CVE-2026-44515 - Nextcloud News: Authenticated blind SSRF via feed URL
CVE ID :CVE-2026-44515
Published : May 14, 2026, 4:36 p.m. | 24 minutes ago
Description :Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL (via the web interface or the API). In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or localhost, causing the Nextcloud server to perform server-side HTTP requests to attacker-controlled destinations, but not relaying the result. This enables blind SSRF, which can be used to scan or probe internal network services that are reachable from the Nextcloud server. This vulnerability is fixed in 28.3.0-beta.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44515
Published : May 14, 2026, 4:36 p.m. | 24 minutes ago
Description :Nextcloud News is an RSS/Atom feed reader. Prior to 28.3.0-beta.1, Nextcloud News allows authenticated users to add feeds by providing a feed URL (via the web interface or the API). In affected versions, an authenticated attacker could provide a URL pointing to internal/private IP ranges or localhost, causing the Nextcloud server to perform server-side HTTP requests to attacker-controlled destinations, but not relaying the result. This enables blind SSRF, which can be used to scan or probe internal network services that are reachable from the Nextcloud server. This vulnerability is fixed in 28.3.0-beta.1.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44348 - PoDoFo: Double-free vulnerability in compute_hash_to_sign()
CVE ID :CVE-2026-44348
Published : May 14, 2026, 4:38 p.m. | 22 minutes ago
Description :PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFinal fails after buf has already been freed, the Error label frees buf a second time, causing heap corruption. This vulnerability is fixed in 1.0.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44348
Published : May 14, 2026, 4:38 p.m. | 22 minutes ago
Description :PoDoFo is a C++17 PDF manipulation library. From 1.0.0 to before 1.0.4, a double-free vulnerability exists in compute_hash_to_sign() in src/podofo/private/OpenSSLInternal_Ripped.cpp. If EVP_DigestFinal fails after buf has already been freed, the Error label frees buf a second time, causing heap corruption. This vulnerability is fixed in 1.0.4.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-42555 - Valtimo: SpEL injection via StandardEvaluationContext allows Remote Code Execution by admin users
CVE ID :CVE-2026-42555
Published : May 14, 2026, 4:45 p.m. | 15 minutes ago
Description :Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32.0, com.ritense.valtimo:case from 13.0.0 to before 13.23.0, and com.ritense.valtimo:contract from 13.4.0 to before 13.23.0 evaluate Spring Expression Language (SpEL) expressions from user-supplied input using StandardEvaluationContext, which provides unrestricted access to Java types and methods. An authenticated user with the ADMIN role can achieve Remote Code Execution and credential exfiltration. This vulnerability is fixed in com.ritense.valtimo:document 2.32.0, com.ritense.valtimo:case 13.23.0, and com.ritense.valtimo:contract 13.23.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-42555
Published : May 14, 2026, 4:45 p.m. | 15 minutes ago
Description :Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32.0, com.ritense.valtimo:case from 13.0.0 to before 13.23.0, and com.ritense.valtimo:contract from 13.4.0 to before 13.23.0 evaluate Spring Expression Language (SpEL) expressions from user-supplied input using StandardEvaluationContext, which provides unrestricted access to Java types and methods. An authenticated user with the ADMIN role can achieve Remote Code Execution and credential exfiltration. This vulnerability is fixed in com.ritense.valtimo:document 2.32.0, com.ritense.valtimo:case 13.23.0, and com.ritense.valtimo:contract 13.23.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-44516 - Valtimo: Sensitive data exposure through HTTP request/response logging in LoggingRestClientCustomizer
CVE ID :CVE-2026-44516
Published : May 14, 2026, 4:48 p.m. | 12 minutes ago
Description :Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers. When an error response is received, this information is included in the thrown HttpClientErrorException message, which is logged at ERROR level by Spring's default exception handling — regardless of the application's DEBUG log level setting. This vulnerability is fixed in 12.33.0 and 13.26.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-44516
Published : May 14, 2026, 4:48 p.m. | 12 minutes ago
Description :Valtimo is an open-source business process automation platform. From 12.4.0 to 12.33.0 and 13.26.0, the LoggingRestClientCustomizer in the web module automatically intercepts all outgoing HTTP calls made via Spring's RestClient and logs the full request body, response body, and response headers. When an error response is received, this information is included in the thrown HttpClientErrorException message, which is logged at ERROR level by Spring's default exception handling — regardless of the application's DEBUG log level setting. This vulnerability is fixed in 12.33.0 and 13.26.0.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-45448 - ntopng - CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CVE ID :CVE-2026-45448
Published : May 14, 2026, 4:48 p.m. | 12 minutes ago
Description :CWE-601 URL redirection to untrusted site ('open redirect')
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-45448
Published : May 14, 2026, 4:48 p.m. | 12 minutes ago
Description :CWE-601 URL redirection to untrusted site ('open redirect')
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8572 - Google Chrome Android Cross-Origin Data Leakage
CVE ID :CVE-2026-8572
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8572
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8573 - Google Chrome Windows Integer Overflow Sandbox Escape
CVE ID :CVE-2026-8573
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8573
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8574 - Google Chrome Use-After-Free Vulnerability
CVE ID :CVE-2026-8574
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8574
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8575 - Google Chrome Use After Free in UI
CVE ID :CVE-2026-8575
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8575
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8576 - Google Chrome CORS Cross-Origin Data Leak
CVE ID :CVE-2026-8576
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8576
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8577 - Google Chrome Fonts Integer Overflow Vulnerability
CVE ID :CVE-2026-8577
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8577
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8578 - Google Chrome Linux GPU Out-of-Bounds Read Vulnerability
CVE ID :CVE-2026-8578
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8578
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8579 - Google Chrome Skia Out-of-Bounds Memory Write
CVE ID :CVE-2026-8579
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8579
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8580 - Google Chrome Mojo Use-After-Free Vulnerability
CVE ID :CVE-2026-8580
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8580
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8581 - Google Chrome GPU Use-After-Free Vulnerability
CVE ID :CVE-2026-8581
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8581
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8582 - Google Chrome Dawn Information Leak
CVE ID :CVE-2026-8582
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8582
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8583 - Google Chrome WebXR Information Disclosure
CVE ID :CVE-2026-8583
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8583
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8584 - Google Chrome iOS UI Spoofing Vulnerability
CVE ID :CVE-2026-8584
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8584
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8585 - Google Chrome iOS Media Out-of-Bounds Memory Read Vulnerability
CVE ID :CVE-2026-8585
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8585
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8586 - Google Chrome Chromoting File Path Traversal Vulnerability
CVE ID :CVE-2026-8586
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8586
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-8587 - Google Chrome Extensions Use After Free Vulnerability
CVE ID :CVE-2026-8587
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-8587
Published : May 14, 2026, 8:17 p.m. | 43 minutes ago
Description :Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...