Browser

This hub aggregates every CVE we track for Browser, a product in the hardware firmware space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Browser.

• CVE-2025-12046A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to execute code with elevated privileges under certain...7.8Dec 10, 2025
• CVE-2025-10495A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker...7.5Nov 12, 2025
• CVE-2025-9201A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges.7.8Sep 11, 2025
• CVE-2025-4657A buffer overflow vulnerability was reported in the Lenovo Protection Driver, prior to version 5.1.1110.4231, used in Lenovo PC Manager, Lenovo Browser, and Lenovo App Store could allow a local att...6.7Jul 17, 2025
• CVE-2025-6248A cross-site scripting (XSS) vulnerability was reported in the Lenovo Browser that could allow an attacker to obtain sensitive information if a user visits a web page with specially crafted content.7.4Jul 17, 2025
• CVE-2025-6152Steel Browser files.routes.ts handleFileUpload path traversal6.3Jun 17, 2025
• CVE-2023-26226A use after free memory corruption issue exists in Yandex Browser for Desktop prior to version 24.4.0.6829.8May 30, 2025
• CVE-2021-25262Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.5.4May 21, 2025
• CVE-2024-10254A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.4.7Jan 14, 2025
• CVE-2024-10253A potential TOCTOU vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash.4.7Jan 14, 2025
• CVE-2024-6473DLL Hijacking in Yandex Browser7.8Sep 3, 2024
• CVE-2023-52263Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. This is related to browser/brave_content_browser_client.cc and browser/ui/webui/brave_web_ui_contr...6.1Dec 30, 2023
• CVE-2023-28364An Open Redirect vulnerability exists prior to version 1.52.117, where the built-in QR scanner in Brave Browser Android navigated to scanned URLs automatically without showing the URL first. Now th...6.1Jun 30, 2023
• CVE-2021-22917Brave Browser Desktop between versions 1.17 and 1.20 is vulnerable to information disclosure by way of DNS requests in Tor windows not flowing through Tor if adblocking was enabled.6.5Jul 12, 2021
• CVE-2019-13322This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in tha...8.8Feb 10, 2020