CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.01)

CVE-2026-57992
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network. The issue stems from improper memory management when processing specially crafted network requests.

CVE-2026-57991
HighEPSS 51%

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network due to improper link resolution before file access.

CVE-2026-57988
High

A Relative Path Traversal vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-57987
Medium

A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

CVE-2026-57986
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-57985
High

An improper input validation vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-57984
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. The issue stems from improper memory management when processing specially crafted network requests.

CVE-2026-57983
High

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. The issue stems from improper authorization in the browser's security mechanism.

CVE-2026-57981
High

A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. The issue stems from improper memory management when processing specific network data.

CVE-2026-57977
High

An XSS vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network due to improper input neutralization during web page generation.

CVE-2026-57975
High

A type confusion vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network. The flaw stems from accessing a resource using an incompatible data type.

CVE-2026-57974
High

An integer overflow or wraparound vulnerability has been discovered in Microsoft Edge (Chromium-based). This flaw allows an unauthorized attacker to execute code remotely on the victim's system.

CVE-2026-56646
Medium

A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose sensitive information. The attack can be performed remotely over a network, leading to spoofing.

CVE-2026-56645
High

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.

CVE-2026-55945
Medium

A race condition vulnerability has been discovered in Microsoft Edge (Chromium-based) due to improper synchronization of shared resources. This flaw allows an authorized attacker to disclose information locally.

CVE-2026-45489
Medium

A spoofing vulnerability in Microsoft Edge (Chromium-based) allows an attacker to manipulate the user interface, such as the address bar. This could trick users into believing they are on a legitimate website while actually visiting a malicious one.

CVE-2026-45488
Medium

A vulnerability in Microsoft Edge (Chromium-based) allows an attacker to spoof the user interface, potentially leading to network-based fraud. The flaw is due to misrepresentation of critical information in the UI.

CVE-2026-28744
High

A vulnerability in Gitea up to version 1.26.1 allows Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.

CVE-2026-28740
High

A vulnerability in Gitea up to version 1.26.2 allows Git LFS object reuse, enabling users with repository access but without Code-unit access to authorize private source objects.

CVE-2026-28737
High

A stored cross-site scripting vulnerability in Gitea allows attackers to inject malicious scripts via the extensionsRequired field in glTF files rendered by the 3D file viewer. Affects versions from 1.25.0 before 1.26.0.

PreviousPage 4 of 4407Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS