CVE Security

Insufficient verification of data authenticity in PackageManagerService prior to SMR Mar-2026 Release 1 allows local attackers to modify the installat...

Android Mobile


                                    CVE-2026-21023

Lire l'article

high 8.8

05/05/2026

Vulnérabilité high détectée - CVE-2026-7361

Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pag...

Applications iOS Linux


                                    CVE-2026-7361

Lire l'article

high 8.3

05/05/2026

Vulnérabilité high détectée - CVE-2026-7352

Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to pote...

Android Applications iOS


                                    CVE-2026-7352

Lire l'article

high 8.8

05/05/2026

Vulnérabilité high détectée - CVE-2026-7342

Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via...

Android Applications iOS


                                    CVE-2026-7342

Lire l'article

high 8.1

05/05/2026

Vulnérabilité high détectée - CVE-2026-42167

mod_sql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER request...

iOS Mobile


                                    CVE-2026-42167

Lire l'article

medium 4.6

05/05/2026

Vulnérabilité medium détectée - CVE-2026-41398

OpenClaw before 2026.4.2 contains an improper access control vulnerability in the iOS A2UI bridge that treats generic local-network pages as trusted o...

iOS Mobile


                                    CVE-2026-41398

Lire l'article

high 7.3

04/05/2026

Vulnérabilité high détectée - CVE-2026-7146

A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulner...

iOS Mobile


                                    CVE-2026-7146

Lire l'article

unknown

04/05/2026

Vulnérabilité unknown détectée - CVE-2025-15626

Authenticated user can bypass authorization in Ribblr - Crochet & Knitting iOS application

iOS Mobile


                                    CVE-2025-15626

Lire l'article

critical 9.9

01/05/2026

Vulnérabilité critical détectée - CVE-2026-41478

Saltcorn is an extensible, open source, no-code database application builder. Prior to 1.4.6, 1.5.6, and 1.6.0-beta.5, a SQL injection vulnerability i...

Mobile Web


                                    CVE-2026-41478

Lire l'article

high 8.8

01/05/2026

Vulnérabilité high détectée - CVE-2026-41429

arduino-esp32 is an Arduino core for the ESP32, ESP32-S2, ESP32-S3, ESP32-C3, ESP32-C6 and ESP32-H2 microcontrollers. Prior to 3.3.8, there is a remot...

iOS Mobile


                                    CVE-2026-41429

Lire l'article

medium 6.5

01/05/2026

Vulnérabilité medium détectée - CVE-2026-42044

Axios is a promise based HTTP client for the browser and Node.js. From 1.0.0 to before 1.15.2, he Axios library is vulnerable to a Prototype Pollution...

Applications iOS Mobile


                                    CVE-2026-42044

Lire l'article

medium 5.3

01/05/2026

Vulnérabilité medium détectée - CVE-2026-42034

Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, for stream request bodies, maxBodyLength is bypassed whe...

Applications iOS Mobile


                                    CVE-2026-42034

Lire l'article

10 11 12 13 14