|
1121
|
6.5 |
MEDIUM
Network
|
-
|
-
|
An uncaught exception in the /application/job/update/{id} endpoint of FastapiAdmin v2.2.0 allows authenticated attackers with the module_task:job:update permission to cause a Denial of Service (DoS) …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-36724
|
2026-06-11 05:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1122
|
6.1 |
MEDIUM
Network
|
-
|
-
|
A markdown based cross-site scripting (XSS) vulnerability in the /system/notice/create endpoint of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafte…
|
CWE-79
Cross-site Scripting
|
CVE-2026-36725
|
2026-06-11 05:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1123
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A markdown based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted pa…
|
CWE-79
Cross-site Scripting
|
CVE-2026-36728
|
2026-06-11 05:15 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1124
|
- |
|
-
|
-
|
A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges.
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-6444
|
2026-06-11 05:13 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1125
|
- |
|
-
|
-
|
A flaw exists in FlashArray Purity where insufficient filtering of certain data paths could expose sensitive information to an authenticated user with low privileges.
|
CWE-939
Improper Authorization in Handler for Custom URL Scheme
|
CVE-2026-6445
|
2026-06-11 05:13 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1126
|
- |
|
-
|
-
|
CleanWipe Removal Tool (macOS), prior to 16.0.0.65, may be susceptible to an Local Privilege Escalation vulnerability, which is a type of issue whereby an attacker with limited privilege access on an…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2026-11626
|
2026-06-11 05:13 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1127
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2025
|
Access of resource using incompatible type ('type confusion') in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.
|
CWE-843
Type Confusion
|
CVE-2026-45600
|
2026-06-11 05:03 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1128
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2016
windows_server_2019
w…
|
Trust boundary violation in Windows Attestation allows an authorized attacker to elevate privileges locally.
|
CWE-501
Trust Boundary Violation
|
CVE-2026-33828
|
2026-06-11 05:00 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1129
|
7.0 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
|
CWE-416
Use After Free
|
CVE-2026-34335
|
2026-06-11 04:59 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1130
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
|
CWE-122
CWE-197
Heap-based Buffer Overflow
Numeric Truncation Error
|
CVE-2026-40404
|
2026-06-11 04:58 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
