CVE-2026-13760 - OS Command Injection in aws-cdk-lib Docker Bundling
CVE ID :CVE-2026-13760
Published : July 1, 2026, 7:05 p.m. | 28 minutes ago
Description :OS command injection in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib on all platforms might allow a actor who controls dependency version strings in a project's package.json file to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters in the OsCommand helper. This issue requires the actor to control the content of a package.json dependency version string that is processed during Docker-based bundling with nodeModules specified. To remediate this issue, users should upgrade to v2.260.0.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-13760
Published : July 1, 2026, 7:05 p.m. | 28 minutes ago
Description :OS command injection in the NodejsFunction Docker bundling pipeline (OsCommand helper) in AWS aws-cdk-lib on all platforms might allow a actor who controls dependency version strings in a project's package.json file to execute arbitrary commands on the host running the CDK toolchain via injected shell metacharacters in the OsCommand helper. This issue requires the actor to control the content of a package.json dependency version string that is processed during Docker-based bundling with nodeModules specified. To remediate this issue, users should upgrade to v2.260.0.
Severity: 7.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14395 - Google Chrome V8 Out-of-Bounds Write
CVE ID :CVE-2026-14395
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14395
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Out of bounds write in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14423 - Google Chrome Type Confusion Sandbox Escape
CVE ID :CVE-2026-14423
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14423
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14431 - Google Chrome V8 Type Confusion
CVE ID :CVE-2026-14431
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14431
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14402 - Google Chrome ANGLE Uninitialized Memory Read
CVE ID :CVE-2026-14402
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14402
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14418 - Google Chrome ANGLE Uninitialized Use Information Leak
CVE ID :CVE-2026-14418
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14418
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14413 - ANGLE Sandbox Escape
CVE ID :CVE-2026-14413
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14413
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14421 - Google Chrome Uninitialized Memory Disclosure
CVE ID :CVE-2026-14421
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14421
Published : July 1, 2026, 10:21 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14408 - Google Chrome Uninitialized Use Information Disclosure
CVE ID :CVE-2026-14408
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14408
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14399 - Google Chrome Use-After-Free
CVE ID :CVE-2026-14399
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14399
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14405 - Google Chrome V8 Uninitialized Use
CVE ID :CVE-2026-14405
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14405
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14398 - ANGLE Use-after-free Sandbox Escape
CVE ID :CVE-2026-14398
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14398
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14390 - ANGLE Use-after-free Sandbox Escape
CVE ID :CVE-2026-14390
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14390
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14425 - ANGLE Use-After-Free Sandbox Escape
CVE ID :CVE-2026-14425
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14425
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14424 - Google Chrome Use-After-Free Sandbox Escape
CVE ID :CVE-2026-14424
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14424
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14417 - Google Chrome Use-After-Free Sandbox Escape
CVE ID :CVE-2026-14417
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14417
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14419 - Google Chrome Use-After-Free Sandbox Escape
CVE ID :CVE-2026-14419
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14419
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14403 - Google Chrome Use-After-Free
CVE ID :CVE-2026-14403
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14403
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14393 - Google Chrome V8 Use-After-Free
CVE ID :CVE-2026-14393
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14393
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14432 - Google Chrome Use-After-Free
CVE ID :CVE-2026-14432
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14432
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-14394 - Google Chrome V8 Use-After-Free
CVE ID :CVE-2026-14394
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID :CVE-2026-14394
Published : July 1, 2026, 10:22 p.m. | 1 hour, 14 minutes ago
Description :Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...