|
4171
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-8961
|
2026-05-21 02:58 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4172
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure in the Graphics: WebGPU component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
|
CWE-200
Information Exposure
|
CVE-2026-8967
|
2026-05-21 02:57 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4173
|
8.1 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Mitigation bypass in the DOM: Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-8962
|
2026-05-21 02:56 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4174
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure in the DOM: Security component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
|
CWE-200
Information Exposure
|
CVE-2026-8965
|
2026-05-21 02:51 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4175
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Information disclosure in the IP Protection component. This vulnerability was fixed in Firefox 151 and Thunderbird 151.
|
CWE-200
Information Exposure
|
CVE-2026-8966
|
2026-05-21 02:51 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4176
|
7.5 |
HIGH
Network
|
progress
|
moveit_automation
|
Uncontrolled Memory Allocation vulnerability in Progress Software MOVEit Automation allows Excessive Allocation.
This issue affects MOVEit Automation: before 2025.0.11, from 2025.1.0 before 2025.1.7.
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-8485
|
2026-05-21 02:50 |
2026-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4177
|
4.6 |
MEDIUM
Network
|
nozominetworks
|
cmc
guardian
|
An Angular template injection vulnerability was discovered in the Reports functionality due to improper validation of an input parameter. An authenticated user with report privileges can define a mal…
|
CWE-1336
Improper Neutralization of Special Elements Used in a Template Engine
|
CVE-2025-40900
|
2026-05-21 02:35 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4178
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
thunderbird
|
Privilege escalation in the Security component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
|
CWE-269
Improper Privilege Management
|
CVE-2026-8970
|
2026-05-21 02:34 |
2026-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4179
|
6.5 |
MEDIUM
Network
|
kilo
|
kilo_code_cli
|
A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executi…
|
CWE-200
CWE-284
NVD-CWE-noinfo
Information Exposure
Improper Access Control
|
CVE-2026-8766
|
2026-05-21 02:34 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4180
|
4.0 |
MEDIUM
Physics
|
-
|
-
|
Ledger Bitcoin app versions 2.1.0 and 2.1.1 contain an address derivation vulnerability that allows attackers to cause incorrect Bitcoin addresses to be displayed by exploiting improper handling of m…
|
CWE-682
Incorrect Calculation
|
CVE-2023-7346
|
2026-05-21 02:33 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
