CVE CyberSecurity Database News (Page 8)

Apr 8, 2026 XSS API Exploit Google Chrome

CVE-2026-5911 - Policy Bypass in ServiceWorkers on Chrome — How Attackers Could Bypass CSP (with Example Exploit)

In early 2026, a new Chrome vulnerability labeled CVE-2026-5911 was discovered, affecting Chrome versions prior to 147..7727.55. This vulnerability allows a remote attacker

Apr 8, 2026 Exploit Google Chrome

CVE-2026-5906 - Understanding the Omnibox Spoofing Issue in Google Chrome for Android (and How it Might Affect You)

If you've ever wondered just how safe that address bar in your mobile web browser really is, buckle up. This article takes an

Apr 6, 2026

CVE-2026-34982 - How a Modeline Sandbox Bypass Let Attackers Execute OS Commands in Vim

Vim—one of the most popular text editors used daily by developers and sysadmins—recently got patched for a dangerous vulnerability. This flaw, tracked as

Apr 4, 2026 RCE API API Security

CVE-2026-35616 - Breaking Down the Fortinet FortiClientEMS Improper Access Control Vulnerability (7.4.5 - 7.4.6)

Fortinet is a trusted name in the world of cybersecurity. Its FortiClientEMS product is often the backbone of endpoint management for thousands of organizations worldwide.

Apr 2, 2026 Exploit

CVE-2026-35414 - Exploiting OpenSSH’s authorized_keys Principals Mishandling

CVE-2026-35414 is a newly disclosed vulnerability affecting OpenSSH versions prior to 10.3. This flaw opens the door to unexpected access due to the way