🚨 CVE-2026-12468
Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
🎖@cveNotify
Race in Updater in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
🎖@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.155/.156 for Windows and Mac and 149.0.7827.155 for Linux, which will roll out over the c...
🚨 CVE-2026-12469
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
🎖@cveNotify
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
🎖@cveNotify
Chrome Releases
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.155/.156 for Windows and Mac and 149.0.7827.155 for Linux, which will roll out over the c...
🚨 CVE-2026-22328
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Auto Repair <= 22.6 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Auto Repair Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-22329
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in Skillate <= 1.2.10 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Skillate Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-22335
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
🎖@cveNotify
Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.
🎖@cveNotify
Patchstack
SQL Injection in WordPress WooCommerce Frontend Manager – Ultimate Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-22339
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
🎖@cveNotify
Unauthenticated Cross Site Scripting (XSS) in WPJobster <= 6.3.5 versions.
🎖@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress WPJobster Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-22342
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
🎖@cveNotify
Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions.
🎖@cveNotify
Patchstack
Cross Site Request Forgery (CSRF) in WordPress WordPress Dating Theme Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-22343
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
🎖@cveNotify
Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress WordPress Dating Theme Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-24575
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
🎖@cveNotify
Subscriber Broken Access Control in WishList Member X <= 3.29.0 versions.
🎖@cveNotify
Patchstack
Broken Access Control in WordPress WishList Member X Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
🚨 CVE-2026-25446
Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.
🎖@cveNotify
Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.
🎖@cveNotify
Patchstack
Arbitrary File Upload in WordPress WishList Member X Plugin
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.