skq-kbdj","summary":"Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7926.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7926.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7926","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7926"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7926","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7926"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467369","reference_id":"2467369","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467369"},{"reference_url":"https://issues.chromium.org/issues/502249087","reference_id":"502249087","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:52:20Z/"}],"url":"https://issues.chromium.org/issues/502249087"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:52:20Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7926"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3p1h-9skq-kbdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72548?format=json","vulnerability_id":"VCID-bgbp-119q-3uby","summary":"Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7919.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7919.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7919","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22544","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7919"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7919","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7919"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467406","reference_id":"2467406","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467406"},{"reference_url":"https://issues.chromium.org/issues/498832921","reference_id":"498832921","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:42:56Z/"}],"url":"https://issues.chromium.org/issues/498832921"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:42:56Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7919"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bgbp-119q-3uby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72641?format=json","vulnerability_id":"VCID-cyt4-gy5q-2fgr","summary":"Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7901.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7901.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7901","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7901"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467315","reference_id":"2467315","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467315"},{"reference_url":"https://issues.chromium.org/issues/497724490","reference_id":"497724490","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:24:02Z/"}],"url":"https://issues.chromium.org/issues/497724490"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:24:02Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7901"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cyt4-gy5q-2fgr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72781?format=json","vulnerability_id":"VCID-dsca-g9jw-qqc3","summary":"Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7993.json","reference_id":"","reference_type":"","scores":[{"value":"2.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7993.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7993","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24926","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7993"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7993","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7993"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467345","reference_id":"2467345","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467345"},{"reference_url":"https://issues.chromium.org/issues/499099003","reference_id":"499099003","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:32:26Z/"}],"url":"https://issues.chromium.org/issues/499099003"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:32:26Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7993"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dsca-g9jw-qqc3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72353?format=json","vulnerability_id":"VCID-fuv1-s1ff-9fgp","summary":"Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7902.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7902.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7902","reference_id":"","reference_type":"","scores":[{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.09209","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7902"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7902","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7902"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467317","reference_id":"2467317","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467317"},{"reference_url":"https://issues.chromium.org/issues/502030575","reference_id":"502030575","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T03:56:07Z/"}],"url":"https://issues.chromium.org/issues/502030575"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-07T03:56:07Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7902"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fuv1-s1ff-9fgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72634?format=json","vulnerability_id":"VCID-jv2x-t4f7-zqgu","summary":"Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7907.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7907.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7907","reference_id":"","reference_type":"","scores":[{"value":"0.00088","scoring_system":"epss","scoring_elements":"0.25099","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7907"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7907","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467309","reference_id":"2467309","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467309"},{"reference_url":"https://issues.chromium.org/issues/496292089","reference_id":"496292089","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:19:35Z/"}],"url":"https://issues.chromium.org/issues/496292089"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:19:35Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7907"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jv2x-t4f7-zqgu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72725?format=json","vulnerability_id":"VCID-mj2v-x86y-h7gf","summary":"Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7923.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7923.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7923","reference_id":"","reference_type":"","scores":[{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26114","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7923"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7923","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7923"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467351","reference_id":"2467351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467351"},{"reference_url":"https://issues.chromium.org/issues/500080194","reference_id":"500080194","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:45:22Z/"}],"url":"https://issues.chromium.org/issues/500080194"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:45:22Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7923"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mj2v-x86y-h7gf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72334?format=json","vulnerability_id":"VCID-pdnm-v487-3yeh","summary":"Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7912.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7912","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08116","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7912"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467426","reference_id":"2467426","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467426"},{"reference_url":"https://issues.chromium.org/issues/497639714","reference_id":"497639714","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:36:18Z/"}],"url":"https://issues.chromium.org/issues/497639714"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:36:18Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7912"],"risk_score":1.2,"exploitability":"0.5","weighted_severity":"2.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pdnm-v487-3yeh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72743?format=json","vulnerability_id":"VCID-ryp8-64cb-buay","summary":"Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7917.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7917.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7917","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22544","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7917"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7917","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7917"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467421","reference_id":"2467421","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467421"},{"reference_url":"https://issues.chromium.org/issues/498752242","reference_id":"498752242","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:41:48Z/"}],"url":"https://issues.chromium.org/issues/498752242"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T20:41:48Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7917"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ryp8-64cb-buay"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72295?format=json","vulnerability_id":"VCID-sqnh-spdx-fqcd","summary":"Out of bounds read in Fonts in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7904.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7904.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7904","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08116","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7904"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7904","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7904"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467418","reference_id":"2467418","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467418"},{"reference_url":"https://issues.chromium.org/issues/492350406","reference_id":"492350406","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:31:26Z/"}],"url":"https://issues.chromium.org/issues/492350406"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:31:26Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/114888?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7904"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sqnh-spdx-fqcd"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r8%3Farch=riscv64&distroversion=edge&reponame=community"}