CVE Notify
19.3K subscribers
4 photos
205K links
Alert on the latest CVEs

Partner channel: @malwr
Download Telegram
🚨 CVE-2026-28737
Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer.

🎖@cveNotify
🚨 CVE-2026-45488
User interface (ui) misrepresentation of critical information in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

🎖@cveNotify
🚨 CVE-2026-45489
Microsoft Edge (Chromium-based) Spoofing Vulnerability

🎖@cveNotify
🚨 CVE-2026-55945
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Edge (Chromium-based) allows an authorized attacker to disclose information locally.

🎖@cveNotify
🚨 CVE-2026-56645
Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-56646
Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

🎖@cveNotify
🚨 CVE-2026-57974
Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57975
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57977
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

🎖@cveNotify
🚨 CVE-2026-57983
Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

🎖@cveNotify
🚨 CVE-2026-57984
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57985
Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57986
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57987
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

🎖@cveNotify
🚨 CVE-2026-57988
Relative path traversal in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57991
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network.

🎖@cveNotify
🚨 CVE-2026-57992
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify
🚨 CVE-2026-57993
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

🎖@cveNotify
🚨 CVE-2026-58276
Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

🎖@cveNotify