CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.01)
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network. The issue stems from improper memory management when processing specially crafted network requests.
A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose information over a network due to improper link resolution before file access.
A Relative Path Traversal vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.
A Server-Side Request Forgery (SSRF) vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.
An improper input validation vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. The issue stems from improper memory management when processing specially crafted network requests.
A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network. The issue stems from improper authorization in the browser's security mechanism.
A Use-After-Free vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network. The issue stems from improper memory management when processing specific network data.
An XSS vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network due to improper input neutralization during web page generation.
A type confusion vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network. The flaw stems from accessing a resource using an incompatible data type.
An integer overflow or wraparound vulnerability has been discovered in Microsoft Edge (Chromium-based). This flaw allows an unauthorized attacker to execute code remotely on the victim's system.
A vulnerability in Microsoft Edge (Chromium-based) allows an unauthorized attacker to disclose sensitive information. The attack can be performed remotely over a network, leading to spoofing.
Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code remotely over a network.
A race condition vulnerability has been discovered in Microsoft Edge (Chromium-based) due to improper synchronization of shared resources. This flaw allows an authorized attacker to disclose information locally.
A spoofing vulnerability in Microsoft Edge (Chromium-based) allows an attacker to manipulate the user interface, such as the address bar. This could trick users into believing they are on a legitimate website while actually visiting a malicious one.
A vulnerability in Microsoft Edge (Chromium-based) allows an attacker to spoof the user interface, potentially leading to network-based fraud. The flaw is due to misrepresentation of critical information in the UI.
A vulnerability in Gitea up to version 1.26.1 allows Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.
A vulnerability in Gitea up to version 1.26.2 allows Git LFS object reuse, enabling users with repository access but without Code-unit access to authorize private source objects.
A stored cross-site scripting vulnerability in Gitea allows attackers to inject malicious scripts via the extensionsRequired field in glTF files rendered by the 3D file viewer. Affects versions from 1.25.0 before 1.26.0.

