{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","type":"apk","namespace":"alpine","name":"qt6-qtwebengine","version":"6.9.1-r3","qualifiers":{"arch":"s390x","distroversion":"edge","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"6.9.2-r1","latest_non_vulnerable_version":"6.11.0-r1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96846?format=json","vulnerability_id":"VCID-2ngt-7pmw-yqdu","summary":"Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6192","reference_id":"","reference_type":"","scores":[{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28731","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28821","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28824","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.2878","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28859","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28908","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28715","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00106","scoring_system":"epss","scoring_elements":"0.28781","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6192"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6192","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6192"},{"reference_url":"https://issues.chromium.org/issues/421471016","reference_id":"421471016","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:10Z/"}],"url":"https://issues.chromium.org/issues/421471016"},{"reference_url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html","reference_id":"stable-channel-update-for-desktop_17.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:10Z/"}],"url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-6192"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2ngt-7pmw-yqdu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96941?format=json","vulnerability_id":"VCID-39u9-vf11-4qd6","summary":"Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8010","reference_id":"","reference_type":"","scores":[{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23084","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00077","scoring_system":"epss","scoring_elements":"0.23039","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26083","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26132","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2618","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26187","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26142","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26064","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8010"},{"reference_url":"https://issues.chromium.org/issues/430344952","reference_id":"430344952","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-25T03:55:16Z/"}],"url":"https://issues.chromium.org/issues/430344952"},{"reference_url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html","reference_id":"stable-channel-update-for-desktop_22.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-25T03:55:16Z/"}],"url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_22.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8010"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-39u9-vf11-4qd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96938?format=json","vulnerability_id":"VCID-43dh-62vg-myda","summary":"Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7656","reference_id":"","reference_type":"","scores":[{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23729","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23816","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23831","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23787","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2387","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2391","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.23699","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00081","scoring_system":"epss","scoring_elements":"0.2377","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7656"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7656","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7656"},{"reference_url":"https://issues.chromium.org/issues/425583995","reference_id":"425583995","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:05Z/"}],"url":"https://issues.chromium.org/issues/425583995"},{"reference_url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:05Z/"}],"url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-7656"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-43dh-62vg-myda"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96885?format=json","vulnerability_id":"VCID-54sp-9hcq-skh6","summary":"Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6556","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05633","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05675","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05648","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05639","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05576","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05611","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05649","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6556"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6556","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6556"},{"reference_url":"https://issues.chromium.org/issues/40062462","reference_id":"40062462","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:19Z/"}],"url":"https://issues.chromium.org/issues/40062462"},{"reference_url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html","reference_id":"stable-channel-update-for-desktop_24.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:19Z/"}],"url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-6556"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-54sp-9hcq-skh6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96886?format=json","vulnerability_id":"VCID-8qta-157v-ubac","summary":"Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6557","reference_id":"","reference_type":"","scores":[{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24523","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24603","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24619","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24577","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24677","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24715","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24487","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00084","scoring_system":"epss","scoring_elements":"0.24558","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6557"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6557","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6557"},{"reference_url":"https://issues.chromium.org/issues/406631048","reference_id":"406631048","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:17Z/"}],"url":"https://issues.chromium.org/issues/406631048"},{"reference_url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html","reference_id":"stable-channel-update-for-desktop_24.html","reference_type":"","scores":[{"value":"5.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-26T03:55:17Z/"}],"url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_24.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-6557"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8qta-157v-ubac"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34512?format=json","vulnerability_id":"VCID-chwf-3ees-vucx","summary":"Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8881","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06234","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06258","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06249","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06244","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06164","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06195","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06177","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.0622","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8881"},{"reference_url":"https://issues.chromium.org/issues/433800617","reference_id":"433800617","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:37:55Z/"}],"url":"https://issues.chromium.org/issues/433800617"},{"reference_url":"https://security.gentoo.org/glsa/202511-04","reference_id":"GLSA-202511-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202511-04"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-13T18:37:55Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8881"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chwf-3ees-vucx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96939?format=json","vulnerability_id":"VCID-cnvn-bkhg-a3dw","summary":"Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7657","reference_id":"","reference_type":"","scores":[{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16972","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17103","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17079","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17032","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17124","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.16955","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00054","scoring_system":"epss","scoring_elements":"0.17045","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-7657"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7657","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-7657"},{"reference_url":"https://issues.chromium.org/issues/427681143","reference_id":"427681143","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:06Z/"}],"url":"https://issues.chromium.org/issues/427681143"},{"reference_url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-07-16T03:56:06Z/"}],"url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-7657"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cnvn-bkhg-a3dw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68965?format=json","vulnerability_id":"VCID-edca-yux6-hfg2","summary":"chromium: Chrome V8 Type Confusion Read/Write","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6554.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6554.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6554","reference_id":"","reference_type":"","scores":[{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76138","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76195","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76183","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76196","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76221","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.76197","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.7617","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00937","scoring_system":"epss","scoring_elements":"0.7615","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6554"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6554","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6554"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2375684","reference_id":"2375684","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2375684"},{"reference_url":"https://issues.chromium.org/issues/427663123","reference_id":"427663123","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-17T03:55:36Z/"}],"url":"https://issues.chromium.org/issues/427663123"},{"reference_url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html","reference_id":"stable-channel-update-for-desktop_30.html","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-17T03:55:36Z/"}],"url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-6554"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-edca-yux6-hfg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96946?format=json","vulnerability_id":"VCID-es45-v7v3-gkcy","summary":"Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8576","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41433","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41462","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41439","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41448","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41468","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43902","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43886","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8576"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8576","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8576"},{"reference_url":"https://issues.chromium.org/issues/414760982","reference_id":"414760982","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:39:48Z/"}],"url":"https://issues.chromium.org/issues/414760982"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:39:48Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8576"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-es45-v7v3-gkcy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34511?format=json","vulnerability_id":"VCID-gj24-r1kr-1qg7","summary":"Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8880","reference_id":"","reference_type":"","scores":[{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31597","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3167","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31674","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31633","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31725","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.31588","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00124","scoring_system":"epss","scoring_elements":"0.3164","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8880"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8880","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8880"},{"reference_url":"https://issues.chromium.org/issues/433533359","reference_id":"433533359","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:31Z/"}],"url":"https://issues.chromium.org/issues/433533359"},{"reference_url":"https://security.gentoo.org/glsa/202511-04","reference_id":"GLSA-202511-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202511-04"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:31Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8880"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gj24-r1kr-1qg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96948?format=json","vulnerability_id":"VCID-ke3x-ajgw-s3av","summary":"Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8578","reference_id":"","reference_type":"","scores":[{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41433","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41462","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41389","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41439","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41448","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00195","scoring_system":"epss","scoring_elements":"0.41468","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43902","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00214","scoring_system":"epss","scoring_elements":"0.43886","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8578"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8578","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8578"},{"reference_url":"https://issues.chromium.org/issues/423387026","reference_id":"423387026","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:33:35Z/"}],"url":"https://issues.chromium.org/issues/423387026"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-07T13:33:35Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8578"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ke3x-ajgw-s3av"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96845?format=json","vulnerability_id":"VCID-qb26-d55m-yqe6","summary":"Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6191","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23541","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23623","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2364","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23598","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23685","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23726","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23507","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23578","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6191"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6191","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6191"},{"reference_url":"https://issues.chromium.org/issues/420697404","reference_id":"420697404","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:09Z/"}],"url":"https://issues.chromium.org/issues/420697404"},{"reference_url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html","reference_id":"stable-channel-update-for-desktop_17.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-19T03:55:09Z/"}],"url":"https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_17.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-6191"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qb26-d55m-yqe6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34514?format=json","vulnerability_id":"VCID-qff9-euj8-u7f4","summary":"Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8901","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23533","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.2355","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23509","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23597","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23634","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23413","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23484","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8901"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8901","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8901"},{"reference_url":"https://issues.chromium.org/issues/435139154","reference_id":"435139154","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T18:38:41Z/"}],"url":"https://issues.chromium.org/issues/435139154"},{"reference_url":"https://security.gentoo.org/glsa/202511-04","reference_id":"GLSA-202511-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202511-04"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-13T18:38:41Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8901"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qff9-euj8-u7f4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96950?format=json","vulnerability_id":"VCID-qzrp-z4g2-yyhp","summary":"Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8580","reference_id":"","reference_type":"","scores":[{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16748","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16808","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16595","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.1668","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16734","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00053","scoring_system":"epss","scoring_elements":"0.16714","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18069","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18019","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8580"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8580","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8580"},{"reference_url":"https://issues.chromium.org/issues/411544197","reference_id":"411544197","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:30:08Z/"}],"url":"https://issues.chromium.org/issues/411544197"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:30:08Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8580"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qzrp-z4g2-yyhp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96952?format=json","vulnerability_id":"VCID-tfc2-749m-sqh1","summary":"Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8582","reference_id":"","reference_type":"","scores":[{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19426","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19474","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.1927","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19322","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00062","scoring_system":"epss","scoring_elements":"0.19327","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20751","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.207","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8582"},{"reference_url":"https://issues.chromium.org/issues/40089450","reference_id":"40089450","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:24:17Z/"}],"url":"https://issues.chromium.org/issues/40089450"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html","reference_id":"stable-channel-update-for-desktop.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-08-07T13:24:17Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/510965?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.3-r2?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.3-r2%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8582"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tfc2-749m-sqh1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/34510?format=json","vulnerability_id":"VCID-u9mq-tb44-4kbc","summary":"Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8879","reference_id":"","reference_type":"","scores":[{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29436","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29529","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29532","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29487","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29555","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29604","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00111","scoring_system":"epss","scoring_elements":"0.29488","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-8879"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8879","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-8879"},{"reference_url":"https://issues.chromium.org/issues/432035817","reference_id":"432035817","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:32Z/"}],"url":"https://issues.chromium.org/issues/432035817"},{"reference_url":"https://security.gentoo.org/glsa/202511-04","reference_id":"GLSA-202511-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202511-04"},{"reference_url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html","reference_id":"stable-channel-update-for-desktop_12.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-08-14T03:55:32Z/"}],"url":"https://chromereleases.googleblog.com/2025/08/stable-channel-update-for-desktop_12.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-8879"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-u9mq-tb44-4kbc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68659?format=json","vulnerability_id":"VCID-vk4e-qufz-5ffp","summary":"angle: insufficient input validation can cause undefined behavior","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6558.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-6558.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6558","reference_id":"","reference_type":"","scores":[{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37959","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37993","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.38021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00168","scoring_system":"epss","scoring_elements":"0.37984","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44447","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44381","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00218","scoring_system":"epss","scoring_elements":"0.44426","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-6558"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6558","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-6558"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2380254","reference_id":"2380254","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2380254"},{"reference_url":"https://issues.chromium.org/issues/427162086","reference_id":"427162086","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-22T03:55:29Z/"}],"url":"https://issues.chromium.org/issues/427162086"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13780","reference_id":"RHSA-2025:13780","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13780"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13782","reference_id":"RHSA-2025:13782","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13782"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14421","reference_id":"RHSA-2025:14421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14422","reference_id":"RHSA-2025:14422","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14422"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14423","reference_id":"RHSA-2025:14423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14432","reference_id":"RHSA-2025:14432","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14433","reference_id":"RHSA-2025:14433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14434","reference_id":"RHSA-2025:14434","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:14486","reference_id":"RHSA-2025:14486","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:14486"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:15729","reference_id":"RHSA-2025:15729","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:15729"},{"reference_url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html","reference_id":"stable-channel-update-for-desktop_15.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"value":"Attend","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-07-22T03:55:29Z/"}],"url":"https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html"},{"reference_url":"https://usn.ubuntu.com/7702-1/","reference_id":"USN-7702-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7702-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/401815?format=json","purl":"pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}],"aliases":["CVE-2025-6558"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vk4e-qufz-5ffp"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/qt6-qtwebengine@6.9.1-r3%3Farch=s390x&distroversion=edge&reponame=community"}