Protecting Privacy Build Trust

Protecting Privacy Build Trust
Menu
  • Contact Us
Request Demo
Protecting Privacy Build Trust

Privacy Trust

on February 19, 2026 at 2:49 am — Chromium: CVE-2026-2316 Insufficient policy enforcement in Frames 

Leave a Comment / Threats & Vulnerabilities /

This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information. 

on February 19, 2026 at 2:49 am — Chromium: CVE-2026-2316 Insufficient policy enforcement in Frames  Read More »

on February 18, 2026 at 10:45 am — CVE-2020-36425 An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock. 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 10:45 am — CVE-2020-36425 An issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly uses a revocationDate check when deciding whether to honor certificate revocation via a CRL. In some situations, an attacker can exploit this by changing the local clock.  Read More »

on February 18, 2026 at 9:07 am — CVE-2021-22918 Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo(). 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 9:07 am — CVE-2021-22918 Node.js before 16.4.1 14.17.2 12.22.2 is vulnerable to an out-of-bounds read when uv__idna_toascii() is used to convert strings to ASCII. The pointer p is read and increased without checking whether it is beyond pe with the latter holding a pointer to the end of the buffer. This can lead to information disclosures or crashes. This function can be triggered via uv_getaddrinfo().  Read More »

on February 18, 2026 at 10:23 am — CVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service. 

Leave a Comment / Threats & Vulnerabilities /

Information published. 

on February 18, 2026 at 10:23 am — CVE-2021-3636 It was found in OpenShift before version 4.8 that the generated certificate for the in-cluster Service CA incorrectly included additional certificates. The Service CA is automatically mounted into all pods allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service.  Read More »