Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community

Type apk

Namespace alpine

Name qt6-qtwebengine

Version 6.11.0-r4

Qualifiers

arch	x86
distroversion	edge
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 6.11.0-r5

Latest_non_vulnerable_version 6.11.1-r2

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-1f3n-69cj-4ydj

vulnerability_id VCID-1f3n-69cj-4ydj

summary Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6309.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6309.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6309

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.1447
published_at	2026-06-14T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.14378
published_at	2026-06-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.145
published_at	2026-06-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.14497
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6309

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6309
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6309

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458784
reference_id	2458784
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458784

reference_url

https://issues.chromium.org/issues/497846428

reference_id

497846428

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:06Z/

url

https://issues.chromium.org/issues/497846428

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:06Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6309

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1f3n-69cj-4ydj

url VCID-3csa-94bb-q7h6

vulnerability_id VCID-3csa-94bb-q7h6

summary Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6302.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6302.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6302

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.18
published_at	2026-06-14T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17849
published_at	2026-06-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18009
published_at	2026-06-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18024
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6302

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6302
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6302

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458793
reference_id	2458793
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458793

reference_url

https://issues.chromium.org/issues/495477995

reference_id

495477995

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:54:00Z/

url

https://issues.chromium.org/issues/495477995

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:54:00Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6302

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3csa-94bb-q7h6

url VCID-3d3j-r5gv-n3ed

vulnerability_id VCID-3d3j-r5gv-n3ed

summary Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6360.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6360.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6360

reference_id

reference_type

scores

value	0.00028
scoring_system	epss
scoring_elements	0.08361
published_at	2026-06-14T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08325
published_at	2026-06-11T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08363
published_at	2026-06-12T12:55:00Z

value	0.00028
scoring_system	epss
scoring_elements	0.08364
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6360

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6360
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6360

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458809
reference_id	2458809
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458809

reference_url

https://issues.chromium.org/issues/497880137

reference_id

497880137

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T18:09:16Z/

url

https://issues.chromium.org/issues/497880137

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T18:09:16Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6360

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3d3j-r5gv-n3ed

url VCID-5g88-mjkz-33f6

vulnerability_id VCID-5g88-mjkz-33f6

summary Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6313.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6313.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6313

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01589
published_at	2026-06-14T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01575
published_at	2026-06-11T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01578
published_at	2026-06-12T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01581
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6313

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6313
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6313

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458781
reference_id	2458781
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458781

reference_url

https://issues.chromium.org/issues/498765210

reference_id

498765210

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:00:37Z/

url

https://issues.chromium.org/issues/498765210

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:00:37Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6313

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5g88-mjkz-33f6

url VCID-5ps4-utb9-gqc4

vulnerability_id VCID-5ps4-utb9-gqc4

summary Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6311

reference_id

reference_type

scores

value	0.00031
scoring_system	epss
scoring_elements	0.09662
published_at	2026-06-14T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09624
published_at	2026-06-11T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.0967
published_at	2026-06-12T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.09671
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6311

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458780
reference_id	2458780
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458780

reference_url

https://issues.chromium.org/issues/498201025

reference_id

498201025

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:13Z/

url

https://issues.chromium.org/issues/498201025

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:13Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6311

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5ps4-utb9-gqc4

url VCID-8wfv-apd9-cqcu

vulnerability_id VCID-8wfv-apd9-cqcu

summary Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6305.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6305.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6305

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11434
published_at	2026-06-14T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11401
published_at	2026-06-11T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11475
published_at	2026-06-12T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11467
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6305

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6305
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6305

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458782
reference_id	2458782
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458782

reference_url

https://issues.chromium.org/issues/496618639

reference_id

496618639

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:18Z/

url

https://issues.chromium.org/issues/496618639

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:18Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6305

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wfv-apd9-cqcu

url VCID-a16k-5hp8-17hg

vulnerability_id VCID-a16k-5hp8-17hg

summary Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6312.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6312.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6312

reference_id

reference_type

scores

value	0.00011
scoring_system	epss
scoring_elements	0.01589
published_at	2026-06-14T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01575
published_at	2026-06-11T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01578
published_at	2026-06-12T12:55:00Z

value	0.00011
scoring_system	epss
scoring_elements	0.01581
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6312

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6312

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458807
reference_id	2458807
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458807

reference_url

https://issues.chromium.org/issues/498269651

reference_id

498269651

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:58:49Z/

url

https://issues.chromium.org/issues/498269651

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	3.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:58:49Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6312

risk_score 3.0

exploitability 0.5

weighted_severity 6.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a16k-5hp8-17hg

url VCID-b135-88ht-33dy

vulnerability_id VCID-b135-88ht-33dy

summary Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6304.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6304.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6304

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.1447
published_at	2026-06-14T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.14378
published_at	2026-06-11T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.145
published_at	2026-06-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.14497
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6304

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6304
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6304

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458805
reference_id	2458805
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458805

reference_url

https://issues.chromium.org/issues/496393742

reference_id

496393742

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:05Z/

url

https://issues.chromium.org/issues/496393742

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:05Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6304

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b135-88ht-33dy

url VCID-bwjr-thar-7qdm

vulnerability_id VCID-bwjr-thar-7qdm

summary Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6300

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.18
published_at	2026-06-14T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17849
published_at	2026-06-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18009
published_at	2026-06-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18024
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6300

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458775
reference_id	2458775
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458775

reference_url

https://issues.chromium.org/issues/491994185

reference_id

491994185

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:57Z/

url

https://issues.chromium.org/issues/491994185

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:57Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6300

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bwjr-thar-7qdm

url VCID-bxun-5wt8-hubr

vulnerability_id VCID-bxun-5wt8-hubr

summary Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6359.json

reference_id

reference_type

scores

value	9.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6359.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6359

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07714
published_at	2026-06-14T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.0769
published_at	2026-06-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07726
published_at	2026-06-12T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.0772
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6359

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6359
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6359

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458797
reference_id	2458797
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458797

reference_url

https://issues.chromium.org/issues/490251701

reference_id

490251701

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:48:11Z/

url

https://issues.chromium.org/issues/490251701

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:48:11Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6359

risk_score 4.0

exploitability 0.5

weighted_severity 8.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bxun-5wt8-hubr

url VCID-ccng-8st2-mufc

vulnerability_id VCID-ccng-8st2-mufc

summary Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6316.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6316.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6316

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.18
published_at	2026-06-14T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17849
published_at	2026-06-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18009
published_at	2026-06-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18024
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6316

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6316
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6316

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458789
reference_id	2458789
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458789

reference_url

https://issues.chromium.org/issues/499384399

reference_id

499384399

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:50Z/

url

https://issues.chromium.org/issues/499384399

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:50Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6316

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ccng-8st2-mufc

url VCID-cfab-x5us-hyhu

vulnerability_id VCID-cfab-x5us-hyhu

summary Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6314.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6314.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6314

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.13275
published_at	2026-06-14T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13192
published_at	2026-06-11T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13292
published_at	2026-06-12T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.133
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6314

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6314
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6314

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458790
reference_id	2458790
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458790

reference_url

https://issues.chromium.org/issues/498782145

reference_id

498782145

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:08Z/

url

https://issues.chromium.org/issues/498782145

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:08Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6314

risk_score 3.6

exploitability 0.5

weighted_severity 7.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cfab-x5us-hyhu

url VCID-d1de-7d6s-cue5

vulnerability_id VCID-d1de-7d6s-cue5

summary Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-5873

reference_id

reference_type

scores

value	0.00111
scoring_system	epss
scoring_elements	0.29391
published_at	2026-06-14T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29181
published_at	2026-06-11T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29381
published_at	2026-06-12T12:55:00Z

value	0.00111
scoring_system	epss
scoring_elements	0.29404
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-5873

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456808
reference_id	2456808
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456808

reference_url

https://issues.chromium.org/issues/496301615

reference_id

496301615

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/

url

https://issues.chromium.org/issues/496301615

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-5873

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d1de-7d6s-cue5

url VCID-e6rh-xprq-b3du

vulnerability_id VCID-e6rh-xprq-b3du

summary Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6307

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.13257
published_at	2026-06-14T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13175
published_at	2026-06-11T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13277
published_at	2026-06-12T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13282
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6307

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458799
reference_id	2458799
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458799

reference_url

https://issues.chromium.org/issues/497404188

reference_id

497404188

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/

url

https://issues.chromium.org/issues/497404188

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6307

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e6rh-xprq-b3du

url VCID-gcr4-jc7p-vuee

vulnerability_id VCID-gcr4-jc7p-vuee

summary Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6303

reference_id

reference_type

scores

value	0.00056
scoring_system	epss
scoring_elements	0.18
published_at	2026-06-14T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.17849
published_at	2026-06-11T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18009
published_at	2026-06-12T12:55:00Z

value	0.00056
scoring_system	epss
scoring_elements	0.18024
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6303

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458804
reference_id	2458804
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458804

reference_url

https://issues.chromium.org/issues/496282147

reference_id

496282147

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/

url

https://issues.chromium.org/issues/496282147

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6303

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gcr4-jc7p-vuee

url VCID-j7f9-wq6b-qqbs

vulnerability_id VCID-j7f9-wq6b-qqbs

summary Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json

reference_id

reference_type

scores

value	4.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-5891

reference_id

reference_type

scores

value	0.00059
scoring_system	epss
scoring_elements	0.18798
published_at	2026-06-14T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18643
published_at	2026-06-11T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18805
published_at	2026-06-12T12:55:00Z

value	0.00059
scoring_system	epss
scoring_elements	0.18823
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-5891

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456771
reference_id	2456771
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456771

reference_url

https://issues.chromium.org/issues/487471101

reference_id

487471101

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/

url

https://issues.chromium.org/issues/487471101

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-5891

risk_score 1.9

exploitability 0.5

weighted_severity 3.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7f9-wq6b-qqbs

url VCID-kw88-d664-euan

vulnerability_id VCID-kw88-d664-euan

summary Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6308.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6308.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6308

reference_id

reference_type

scores

value	0.00039
scoring_system	epss
scoring_elements	0.12287
published_at	2026-06-14T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12208
published_at	2026-06-11T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12301
published_at	2026-06-12T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.12308
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6308

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6308
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6308

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458772
reference_id	2458772
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458772

reference_url

https://issues.chromium.org/issues/497412658

reference_id

497412658

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:10Z/

url

https://issues.chromium.org/issues/497412658

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:10Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6308

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kw88-d664-euan

url VCID-tkq2-67v4-bqdt

vulnerability_id VCID-tkq2-67v4-bqdt

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6301.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6301.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6301

reference_id

reference_type

scores

value	0.00042
scoring_system	epss
scoring_elements	0.13257
published_at	2026-06-14T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13175
published_at	2026-06-11T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13277
published_at	2026-06-12T12:55:00Z

value	0.00042
scoring_system	epss
scoring_elements	0.13282
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6301

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6301
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6301

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458785
reference_id	2458785
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458785

reference_url

https://issues.chromium.org/issues/495273999

reference_id

495273999

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:58Z/

url

https://issues.chromium.org/issues/495273999

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:58Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6301

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tkq2-67v4-bqdt

url VCID-v7ka-wxw6-qkgp

vulnerability_id VCID-v7ka-wxw6-qkgp

summary Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6298.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6298.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6298

reference_id

reference_type

scores

value	0.00012
scoring_system	epss
scoring_elements	0.01674
published_at	2026-06-14T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.0166
published_at	2026-06-11T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01663
published_at	2026-06-12T12:55:00Z

value	0.00012
scoring_system	epss
scoring_elements	0.01666
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6298

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6298
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6298

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134991
reference_id	1134991
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134991

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458798
reference_id	2458798
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458798

reference_url

https://issues.chromium.org/issues/495700484

reference_id

495700484

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:25:33Z/

url

https://issues.chromium.org/issues/495700484

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:25:33Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6298

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7ka-wxw6-qkgp

url VCID-vuxd-55r9-sqam

vulnerability_id VCID-vuxd-55r9-sqam

summary Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json

reference_id

reference_type

scores

value	8.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6297

reference_id

reference_type

scores

value	0.00013
scoring_system	epss
scoring_elements	0.02022
published_at	2026-06-14T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02011
published_at	2026-06-11T12:55:00Z

value	0.00013
scoring_system	epss
scoring_elements	0.02014
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6297

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458794
reference_id	2458794
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458794

reference_url

https://issues.chromium.org/issues/493628982

reference_id

493628982

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:52Z/

url

https://issues.chromium.org/issues/493628982

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:52Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6297

risk_score 3.8

exploitability 0.5

weighted_severity 7.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vuxd-55r9-sqam

url VCID-vwug-d2cm-97fk

vulnerability_id VCID-vwug-d2cm-97fk

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6306

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11434
published_at	2026-06-14T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11401
published_at	2026-06-11T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11475
published_at	2026-06-12T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11467
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6306

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458778
reference_id	2458778
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458778

reference_url

https://issues.chromium.org/issues/496907110

reference_id

496907110

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/

url

https://issues.chromium.org/issues/496907110

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6306

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vwug-d2cm-97fk

url VCID-wp12-uddu-5kf2

vulnerability_id VCID-wp12-uddu-5kf2

summary Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-5886

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.10112
published_at	2026-06-14T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.10075
published_at	2026-06-11T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.10121
published_at	2026-06-12T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.10127
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-5886

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2456781
reference_id	2456781
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2456781

reference_url

https://issues.chromium.org/issues/485397283

reference_id

485397283

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/

url

https://issues.chromium.org/issues/485397283

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

reference_id

stable-channel-update-for-desktop.html

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-5886

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wp12-uddu-5kf2

url VCID-xbdp-e5c3-zugb

vulnerability_id VCID-xbdp-e5c3-zugb

summary Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6296

reference_id

reference_type

scores

value	0.00032
scoring_system	epss
scoring_elements	0.0986
published_at	2026-06-14T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09824
published_at	2026-06-11T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09873
published_at	2026-06-12T12:55:00Z

value	0.00032
scoring_system	epss
scoring_elements	0.09874
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6296

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458783
reference_id	2458783
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458783

reference_url

https://issues.chromium.org/issues/490170083

reference_id

490170083

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:44:17Z/

url

https://issues.chromium.org/issues/490170083

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	9.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:44:17Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6296

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbdp-e5c3-zugb

url VCID-xpym-pex2-nufs

vulnerability_id VCID-xpym-pex2-nufs

summary Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted video file. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6362.json

reference_id

reference_type

scores

value	9.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6362.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6362

reference_id

reference_type

scores

value	9e-05
scoring_system	epss
scoring_elements	0.0103
published_at	2026-06-14T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.01023
published_at	2026-06-11T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.01021
published_at	2026-06-12T12:55:00Z

value	9e-05
scoring_system	epss
scoring_elements	0.01027
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6362

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6362
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6362

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458802
reference_id	2458802
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458802

reference_url

https://issues.chromium.org/issues/500066234

reference_id

500066234

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:20:55Z/

url

https://issues.chromium.org/issues/500066234

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:20:55Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6362

risk_score 4.3

exploitability 0.5

weighted_severity 8.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xpym-pex2-nufs

url VCID-zdtg-3bek-vue6

vulnerability_id VCID-zdtg-3bek-vue6

summary Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6361.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6361.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-6361

reference_id

reference_type

scores

value	0.00026
scoring_system	epss
scoring_elements	0.07766
published_at	2026-06-14T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07741
published_at	2026-06-11T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07776
published_at	2026-06-12T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07771
published_at	2026-06-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-6361

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6361
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6361

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2458806
reference_id	2458806
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2458806

reference_url

https://issues.chromium.org/issues/500036290

reference_id

500036290

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:17Z/

url

https://issues.chromium.org/issues/500036290

reference_url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

reference_id

stable-channel-update-for-desktop_15.html

reference_type

scores

value	8.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:17Z/

url

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

fixed_packages

url	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

aliases CVE-2026-6361

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zdtg-3bek-vue6

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community

Package Instance