FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2026-04-18 23:50:15 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
d93c247b-4dba-43ce-b5c0-ac5bd03bea8d	chromium -- security fixes Chrome Releases reports: This update includes 31 security fixes: [490170083] Critical CVE-2026-6296: Heap buffer overflow in ANGLE. Reported by cinzinga on 2026-03-05 [493628982] Critical CVE-2026-6297: Use after free in Proxy. Reported by heapracer on 2026-03-17 [495700484] Critical CVE-2026-6298: Heap buffer overflow in Skia. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-24 [497053588] Critical CVE-2026-6299: Use after free in Prerender. Reported by Google on 2026-03-28 [497724498] Critical CVE-2026-6358: Use after free in XR. Reported by Jihyeon Jeong (Compsec Lab, Seoul National University / Research Intern) on 2026-03-30 [490251701] High CVE-2026-6359: Use after free in Video. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-06 [491994185] High CVE-2026-6300: Use after free in CSS. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-12 [495273999] High CVE-2026-6301: Type Confusion in Turbofan. Reported by qymag1c on 2026-03-23 [495477995] High CVE-2026-6302: Use after free in Video. Reported by Syn4pse on 2026-03-24 [496282147] High CVE-2026-6303: Use after free in Codecs. Reported by Google on 2026-03-25 [496393742] High CVE-2026-6304: Use after free in Graphite. Reported by Google on 2026-03-26 [496618639] High CVE-2026-6305: Heap buffer overflow in PDFium. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-26 [496907110] High CVE-2026-6306: Heap buffer overflow in PDFium. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-27 [497404188] High CVE-2026-6307: Type Confusion in Turbofan. Reported by Project WhatForLunch (@pjwhatforlunch) on 2026-03-29 [497412658] High CVE-2026-6308: Out of bounds read in Media. Reported by Google on 2026-03-29 [497846428] High CVE-2026-6309: Use after free in Viz. Reported by Google on 2026-03-30 [497880137] High CVE-2026-6360: Use after free in FileSystem. Reported by asjidkalam on 2026-03-31 [497969820] High CVE-2026-6310: Use after free in Dawn. Reported by Google on 2026-03-31 [498201025] High CVE-2026-6311: Uninitialized Use in Accessibility. Reported by Google on 2026-03-31 [498269651] High CVE-2026-6312: Insufficient policy enforcement in Passwords. Reported by Google on 2026-03-31 [498765210] High CVE-2026-6313: Insufficient policy enforcement in CORS. Reported by Google on 2026-04-02 [498782145] High CVE-2026-6314: Out of bounds write in GPU. Reported by Google on 2026-04-02 [499247910] High CVE-2026-6315: Use after free in Permissions. Reported by Google on 2026-04-03 [499384399] High CVE-2026-6316: Use after free in Forms. Reported by Google on 2026-04-03 [500036290] High CVE-2026-6361: Heap buffer overflow in PDFium. Reported by Google on 2026-04-06 [500066234] High CVE-2026-6362: Use after free in Codecs. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-04-07 [500091052] High CVE-2026-6317: Use after free in Cast. Reported by Google on 2026-04-06 [495751197] Medium CVE-2026-6363: Type Confusion in V8. Reported by Google on 2026-03-24 [495996858] Medium CVE-2026-6318: Use after free in Codecs. Reported by Syn4pse on 2026-03-25 [499018889] Medium CVE-2026-6319: Use after free in Payments. Reported by pwn2addr on 2026-04-02 [502103414] Medium CVE-2026-6364: Out of bounds read in Skia. Reported by Google Threat Intelligence on 2026-04-13 Discovery 2026-04-15 Entry 2026-04-16 chromium < 147.0.7727.101 ungoogled-chromium < 147.0.7727.101 CVE-2026-6296 CVE-2026-6297 CVE-2026-6298 CVE-2026-6299 CVE-2026-6358 CVE-2026-6359 CVE-2026-6300 CVE-2026-6301 CVE-2026-6302 CVE-2026-6303 CVE-2026-6304 CVE-2026-6305 CVE-2026-6306 CVE-2026-6307 CVE-2026-6308 CVE-2026-6309 CVE-2026-6360 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6361 CVE-2026-6362 CVE-2026-6317 CVE-2026-6363 CVE-2026-6318 CVE-2026-6319 CVE-2026-6364 https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html
4b727a1a-5034-42b4-b29b-2289389f4ba8	chromium -- security fixes Chrome Releases reports: This update includes multiple security fixes: Critical CVE-2026-5858: Heap buffer overflow in WebML. Critical CVE-2026-5859: Integer overflow in WebML. High CVE-2026-5860: Use after free in WebRTC. High CVE-2026-5861: Use after free in V8. High CVE-2026-5862: Inappropriate implementation in V8. High CVE-2026-5863: Inappropriate implementation in V8. High CVE-2026-5864: Heap buffer overflow in WebAudio. High CVE-2026-5865: Type Confusion in V8. High CVE-2026-5866: Use after free in Media. High CVE-2026-5867: Heap buffer overflow in WebML. High CVE-2026-5868: Heap buffer overflow in ANGLE. High CVE-2026-5869: Heap buffer overflow in WebML. High CVE-2026-5870: Integer overflow in Skia. High CVE-2026-5871: Type Confusion in V8. High CVE-2026-5872: Use after free in Blink. High CVE-2026-5873: Out of bounds read and write in V8. Medium CVE-2026-5874: Use after free in PrivateAI. Medium CVE-2026-5875: Policy bypass in Blink. Medium CVE-2026-5876: Side-channel information leakage in Navigation. Medium CVE-2026-5877: Use after free in Navigation. Medium CVE-2026-5878: Incorrect security UI in Blink. Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE. Medium CVE-2026-5880: Incorrect security UI in browser UI. Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess. Medium CVE-2026-5882: Incorrect security UI in Fullscreen. Medium CVE-2026-5883: Use after free in Media. Medium CVE-2026-5884: Insufficient validation of untrusted input in Media. Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML. Medium CVE-2026-5886: Out of bounds read in WebAudio. Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads. Medium CVE-2026-5888: Uninitialized Use in WebCodecs. Medium CVE-2026-5889: Cryptographic Flaw in PDFium. Medium CVE-2026-5890: Race in WebCodecs. Medium CVE-2026-5891: Insufficient policy enforcement in browser UI. Medium CVE-2026-5892: Insufficient policy enforcement in PWAs. Medium CVE-2026-5893: Race in V8. Low CVE-2026-5894: Inappropriate implementation in PDF. Low CVE-2026-5895: Incorrect security UI in Omnibox. Low CVE-2026-5896: Policy bypass in Audio. Low CVE-2026-5897: Incorrect security UI in Downloads. Low CVE-2026-5898: Incorrect security UI in Omnibox. Low CVE-2026-5899: Incorrect security UI in History Navigation. Low CVE-2026-5900: Policy bypass in Downloads. Low CVE-2026-5901: Policy bypass in DevTools. Low CVE-2026-5902: Race in Media. Low CVE-2026-5903: Policy bypass in IFrameSandbox. Low CVE-2026-5904: Use after free in V8. Low CVE-2026-5905: Incorrect security UI in Permissions. Low CVE-2026-5906: Incorrect security UI in Omnibox. Low CVE-2026-5907: Insufficient data validation in Media. Low CVE-2026-5908: Integer overflow in Media. Low CVE-2026-5909: Integer overflow in Media. Low CVE-2026-5910: Integer overflow in Media. Low CVE-2026-5911: Policy bypass in ServiceWorkers. Low CVE-2026-5912: Integer overflow in WebRTC. Low CVE-2026-5913: Out of bounds read in Blink. Low CVE-2026-5914: Type Confusion in CSS. Low CVE-2026-5915: Insufficient validation of untrusted input in WebML. Low CVE-2026-5918: Inappropriate implementation in Navigation. Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets. Discovery 2026-04-07 Entry 2026-04-10 chromium < 147.0.7727.55 ungoogled-chromium < 147.0.7727.55 CVE-2026-5858 CVE-2026-5859 CVE-2026-5860 CVE-2026-5861 CVE-2026-5862 CVE-2026-5863 CVE-2026-5864 CVE-2026-5865 CVE-2026-5866 CVE-2026-5867 CVE-2026-5868 CVE-2026-5869 CVE-2026-5870 CVE-2026-5871 CVE-2026-5872 CVE-2026-5873 CVE-2026-5874 CVE-2026-5875 CVE-2026-5876 CVE-2026-5877 CVE-2026-5878 CVE-2026-5879 CVE-2026-5880 CVE-2026-5881 CVE-2026-5882 CVE-2026-5883 CVE-2026-5884 CVE-2026-5885 CVE-2026-5886 CVE-2026-5887 CVE-2026-5888 CVE-2026-5889 CVE-2026-5890 CVE-2026-5891 CVE-2026-5892 CVE-2026-5893 CVE-2026-5894 CVE-2026-5895 CVE-2026-5896 CVE-2026-5897 CVE-2026-5898 CVE-2026-5899 CVE-2026-5900 CVE-2026-5901 CVE-2026-5902 CVE-2026-5903 CVE-2026-5904 CVE-2026-5905 CVE-2026-5906 CVE-2026-5907 CVE-2026-5908 CVE-2026-5909 CVE-2026-5910 CVE-2026-5911 CVE-2026-5912 CVE-2026-5913 CVE-2026-5914 CVE-2026-5915 CVE-2026-5918 CVE-2026-5919 https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html

VuXML ID

Description

d93c247b-4dba-43ce-b5c0-ac5bd03bea8d

chromium -- security fixes

Chrome Releases reports:

This update includes 31 security fixes:

[490170083] Critical CVE-2026-6296: Heap buffer overflow in ANGLE. Reported by cinzinga on 2026-03-05

[493628982] Critical CVE-2026-6297: Use after free in Proxy. Reported by heapracer on 2026-03-17

[495700484] Critical CVE-2026-6298: Heap buffer overflow in Skia. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-24

[497053588] Critical CVE-2026-6299: Use after free in Prerender. Reported by Google on 2026-03-28

[497724498] Critical CVE-2026-6358: Use after free in XR. Reported by Jihyeon Jeong (Compsec Lab, Seoul National University / Research Intern) on 2026-03-30

[490251701] High CVE-2026-6359: Use after free in Video. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-06

[491994185] High CVE-2026-6300: Use after free in CSS. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-03-12

[495273999] High CVE-2026-6301: Type Confusion in Turbofan. Reported by qymag1c on 2026-03-23

[495477995] High CVE-2026-6302: Use after free in Video. Reported by Syn4pse on 2026-03-24

[496282147] High CVE-2026-6303: Use after free in Codecs. Reported by Google on 2026-03-25

[496393742] High CVE-2026-6304: Use after free in Graphite. Reported by Google on 2026-03-26

[496618639] High CVE-2026-6305: Heap buffer overflow in PDFium. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-26

[496907110] High CVE-2026-6306: Heap buffer overflow in PDFium. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-27

[497404188] High CVE-2026-6307: Type Confusion in Turbofan. Reported by Project WhatForLunch (@pjwhatforlunch) on 2026-03-29

[497412658] High CVE-2026-6308: Out of bounds read in Media. Reported by Google on 2026-03-29

[497846428] High CVE-2026-6309: Use after free in Viz. Reported by Google on 2026-03-30

[497880137] High CVE-2026-6360: Use after free in FileSystem. Reported by asjidkalam on 2026-03-31

[497969820] High CVE-2026-6310: Use after free in Dawn. Reported by Google on 2026-03-31

[498201025] High CVE-2026-6311: Uninitialized Use in Accessibility. Reported by Google on 2026-03-31

[498269651] High CVE-2026-6312: Insufficient policy enforcement in Passwords. Reported by Google on 2026-03-31

[498765210] High CVE-2026-6313: Insufficient policy enforcement in CORS. Reported by Google on 2026-04-02

[498782145] High CVE-2026-6314: Out of bounds write in GPU. Reported by Google on 2026-04-02

[499247910] High CVE-2026-6315: Use after free in Permissions. Reported by Google on 2026-04-03

[499384399] High CVE-2026-6316: Use after free in Forms. Reported by Google on 2026-04-03

[500036290] High CVE-2026-6361: Heap buffer overflow in PDFium. Reported by Google on 2026-04-06

[500066234] High CVE-2026-6362: Use after free in Codecs. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-04-07

[500091052] High CVE-2026-6317: Use after free in Cast. Reported by Google on 2026-04-06

[495751197] Medium CVE-2026-6363: Type Confusion in V8. Reported by Google on 2026-03-24

[495996858] Medium CVE-2026-6318: Use after free in Codecs. Reported by Syn4pse on 2026-03-25

[499018889] Medium CVE-2026-6319: Use after free in Payments. Reported by pwn2addr on 2026-04-02

[502103414] Medium CVE-2026-6364: Out of bounds read in Skia. Reported by Google Threat Intelligence on 2026-04-13

Discovery 2026-04-15
Entry 2026-04-16
chromium

< 147.0.7727.101

ungoogled-chromium

< 147.0.7727.101

CVE-2026-6296
CVE-2026-6297
CVE-2026-6298
CVE-2026-6299
CVE-2026-6358
CVE-2026-6359
CVE-2026-6300
CVE-2026-6301
CVE-2026-6302
CVE-2026-6303
CVE-2026-6304
CVE-2026-6305
CVE-2026-6306
CVE-2026-6307
CVE-2026-6308
CVE-2026-6309
CVE-2026-6360
CVE-2026-6310
CVE-2026-6311
CVE-2026-6312
CVE-2026-6313
CVE-2026-6314
CVE-2026-6315
CVE-2026-6316
CVE-2026-6361
CVE-2026-6362
CVE-2026-6317
CVE-2026-6363
CVE-2026-6318
CVE-2026-6319
CVE-2026-6364
https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_15.html

4b727a1a-5034-42b4-b29b-2289389f4ba8

chromium -- security fixes

Chrome Releases reports:

This update includes multiple security fixes:

Critical CVE-2026-5858: Heap buffer overflow in WebML.

Critical CVE-2026-5859: Integer overflow in WebML.

High CVE-2026-5860: Use after free in WebRTC.

High CVE-2026-5861: Use after free in V8.

High CVE-2026-5862: Inappropriate implementation in V8.

High CVE-2026-5863: Inappropriate implementation in V8.

High CVE-2026-5864: Heap buffer overflow in WebAudio.

High CVE-2026-5865: Type Confusion in V8.

High CVE-2026-5866: Use after free in Media.

High CVE-2026-5867: Heap buffer overflow in WebML.

High CVE-2026-5868: Heap buffer overflow in ANGLE.

High CVE-2026-5869: Heap buffer overflow in WebML.

High CVE-2026-5870: Integer overflow in Skia.

High CVE-2026-5871: Type Confusion in V8.

High CVE-2026-5872: Use after free in Blink.

High CVE-2026-5873: Out of bounds read and write in V8.

Medium CVE-2026-5874: Use after free in PrivateAI.

Medium CVE-2026-5875: Policy bypass in Blink.

Medium CVE-2026-5876: Side-channel information leakage in Navigation.

Medium CVE-2026-5877: Use after free in Navigation.

Medium CVE-2026-5878: Incorrect security UI in Blink.

Medium CVE-2026-5879: Insufficient validation of untrusted input in ANGLE.

Medium CVE-2026-5880: Incorrect security UI in browser UI.

Medium CVE-2026-5881: Policy bypass in LocalNetworkAccess.

Medium CVE-2026-5882: Incorrect security UI in Fullscreen.

Medium CVE-2026-5883: Use after free in Media.

Medium CVE-2026-5884: Insufficient validation of untrusted input in Media.

Medium CVE-2026-5885: Insufficient validation of untrusted input in WebML.

Medium CVE-2026-5886: Out of bounds read in WebAudio.

Medium CVE-2026-5887: Insufficient validation of untrusted input in Downloads.

Medium CVE-2026-5888: Uninitialized Use in WebCodecs.

Medium CVE-2026-5889: Cryptographic Flaw in PDFium.

Medium CVE-2026-5890: Race in WebCodecs.

Medium CVE-2026-5891: Insufficient policy enforcement in browser UI.

Medium CVE-2026-5892: Insufficient policy enforcement in PWAs.

Medium CVE-2026-5893: Race in V8.

Low CVE-2026-5894: Inappropriate implementation in PDF.

Low CVE-2026-5895: Incorrect security UI in Omnibox.

Low CVE-2026-5896: Policy bypass in Audio.

Low CVE-2026-5897: Incorrect security UI in Downloads.

Low CVE-2026-5898: Incorrect security UI in Omnibox.

Low CVE-2026-5899: Incorrect security UI in History Navigation.

Low CVE-2026-5900: Policy bypass in Downloads.

Low CVE-2026-5901: Policy bypass in DevTools.

Low CVE-2026-5902: Race in Media.

Low CVE-2026-5903: Policy bypass in IFrameSandbox.

Low CVE-2026-5904: Use after free in V8.

Low CVE-2026-5905: Incorrect security UI in Permissions.

Low CVE-2026-5906: Incorrect security UI in Omnibox.

Low CVE-2026-5907: Insufficient data validation in Media.

Low CVE-2026-5908: Integer overflow in Media.

Low CVE-2026-5909: Integer overflow in Media.

Low CVE-2026-5910: Integer overflow in Media.

Low CVE-2026-5911: Policy bypass in ServiceWorkers.

Low CVE-2026-5912: Integer overflow in WebRTC.

Low CVE-2026-5913: Out of bounds read in Blink.

Low CVE-2026-5914: Type Confusion in CSS.

Low CVE-2026-5915: Insufficient validation of untrusted input in WebML.

Low CVE-2026-5918: Inappropriate implementation in Navigation.

Low CVE-2026-5919: Insufficient validation of untrusted input in WebSockets.

Discovery 2026-04-07
Entry 2026-04-10
chromium

< 147.0.7727.55

ungoogled-chromium

< 147.0.7727.55

CVE-2026-5858
CVE-2026-5859
CVE-2026-5860
CVE-2026-5861
CVE-2026-5862
CVE-2026-5863
CVE-2026-5864
CVE-2026-5865
CVE-2026-5866
CVE-2026-5867
CVE-2026-5868
CVE-2026-5869
CVE-2026-5870
CVE-2026-5871
CVE-2026-5872
CVE-2026-5873
CVE-2026-5874
CVE-2026-5875
CVE-2026-5876
CVE-2026-5877
CVE-2026-5878
CVE-2026-5879
CVE-2026-5880
CVE-2026-5881
CVE-2026-5882
CVE-2026-5883
CVE-2026-5884
CVE-2026-5885
CVE-2026-5886
CVE-2026-5887
CVE-2026-5888
CVE-2026-5889
CVE-2026-5890
CVE-2026-5891
CVE-2026-5892
CVE-2026-5893
CVE-2026-5894
CVE-2026-5895
CVE-2026-5896
CVE-2026-5897
CVE-2026-5898
CVE-2026-5899
CVE-2026-5900
CVE-2026-5901
CVE-2026-5902
CVE-2026-5903
CVE-2026-5904
CVE-2026-5905
CVE-2026-5906
CVE-2026-5907
CVE-2026-5908
CVE-2026-5909
CVE-2026-5910
CVE-2026-5911
CVE-2026-5912
CVE-2026-5913
CVE-2026-5914
CVE-2026-5915
CVE-2026-5918
CVE-2026-5919
https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html