|
841
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The affected element is the function _get_all_models of the file hiyoriUI.py of the component Model Handl…
Update
|
CWE-22
Path Traversal
|
CVE-2026-8755
|
2026-05-19 04:31 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
842
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in fishaudio Bert-VITS2 up to 8f7fbd8c4770965225d258db548da27dc8dd934c. The impacted element is the function generate_config of the file webui_preprocess.py of the comp…
Update
|
CWE-22
Path Traversal
|
CVE-2026-8756
|
2026-05-19 04:31 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
843
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmp_parse_inbound_frame of the file src/apps/snmp/snmp_msg.c of the component snmpv3 USM Handler. Performing a manipulation of…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-8836
|
2026-05-19 04:26 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
844
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in xiandafu beetl up to 3.20.2. Affected is an unknown function of the file beetl-classic-integration/beetl-spring-classic/src/main/java/org/beetl/ext/spring/SpELFuncti…
Update
|
CWE-20
CWE-917
Improper Input Validation
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-8759
|
2026-05-19 04:22 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
845
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentia…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-8516
|
2026-05-19 04:17 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
846
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
Update
|
CWE-416
Use After Free
|
CVE-2026-8518
|
2026-05-19 04:17 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
847
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
Update
|
CWE-362
Race Condition
|
CVE-2026-8520
|
2026-05-19 04:17 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
848
|
7.5 |
HIGH
Adjacent
|
google
|
chrome
|
Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
Update
|
CWE-416
Use After Free
|
CVE-2026-8521
|
2026-05-19 04:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
849
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
Update
|
CWE-416
Use After Free
|
CVE-2026-8523
|
2026-05-19 04:14 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
850
|
10.0 |
CRITICAL
Network
|
dhtmlx
|
pdf_export_module
|
PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicio…
Update
|
CWE-78
OS Command
|
CVE-2026-41553
|
2026-05-19 03:40 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
