{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","type":"apk","namespace":"alpine","name":"qt6-qtwebengine","version":"6.11.1-r1","qualifiers":{"arch":"aarch64","distroversion":"edge","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72758?format=json","vulnerability_id":"VCID-3aqj-rznh-ubgq","summary":"Insufficient validation of untrusted input in Dialog in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7998.json","reference_id":"","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7998.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7998","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.2897","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7998"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7998","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7998"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467330","reference_id":"2467330","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467330"},{"reference_url":"https://issues.chromium.org/issues/491676472","reference_id":"491676472","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:25:08Z/"}],"url":"https://issues.chromium.org/issues/491676472"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:25:08Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7998"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3aqj-rznh-ubgq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67181?format=json","vulnerability_id":"VCID-3u48-kzw4-9kcd","summary":"Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8002.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8002","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35536","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8002"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467424","reference_id":"2467424","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467424"},{"reference_url":"https://issues.chromium.org/issues/495779613","reference_id":"495779613","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T18:45:47Z/"}],"url":"https://issues.chromium.org/issues/495779613"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T18:45:47Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8002"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3u48-kzw4-9kcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72391?format=json","vulnerability_id":"VCID-5d8v-9jpz-zudr","summary":"Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7945.json","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7945.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7945","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09358","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7945"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7945","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7945"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467384","reference_id":"2467384","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467384"},{"reference_url":"https://issues.chromium.org/issues/495802788","reference_id":"495802788","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:41:25Z/"}],"url":"https://issues.chromium.org/issues/495802788"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:41:25Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7945"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5d8v-9jpz-zudr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67415?format=json","vulnerability_id":"VCID-6f5d-6c5d-vba2","summary":"Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8012.json","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8012.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8012","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11121","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8012"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8012","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8012"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467356","reference_id":"2467356","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467356"},{"reference_url":"https://issues.chromium.org/issues/496628298","reference_id":"496628298","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:14:38Z/"}],"url":"https://issues.chromium.org/issues/496628298"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:14:38Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8012"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6f5d-6c5d-vba2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72182?format=json","vulnerability_id":"VCID-76e3-msgn-1ufx","summary":"Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7965.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7965.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7965","reference_id":"","reference_type":"","scores":[{"value":"0.00049","scoring_system":"epss","scoring_elements":"0.15785","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7965"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7965","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7965"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467329","reference_id":"2467329","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467329"},{"reference_url":"https://issues.chromium.org/issues/497255035","reference_id":"497255035","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:26:18Z/"}],"url":"https://issues.chromium.org/issues/497255035"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:26:18Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7965"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-76e3-msgn-1ufx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67412?format=json","vulnerability_id":"VCID-8amt-dtcn-eqcd","summary":"Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8559.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8559.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8559","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10786","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8559"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8559","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8559"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477657","reference_id":"2477657","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477657"},{"reference_url":"https://issues.chromium.org/issues/504629701","reference_id":"504629701","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-14T21:26:55Z/"}],"url":"https://issues.chromium.org/issues/504629701"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-14T21:26:55Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8559"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8amt-dtcn-eqcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67426?format=json","vulnerability_id":"VCID-a92f-4115-ekcd","summary":"Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8511.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8511.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8511","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22306","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8511"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8511","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8511"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477686","reference_id":"2477686","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477686"},{"reference_url":"https://issues.chromium.org/issues/495108488","reference_id":"495108488","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T20:57:54Z/"}],"url":"https://issues.chromium.org/issues/495108488"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T20:57:54Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8511"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a92f-4115-ekcd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67444?format=json","vulnerability_id":"VCID-cr14-s5u7-2qgk","summary":"Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8007.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8007.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8007","reference_id":"","reference_type":"","scores":[{"value":"0.00136","scoring_system":"epss","scoring_elements":"0.33352","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8007"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8007","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8007"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467307","reference_id":"2467307","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467307"},{"reference_url":"https://issues.chromium.org/issues/496399759","reference_id":"496399759","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T21:19:27Z/"}],"url":"https://issues.chromium.org/issues/496399759"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T21:19:27Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8007"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cr14-s5u7-2qgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67297?format=json","vulnerability_id":"VCID-eu3k-1whr-ybcp","summary":"Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8514.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8514.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8514","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22306","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8514"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8514","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8514"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477683","reference_id":"2477683","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477683"},{"reference_url":"https://issues.chromium.org/issues/495948109","reference_id":"495948109","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:06:19Z/"}],"url":"https://issues.chromium.org/issues/495948109"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:06:19Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8514"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eu3k-1whr-ybcp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67179?format=json","vulnerability_id":"VCID-ewx9-yxnb-gufa","summary":"Inappropriate implementation in Preload in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8014.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8014.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8014","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.14027","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8014"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8014","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8014"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467422","reference_id":"2467422","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467422"},{"reference_url":"https://issues.chromium.org/issues/497490364","reference_id":"497490364","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:58:20Z/"}],"url":"https://issues.chromium.org/issues/497490364"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:58:20Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8014"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ewx9-yxnb-gufa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72356?format=json","vulnerability_id":"VCID-fk18-h2fj-jbbq","summary":"Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7977.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7977.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7977","reference_id":"","reference_type":"","scores":[{"value":"0.00025","scoring_system":"epss","scoring_elements":"0.0755","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7977"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7977","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7977"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467334","reference_id":"2467334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467334"},{"reference_url":"https://issues.chromium.org/issues/497821223","reference_id":"497821223","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:37:08Z/"}],"url":"https://issues.chromium.org/issues/497821223"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:37:08Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7977"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fk18-h2fj-jbbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67452?format=json","vulnerability_id":"VCID-gwed-n7zc-73gg","summary":"Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8518.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8518.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8518","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24898","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8518"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8518","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8518"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477641","reference_id":"2477641","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477641"},{"reference_url":"https://issues.chromium.org/issues/497830330","reference_id":"497830330","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T20:34:23Z/"}],"url":"https://issues.chromium.org/issues/497830330"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T20:34:23Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8518"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gwed-n7zc-73gg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72384?format=json","vulnerability_id":"VCID-h2eh-jx4y-qqfc","summary":"Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7969.json","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7969.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7969","reference_id":"","reference_type":"","scores":[{"value":"0.00027","scoring_system":"epss","scoring_elements":"0.08113","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7969"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7969","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7969"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467405","reference_id":"2467405","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467405"},{"reference_url":"https://issues.chromium.org/issues/497450574","reference_id":"497450574","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:38:28Z/"}],"url":"https://issues.chromium.org/issues/497450574"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:38:28Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7969"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-h2eh-jx4y-qqfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72504?format=json","vulnerability_id":"VCID-hqqk-ycf5-5qev","summary":"Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7968.json","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7968.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7968","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12007","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7968"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7968","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7968"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467348","reference_id":"2467348","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467348"},{"reference_url":"https://issues.chromium.org/issues/497432281","reference_id":"497432281","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:38:43Z/"}],"url":"https://issues.chromium.org/issues/497432281"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:38:43Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7968"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hqqk-ycf5-5qev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67092?format=json","vulnerability_id":"VCID-keby-dvug-fkhu","summary":"Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8515.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8515.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8515","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22306","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8515"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8515","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8515"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477675","reference_id":"2477675","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477675"},{"reference_url":"https://issues.chromium.org/issues/495999127","reference_id":"495999127","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:06:38Z/"}],"url":"https://issues.chromium.org/issues/495999127"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:06:38Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8515"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-keby-dvug-fkhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67563?format=json","vulnerability_id":"VCID-m89d-h8r2-6uhf","summary":"Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8553.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8553.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8553","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10786","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8553"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8553","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8553"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477681","reference_id":"2477681","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477681"},{"reference_url":"https://issues.chromium.org/issues/498715368","reference_id":"498715368","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-14T21:27:23Z/"}],"url":"https://issues.chromium.org/issues/498715368"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-14T21:27:23Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8553"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m89d-h8r2-6uhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72782?format=json","vulnerability_id":"VCID-mhty-696t-2ycf","summary":"Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7957.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7957.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7957","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33902","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7957"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7957","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7957"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467537","reference_id":"2467537","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467537"},{"reference_url":"https://issues.chromium.org/issues/496607380","reference_id":"496607380","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:32:47Z/"}],"url":"https://issues.chromium.org/issues/496607380"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:32:47Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7957"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mhty-696t-2ycf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67234?format=json","vulnerability_id":"VCID-mvdb-eber-xbb1","summary":"Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8015.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8015.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8015","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23483","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8015"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8015","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8015"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467311","reference_id":"2467311","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467311"},{"reference_url":"https://issues.chromium.org/issues/497548558","reference_id":"497548558","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:56:28Z/"}],"url":"https://issues.chromium.org/issues/497548558"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T20:56:28Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8015"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mvdb-eber-xbb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67024?format=json","vulnerability_id":"VCID-pemn-mwkr-ybcb","summary":"Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8512.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8512.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8512","reference_id":"","reference_type":"","scores":[{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22306","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8512"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8512","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8512"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477682","reference_id":"2477682","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477682"},{"reference_url":"https://issues.chromium.org/issues/495782021","reference_id":"495782021","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:00:32Z/"}],"url":"https://issues.chromium.org/issues/495782021"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:00:32Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8512"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pemn-mwkr-ybcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72289?format=json","vulnerability_id":"VCID-pxax-fp5g-vkdj","summary":"Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7950.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7950.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7950","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10527","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7950"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7950","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7950"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467431","reference_id":"2467431","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467431"},{"reference_url":"https://issues.chromium.org/issues/496259890","reference_id":"496259890","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:38:34Z/"}],"url":"https://issues.chromium.org/issues/496259890"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:38:34Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7950"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pxax-fp5g-vkdj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67472?format=json","vulnerability_id":"VCID-r8nv-f2vh-fkcb","summary":"Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8010.json","reference_id":"","reference_type":"","scores":[{"value":"2.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8010","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15215","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8010"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467382","reference_id":"2467382","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467382"},{"reference_url":"https://issues.chromium.org/issues/496624084","reference_id":"496624084","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:15:52Z/"}],"url":"https://issues.chromium.org/issues/496624084"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:15:52Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8010"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-r8nv-f2vh-fkcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72286?format=json","vulnerability_id":"VCID-rvf8-tn1u-uyhb","summary":"Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7949.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7949.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7949","reference_id":"","reference_type":"","scores":[{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10527","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7949"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7949","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7949"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467316","reference_id":"2467316","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467316"},{"reference_url":"https://issues.chromium.org/issues/496206134","reference_id":"496206134","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:38:54Z/"}],"url":"https://issues.chromium.org/issues/496206134"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:38:54Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7949"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rvf8-tn1u-uyhb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67458?format=json","vulnerability_id":"VCID-sgun-6nsd-e3fk","summary":"Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8022.json","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8022.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8022","reference_id":"","reference_type":"","scores":[{"value":"5e-05","scoring_system":"epss","scoring_elements":"0.00295","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8022"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8022","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8022"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467320","reference_id":"2467320","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467320"},{"reference_url":"https://issues.chromium.org/issues/499194407","reference_id":"499194407","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T18:35:50Z/"}],"url":"https://issues.chromium.org/issues/499194407"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T18:35:50Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8022"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sgun-6nsd-e3fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67450?format=json","vulnerability_id":"VCID-tfdn-8gy6-aqfc","summary":"Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8004.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8004.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8004","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06752","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8004"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8004","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8004"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467378","reference_id":"2467378","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467378"},{"reference_url":"https://issues.chromium.org/issues/496189510","reference_id":"496189510","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:21:13Z/"}],"url":"https://issues.chromium.org/issues/496189510"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:21:13Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8004"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfdn-8gy6-aqfc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72068?format=json","vulnerability_id":"VCID-vtvp-6sw7-aqfw","summary":"Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7959.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7959.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7959","reference_id":"","reference_type":"","scores":[{"value":"0.00036","scoring_system":"epss","scoring_elements":"0.11038","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7959"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7959","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7959"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467355","reference_id":"2467355","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467355"},{"reference_url":"https://issues.chromium.org/issues/496645205","reference_id":"496645205","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:39:13Z/"}],"url":"https://issues.chromium.org/issues/496645205"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T21:39:13Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7959"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtvp-6sw7-aqfw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72688?format=json","vulnerability_id":"VCID-x1t6-bnu8-q3c7","summary":"Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7976.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7976.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7976","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.0609","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7976"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7976","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7976"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467365","reference_id":"2467365","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467365"},{"reference_url":"https://issues.chromium.org/issues/497736679","reference_id":"497736679","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:17:19Z/"}],"url":"https://issues.chromium.org/issues/497736679"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:17:19Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7976"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x1t6-bnu8-q3c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72626?format=json","vulnerability_id":"VCID-xkzk-cas6-dfdc","summary":"Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7955.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7955.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7955","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12011","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7955"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7955","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7955"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467313","reference_id":"2467313","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467313"},{"reference_url":"https://issues.chromium.org/issues/496441232","reference_id":"496441232","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:35:14Z/"}],"url":"https://issues.chromium.org/issues/496441232"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T19:35:14Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7955"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xkzk-cas6-dfdc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/67023?format=json","vulnerability_id":"VCID-yfee-e9v3-gfbk","summary":"Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8510.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-8510.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8510","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2874","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-8510"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8510","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-8510"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477624","reference_id":"2477624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2477624"},{"reference_url":"https://issues.chromium.org/issues/502636904","reference_id":"502636904","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:39:14Z/"}],"url":"https://issues.chromium.org/issues/502636904"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-14T21:39:14Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-8510"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yfee-e9v3-gfbk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/72441?format=json","vulnerability_id":"VCID-ywa4-ktrd-wker","summary":"Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7956.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-7956.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7956","reference_id":"","reference_type":"","scores":[{"value":"0.00128","scoring_system":"epss","scoring_elements":"0.31754","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-7956"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7956","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-7956"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467343","reference_id":"2467343","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2467343"},{"reference_url":"https://issues.chromium.org/issues/496463315","reference_id":"496463315","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:34:43Z/"}],"url":"https://issues.chromium.org/issues/496463315"},{"reference_url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-06T19:34:43Z/"}],"url":"https://chromereleases.googleblog.com/2026/05/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/115446?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-7956"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ywa4-ktrd-wker"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.1-r1%3Farch=aarch64&distroversion=edge&reponame=community"}