{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","type":"apk","namespace":"alpine","name":"qt6-qtwebengine","version":"6.11.0-r4","qualifiers":{"arch":"x86","distroversion":"edge","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.11.0-r5","latest_non_vulnerable_version":"6.11.1-r2","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75628?format=json","vulnerability_id":"VCID-1f3n-69cj-4ydj","summary":"Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6309.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6309.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6309","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1447","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14378","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.145","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14497","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6309"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6309","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6309"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458784","reference_id":"2458784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458784"},{"reference_url":"https://issues.chromium.org/issues/497846428","reference_id":"497846428","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:06Z/"}],"url":"https://issues.chromium.org/issues/497846428"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:06Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6309"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1f3n-69cj-4ydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75856?format=json","vulnerability_id":"VCID-3csa-94bb-q7h6","summary":"Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6302.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6302.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6302","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17849","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18009","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18024","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6302"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6302","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6302"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458793","reference_id":"2458793","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458793"},{"reference_url":"https://issues.chromium.org/issues/495477995","reference_id":"495477995","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:54:00Z/"}],"url":"https://issues.chromium.org/issues/495477995"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:54:00Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6302"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3csa-94bb-q7h6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75745?format=json","vulnerability_id":"VCID-3d3j-r5gv-n3ed","summary":"Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6360.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6360.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6360","reference_id":"","reference_type":"","scores":[{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08361","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08325","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08363","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00028","scoring_system":"epss","scoring_elements":"0.08364","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6360"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6360","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6360"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458809","reference_id":"2458809","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458809"},{"reference_url":"https://issues.chromium.org/issues/497880137","reference_id":"497880137","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T18:09:16Z/"}],"url":"https://issues.chromium.org/issues/497880137"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T18:09:16Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6360"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3d3j-r5gv-n3ed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75836?format=json","vulnerability_id":"VCID-5g88-mjkz-33f6","summary":"Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6313.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6313.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6313","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01589","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01575","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01578","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01581","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6313"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6313","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6313"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458781","reference_id":"2458781","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458781"},{"reference_url":"https://issues.chromium.org/issues/498765210","reference_id":"498765210","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:00:37Z/"}],"url":"https://issues.chromium.org/issues/498765210"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:00:37Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6313"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5g88-mjkz-33f6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75338?format=json","vulnerability_id":"VCID-5ps4-utb9-gqc4","summary":"Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6311.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6311","reference_id":"","reference_type":"","scores":[{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09662","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09624","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.0967","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09671","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6311"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6311"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458780","reference_id":"2458780","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458780"},{"reference_url":"https://issues.chromium.org/issues/498201025","reference_id":"498201025","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:13Z/"}],"url":"https://issues.chromium.org/issues/498201025"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:13Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6311"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ps4-utb9-gqc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75281?format=json","vulnerability_id":"VCID-8wfv-apd9-cqcu","summary":"Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6305.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6305.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6305","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11434","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11401","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11475","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11467","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6305"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6305","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6305"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458782","reference_id":"2458782","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458782"},{"reference_url":"https://issues.chromium.org/issues/496618639","reference_id":"496618639","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:18Z/"}],"url":"https://issues.chromium.org/issues/496618639"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:18Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6305"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wfv-apd9-cqcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75850?format=json","vulnerability_id":"VCID-a16k-5hp8-17hg","summary":"Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6312.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6312.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6312","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01589","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01575","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01578","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01581","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6312"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458807","reference_id":"2458807","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458807"},{"reference_url":"https://issues.chromium.org/issues/498269651","reference_id":"498269651","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:58:49Z/"}],"url":"https://issues.chromium.org/issues/498269651"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"3.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T19:58:49Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6312"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a16k-5hp8-17hg"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75430?format=json","vulnerability_id":"VCID-b135-88ht-33dy","summary":"Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6304.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6304.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6304","reference_id":"","reference_type":"","scores":[{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.1447","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14378","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.145","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00045","scoring_system":"epss","scoring_elements":"0.14497","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6304"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6304","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6304"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458805","reference_id":"2458805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458805"},{"reference_url":"https://issues.chromium.org/issues/496393742","reference_id":"496393742","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:05Z/"}],"url":"https://issues.chromium.org/issues/496393742"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:05Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6304"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b135-88ht-33dy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75708?format=json","vulnerability_id":"VCID-bwjr-thar-7qdm","summary":"Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6300.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6300","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17849","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18009","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18024","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6300"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458775","reference_id":"2458775","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458775"},{"reference_url":"https://issues.chromium.org/issues/491994185","reference_id":"491994185","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:57Z/"}],"url":"https://issues.chromium.org/issues/491994185"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:57Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6300"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bwjr-thar-7qdm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75546?format=json","vulnerability_id":"VCID-bxun-5wt8-hubr","summary":"Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6359.json","reference_id":"","reference_type":"","scores":[{"value":"9.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6359.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6359","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07714","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0769","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07726","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.0772","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6359"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6359","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6359"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458797","reference_id":"2458797","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458797"},{"reference_url":"https://issues.chromium.org/issues/490251701","reference_id":"490251701","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:48:11Z/"}],"url":"https://issues.chromium.org/issues/490251701"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:48:11Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6359"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bxun-5wt8-hubr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75563?format=json","vulnerability_id":"VCID-ccng-8st2-mufc","summary":"Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6316.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6316.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6316","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17849","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18009","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18024","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6316"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6316","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6316"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458789","reference_id":"2458789","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458789"},{"reference_url":"https://issues.chromium.org/issues/499384399","reference_id":"499384399","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:50Z/"}],"url":"https://issues.chromium.org/issues/499384399"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:50Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6316"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ccng-8st2-mufc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75644?format=json","vulnerability_id":"VCID-cfab-x5us-hyhu","summary":"Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6314.json","reference_id":"","reference_type":"","scores":[{"value":"8.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6314.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6314","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13275","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13192","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13292","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.133","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6314"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6314","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6314"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458790","reference_id":"2458790","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458790"},{"reference_url":"https://issues.chromium.org/issues/498782145","reference_id":"498782145","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:08Z/"}],"url":"https://issues.chromium.org/issues/498782145"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:08Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6314"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cfab-x5us-hyhu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68541?format=json","vulnerability_id":"VCID-d1de-7d6s-cue5","summary":"Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5873.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5873","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29391","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29181","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29381","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29404","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5873"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5873"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456808","reference_id":"2456808","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456808"},{"reference_url":"https://issues.chromium.org/issues/496301615","reference_id":"496301615","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/"}],"url":"https://issues.chromium.org/issues/496301615"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-10T03:55:56Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-5873"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-d1de-7d6s-cue5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75839?format=json","vulnerability_id":"VCID-e6rh-xprq-b3du","summary":"Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6307.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6307","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13257","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13175","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13277","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13282","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6307"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6307"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458799","reference_id":"2458799","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458799"},{"reference_url":"https://issues.chromium.org/issues/497404188","reference_id":"497404188","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/"}],"url":"https://issues.chromium.org/issues/497404188"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-15T19:51:52Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6307"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e6rh-xprq-b3du"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75575?format=json","vulnerability_id":"VCID-gcr4-jc7p-vuee","summary":"Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6303.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6303","reference_id":"","reference_type":"","scores":[{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.17849","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18009","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00056","scoring_system":"epss","scoring_elements":"0.18024","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6303"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6303"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458804","reference_id":"2458804","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458804"},{"reference_url":"https://issues.chromium.org/issues/496282147","reference_id":"496282147","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/"}],"url":"https://issues.chromium.org/issues/496282147"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:03Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6303"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gcr4-jc7p-vuee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68757?format=json","vulnerability_id":"VCID-j7f9-wq6b-qqbs","summary":"Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json","reference_id":"","reference_type":"","scores":[{"value":"4.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5891.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5891","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18798","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18643","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18805","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18823","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5891"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5891"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456771","reference_id":"2456771","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456771"},{"reference_url":"https://issues.chromium.org/issues/487471101","reference_id":"487471101","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/"}],"url":"https://issues.chromium.org/issues/487471101"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-13T20:15:19Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-5891"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j7f9-wq6b-qqbs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75518?format=json","vulnerability_id":"VCID-kw88-d664-euan","summary":"Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6308.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6308.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6308","reference_id":"","reference_type":"","scores":[{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12287","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12208","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12301","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00039","scoring_system":"epss","scoring_elements":"0.12308","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6308"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6308","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6308"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458772","reference_id":"2458772","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458772"},{"reference_url":"https://issues.chromium.org/issues/497412658","reference_id":"497412658","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:10Z/"}],"url":"https://issues.chromium.org/issues/497412658"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:10Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6308"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kw88-d664-euan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75383?format=json","vulnerability_id":"VCID-tkq2-67v4-bqdt","summary":"Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6301.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6301.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6301","reference_id":"","reference_type":"","scores":[{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13257","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13175","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13277","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00042","scoring_system":"epss","scoring_elements":"0.13282","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6301"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6301","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6301"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458785","reference_id":"2458785","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458785"},{"reference_url":"https://issues.chromium.org/issues/495273999","reference_id":"495273999","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:58Z/"}],"url":"https://issues.chromium.org/issues/495273999"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:58Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6301"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tkq2-67v4-bqdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75883?format=json","vulnerability_id":"VCID-v7ka-wxw6-qkgp","summary":"Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6298.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6298.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6298","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01674","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0166","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01663","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01666","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6298"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6298","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6298"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134991","reference_id":"1134991","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1134991"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458798","reference_id":"2458798","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458798"},{"reference_url":"https://issues.chromium.org/issues/495700484","reference_id":"495700484","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:25:33Z/"}],"url":"https://issues.chromium.org/issues/495700484"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-15T20:25:33Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6298"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v7ka-wxw6-qkgp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75846?format=json","vulnerability_id":"VCID-vuxd-55r9-sqam","summary":"Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6297.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6297","reference_id":"","reference_type":"","scores":[{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02022","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02011","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02014","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6297"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6297"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458794","reference_id":"2458794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458794"},{"reference_url":"https://issues.chromium.org/issues/493628982","reference_id":"493628982","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:52Z/"}],"url":"https://issues.chromium.org/issues/493628982"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:55:52Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6297"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vuxd-55r9-sqam"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75805?format=json","vulnerability_id":"VCID-vwug-d2cm-97fk","summary":"Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6306.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6306","reference_id":"","reference_type":"","scores":[{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11434","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11401","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11475","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11467","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6306"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6306"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458778","reference_id":"2458778","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458778"},{"reference_url":"https://issues.chromium.org/issues/496907110","reference_id":"496907110","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/"}],"url":"https://issues.chromium.org/issues/496907110"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:12Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6306"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vwug-d2cm-97fk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68809?format=json","vulnerability_id":"VCID-wp12-uddu-5kf2","summary":"Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-5886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5886","reference_id":"","reference_type":"","scores":[{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10112","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10075","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10121","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.10127","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-5886"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-5886"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456781","reference_id":"2456781","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2456781"},{"reference_url":"https://issues.chromium.org/issues/485397283","reference_id":"485397283","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/"}],"url":"https://issues.chromium.org/issues/485397283"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-10T18:38:06Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-5886"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wp12-uddu-5kf2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75398?format=json","vulnerability_id":"VCID-xbdp-e5c3-zugb","summary":"Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6296.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6296","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.0986","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09824","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09873","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09874","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6296"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6296"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458783","reference_id":"2458783","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458783"},{"reference_url":"https://issues.chromium.org/issues/490170083","reference_id":"490170083","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:44:17Z/"}],"url":"https://issues.chromium.org/issues/490170083"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-05-26T17:44:17Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6296"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xbdp-e5c3-zugb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75498?format=json","vulnerability_id":"VCID-xpym-pex2-nufs","summary":"Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted video file. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6362.json","reference_id":"","reference_type":"","scores":[{"value":"9.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6362.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6362","reference_id":"","reference_type":"","scores":[{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0103","published_at":"2026-06-14T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01023","published_at":"2026-06-11T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01021","published_at":"2026-06-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.01027","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6362"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6362","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6362"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458802","reference_id":"2458802","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458802"},{"reference_url":"https://issues.chromium.org/issues/500066234","reference_id":"500066234","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:20:55Z/"}],"url":"https://issues.chromium.org/issues/500066234"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-04-16T13:20:55Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6362"],"risk_score":4.3,"exploitability":"0.5","weighted_severity":"8.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xpym-pex2-nufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/75485?format=json","vulnerability_id":"VCID-zdtg-3bek-vue6","summary":"Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6361.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-6361.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6361","reference_id":"","reference_type":"","scores":[{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07766","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07741","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07776","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07771","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-6361"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6361","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-6361"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458806","reference_id":"2458806","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2458806"},{"reference_url":"https://issues.chromium.org/issues/500036290","reference_id":"500036290","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:17Z/"}],"url":"https://issues.chromium.org/issues/500036290"},{"reference_url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-16T03:56:17Z/"}],"url":"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/136102?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}],"aliases":["CVE-2026-6361"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zdtg-3bek-vue6"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.11.0-r4%3Farch=x86&distroversion=edge&reponame=community"}