CVE-2026-2595 - The Quads Ads Manager for Google AdSense plugin for WordPress is vulnerable to Stored Cross-Site Scr

CVE-2026-33729 - OpenFGA is a high-performance and flexible authorization/permission engine built for developers and

CVE-2026-3529 - Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability i

CVE-2026-23386 - In the Linux kernel, the following vulnerability has been resolved: gve: fix incorrect buffer clean

CVE-2026-23385 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clone set

CVE-2026-4680 - Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execut

CVE-2026-4679 - Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perf

CVE-2026-4678 - Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execu

CVE-2026-4677 - Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote a

CVE-2026-4676 - Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potenti

CVE-2026-4675 - Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to

CVE-2026-4674 - Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perf

CVE-2026-4673 - Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker

CVE-2026-30886 - New API is a large language mode (LLM) gateway and artificial intelligence (AI) asset management sys

CVE-2025-13997 - The King Addons for Elementor – 4,000+ ready Elementor sections, 650+ templates, 70+ FREE widgets fo

CVE-2025-10734 - The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Sche

CVE-2025-10731 - The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Sche

CVE-2025-10679 - The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Sche

CVE-2025-10736 - The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Sche

CVE-2026-2580 - The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for

CVE-2026-3332 - The Xhanch - My Advanced Settings plugin for WordPress is vulnerable to Cross-Site Request Forgery i

CVE-2026-1393 - The Add Google Social Profiles to Knowledge Graph Box plugin for WordPress is vulnerable to Cross-Si

CVE-2026-3516 - The Contact List plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the '_cl_map_

CVE-2026-33186 - gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization by

CVE-2026-32947 - Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. In versio

CVE-2026-4464 - Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to pote

CVE-2026-4463 - Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to

CVE-2026-4462 - Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to pe

CVE-2026-4461 - Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacke

CVE-2026-4460 - Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to per

CVE-2026-4459 - Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote a

CVE-2026-4458 - Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convin

CVE-2026-4457 - Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potential

CVE-2026-4456 - Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote

CVE-2026-4455 - Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to

CVE-2026-4454 - Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to pote

CVE-2026-4453 - Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote attacker t

CVE-2026-4452 - Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote attac

CVE-2026-4451 - Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 al

CVE-2026-4450 - Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to pote

CVE-2026-4449 - Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potent

CVE-2026-4448 - Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to

CVE-2026-4447 - Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacke

CVE-2026-4446 - Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to poten

CVE-2026-4445 - Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to poten

CVE-2026-4444 - Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker t

CVE-2026-4443 - Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker

CVE-2026-4442 - Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to po

CVE-2026-4441 - Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potenti

CVE-2026-4440 - Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote atta

CVE-2026-4439 - Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a r

CVE-2026-32011 - OpenClaw versions prior to 2026.3.2 contain a denial of service vulnerability in webhook handlers fo

CVE-2026-4268 - The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to Stored Cross-Site Scr

CVE-2026-4229 - A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data

CVE-2026-4092 - Path Traversal in Clasp impacting versions < 3.2.0 allows a remote attacker to perform remote code e

CVE-2026-3910 - Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker

CVE-2026-3909 - Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to per

CVE-2026-32360 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-22203 - wpDiscuz before 7.6.47 contains an information disclosure vulnerability that allows administrators t

CVE-2026-3942 - Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote a

CVE-2026-3941 - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote

CVE-2026-3940 - Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote

CVE-2026-3939 - Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote atta

CVE-2026-3938 - Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remot

CVE-2026-3937 - Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remo

CVE-2026-3936 - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attack

CVE-2026-3935 - Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote att

CVE-2026-3934 - Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a re

CVE-2026-3932 - Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a

CVE-2026-3931 - Heap buffer overflow in Skia in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to pe

CVE-2026-3930 - Unsafe navigation in Navigation in Google Chrome on iOS prior to 146.0.7680.71 allowed a remote atta

CVE-2026-3929 - Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a

CVE-2026-3928 - Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an att

CVE-2026-3927 - Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote a

CVE-2026-3926 - Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perfor

CVE-2026-3925 - Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed

CVE-2026-3924 - use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who

CVE-2026-3923 - Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to poten

CVE-2026-3922 - Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to p

CVE-2026-3921 - Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to

CVE-2026-3920 - Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attack

CVE-2026-3919 - Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinc

CVE-2026-3918 - Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potent

CVE-2026-3917 - Use after free in Agents in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potent

CVE-2026-3916 - Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker t

CVE-2026-3915 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to p

CVE-2026-3914 - Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to poten

CVE-2026-3913 - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to p

CVE-2026-1993 - The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Improper Privile

CVE-2026-1992 - The ExactMetrics – Google Analytics Dashboard for WordPress plugin is vulnerable to Insecure Direct

CVE-2026-2830 - The WP All Import – Drag & Drop Import for CSV, XML, Excel & Google Sheets plugin for WordPress is v

CVE-2026-28469 - OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat moni

CVE-2026-3545 - Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote

CVE-2026-3544 - Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker

CVE-2026-3543 - Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacke

CVE-2026-3542 - Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remot

CVE-2026-3541 - Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attack

CVE-2026-3540 - Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote a

CVE-2026-3539 - Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who

CVE-2026-3538 - Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to poten

CVE-2026-3537 - Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remo

CVE-2026-3536 - Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to pote

CVE-2026-3136 - An improper authorization vulnerability in GitHub Trigger Comment Control in Google Cloud Build prio

CVE-2026-3223 - Arbitrary file write & potential privilege escalation exploiting zip slip vulnerability in Google We

CVE-2026-27465 - Fleet is open source device management software. In versions prior to 4.80.1, a vulnerability in Fle

CVE-2026-27804 - Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.

CVE-2026-3063 - Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacke

CVE-2026-3062 - Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remot

CVE-2026-3061 - Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to pe

CVE-2025-68834 - Missing Authorization vulnerability in Saiful Islam Sync Master Sheet &#8211; Product Sync with Goog

CVE-2025-68028 - Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress ga-fo

CVE-2025-67979 - Improper Control of Generation of Code ('Code Injection') vulnerability in WesternDeal WPForms Googl

CVE-2026-2274 - A SSRF and Arbitrary File Read vulnerability in AppSheet Core in Google AppSheet prior to 2025-11-23

CVE-2025-14076 - The iXML – Google XML sitemap generator plugin for WordPress is vulnerable to Reflected Cross-Site S

CVE-2026-2650 - Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to

CVE-2026-2649 - Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potenti

CVE-2026-2648 - Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to

CVE-2026-1860 - The Kali Forms plugin for WordPress is vulnerable to Insecure Direct Object Reference in all version

CVE-2025-12062 - The WP Maps – Store Locator,Google Maps,OpenStreetMap,Mapbox,Listing,Directory & Filters plugin for

CVE-2026-23200 - In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mi

CVE-2026-23198 - In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routin

CVE-2026-23167 - In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix race between rfki

CVE-2026-1096 - The Best-wp-google-map plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'la

CVE-2026-2441 - Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute a

CVE-2026-2323 - Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote a

CVE-2026-2322 - Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote

CVE-2026-2321 - Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convin

CVE-2026-2320 - Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote

CVE-2026-2319 - Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a u

CVE-2026-2318 - Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a r

CVE-2026-2317 - Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote a

CVE-2026-2316 - Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote a

CVE-2026-2315 - Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote atta

CVE-2026-2314 - Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to

CVE-2026-2313 - Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potential

CVE-2026-24851 - OpenFGA is a high-performance and flexible authorization/permission engine built for developers and

CVE-2026-23099 - In the Linux kernel, the following vulnerability has been resolved: bonding: limit BOND_MODE_8023AD

CVE-2026-1862 - Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potential

CVE-2026-1861 - Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to

CVE-2026-25221 - PolarLearn is a free and open-source learning program. In 0-PRERELEASE-15 and earlier, the OAuth 2.0

CVE-2026-24845 - malcontent discovers supply-chain compromises through. context, differential analysis, and YARA. Sta

CVE-2026-1399 - The WP Google Ad Manager Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi

CVE-2025-14063 - The SEO Links Interlinking plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via

CVE-2026-1504 - Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowe

CVE-2026-24802 - Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in briandilley jsonrpc4j (src/m

CVE-2026-23011 - In the Linux kernel, the following vulnerability has been resolved: ipv4: ip_gre: make ipgre_header

CVE-2026-23010 - In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in ine

CVE-2026-23004 - In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6_uncached_

CVE-2026-23003 - In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: use skb_vlan_inet_p

CVE-2026-23001 - In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in ma

CVE-2026-0593 - The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulnerable to unauthorized modifica

CVE-2025-12836 - The VK Google Job Posting Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting

CVE-2026-24603 - Missing Authorization vulnerability in themebeez Universal Google Adsense and Ads manager universal-

CVE-2026-24540 - Missing Authorization vulnerability in Prince Integrate Google Drive integrate-google-drive allows E

CVE-2026-0994 - A denial-of-service (DoS) vulnerability exists in google.protobuf.json_format.ParseDict() in Python,

CVE-2025-65098 - Typebot is an open-source chatbot builder. In versions prior to 3.13.2, client-side script execution

CVE-2026-0908 - Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potenti

CVE-2026-0907 - Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacke

CVE-2026-0906 - Incorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker

CVE-2026-0905 - Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack

CVE-2026-0904 - Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remot

CVE-2026-0903 - Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed

CVE-2026-0902 - Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker

CVE-2026-0901 - Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a r

CVE-2026-0900 - Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker

CVE-2026-0899 - Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker

CVE-2025-14351 - The Custom Fonts – Host Your Fonts Locally plugin for WordPress is vulnerable to unauthorized loss o

CVE-2025-48647 - In cpm_fwtp_msg_handler of cpm/google/lib/tracepoint/cpm_fwtp_ipc.c, there is a possible memory over

CVE-2025-15370 - The Shield: Blocks Bots, Protects Users, and Prevents Security Breaches plugin for WordPress is vuln

CVE-2026-0532 - External Control of File Name or Path (CWE-73) combined with Server-Side Request Forgery (CWE-918) c

CVE-2025-13895 - The Top Position Google Finance plugin for WordPress is vulnerable to Reflected Cross-Site Scripting

CVE-2026-0563 - The WP Google Street View (with 360° virtual tour) & Google maps + Local SEO plugin for WordPress is

CVE-2026-22517 - Missing Authorization vulnerability in Passionate Brains GA4WP: Google Analytics for WordPress allow

CVE-2026-0628 - Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an a

CVE-2025-12540 - The ShareThis Dashboard for Google Analytics plugin for WordPress is vulnerable to Sensitive Informa

CVE-2025-9543 - The FlexTable WordPress plugin before 3.19.2 does not sanitise and escape the imported links from G

CVE-2025-69412 - KDE messagelib before 25.11.90 ignores SSL errors for threatMatches:find in the Google Safe Browsing

CVE-2023-54296 - In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from

CVE-2023-54283 - In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bp

CVE-2023-54277 - In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: Fix endpoint chec

CVE-2023-54247 - In the Linux kernel, the following vulnerability has been resolved: bpf: Silence a warning in btf_t

CVE-2023-54225 - In the Linux kernel, the following vulnerability has been resolved: net: ipa: only reset hashed tab

CVE-2022-50862 - In the Linux kernel, the following vulnerability has been resolved: bpf: prevent decl_tag from bein

CVE-2022-50855 - In the Linux kernel, the following vulnerability has been resolved: bpf: prevent leak of lsm progra

CVE-2022-50849 - In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vma

CVE-2022-50819 - In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set ubuf->sg = NULL if

CVE-2022-50816 - In the Linux kernel, the following vulnerability has been resolved: ipv6: ensure sane device mtu in

CVE-2025-69024 - Missing Authorization vulnerability in bizswoop BizPrint print-google-cloud-print-gcp-woocommerce al

CVE-2025-68979 - Authorization Bypass Through User-Controlled Key vulnerability in SimpleCalendar Google Calendar Eve