Automatically generated suggestions

to slate a suggestion for refinement.

to mark a suggestion as irrelevant and log the reason.

View:

Compact

Detailed

Permalink CVE-2026-6317

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 21 hours ago

Use after free in Cast in Google Chrome prior to …

Chrome

<147.0.7727.101

Permalink CVE-2026-6314

8.3 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 21 hours ago

Out of bounds write in GPU in Google Chrome prior …

Chrome

<147.0.7727.101

          Permalink
          
            CVE-2026-40916
          
        5.0 MEDIUM
      
        CVSS version: 3.1
      
        Attack vector (AV): LOCAL
      
        Attack complexity (AC): LOW
      
        Privileges required (PR): LOW
      
        User interaction (UI): REQUIRED
      
        Scope (S): UNCHANGED
      
        Confidentiality impact (C): NONE
      
        Integrity impact (I): NONE
      
        Availability impact (A): HIGH
      
    created 21 hours ago
  
            Gimp: gimp: denial of service due to stack buffer overflow in tim image loader
          
      https://access.redhat.com/security/cve/CVE-2026-40916
    
    x_refsource_REDHATvdb-entry
  
      RHBZ#2458745
    
    issue-trackingx_refsource_REDHAT
  
    gimp

    gimp:2.8/gimp

Permalink CVE-2025-41118

9.1 CRITICAL

CVSS version: 3.1
Attack vector (AV):
Attack complexity (AC):
Privileges required (PR):
User interaction (UI):
Scope (S):
Confidentiality impact (C):
Integrity impact (I):
Availability impact (A):

updated 17 hours ago by @LeSuisse Activity log

Created automatic suggestion 21 hours ago
@LeSuisse ignored package grafanaPlugins.grafana-pyroscope-app 17 hours ago

Sensitive COS `SecretKey` exposed in plaintext via configuration API due to missing type protection

https://grafana.com/security/security-advisories/cve-2025-41118 vendor-advisory

Pyroscope

<1.16.0

Permalink CVE-2026-6315

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 21 hours ago

Use after free in Permissions in Google Chrome on Android …

Chrome

<147.0.7727.101

          Permalink
          
            CVE-2026-40918
          
        5.5 MEDIUM
      
        CVSS version: 3.1
      
        Attack vector (AV): LOCAL
      
        Attack complexity (AC): LOW
      
        Privileges required (PR): NONE
      
        User interaction (UI): REQUIRED
      
        Scope (S): UNCHANGED
      
        Confidentiality impact (C): NONE
      
        Integrity impact (I): NONE
      
        Availability impact (A): HIGH
      
    created 21 hours ago
  
            Gimp: gimp: denial of service via crafted pvr image file
          
      https://access.redhat.com/security/cve/CVE-2026-40918
    
    x_refsource_REDHATvdb-entry
  
      RHBZ#2458747
    
    issue-trackingx_refsource_REDHAT
  
    gimp

    gimp:2.8/gimp

Permalink CVE-2026-3590

6.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): NONE

created 21 hours ago

Race Condition in Guest Magic Link Authentication Allows Token Reuse

MMSA-2026-00624 vendor-advisory

Mattermost

=<11.5.0
=<10.11.12
==11.3.3
=<11.4.2
==11.4.3
=<11.3.2
==10.11.13
==11.6.0
==11.5.1

Permalink CVE-2026-6305

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 21 hours ago

Heap buffer overflow in PDFium in Google Chrome prior to …

Chrome

<147.0.7727.101

          Permalink
          
            CVE-2026-40917
          
        5.0 MEDIUM
      
        CVSS version: 3.1
      
        Attack vector (AV): LOCAL
      
        Attack complexity (AC): LOW
      
        Privileges required (PR): LOW
      
        User interaction (UI): REQUIRED
      
        Scope (S): UNCHANGED
      
        Confidentiality impact (C): NONE
      
        Integrity impact (I): NONE
      
        Availability impact (A): HIGH
      
    created 21 hours ago
  
            Gimp: gimp: application crashes or information disclosure via crafted icns image files
          
      https://access.redhat.com/security/cve/CVE-2026-40917
    
    x_refsource_REDHATvdb-entry
  
      RHBZ#2458746
    
    issue-trackingx_refsource_REDHAT
  
    gimp

    gimp:2.8/gimp

Permalink CVE-2026-6359

8.8 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 21 hours ago

Use after free in Video in Google Chrome on Windows …

Chrome

<147.0.7727.101