|
521
|
6.5 |
MEDIUM
Network
|
misp
|
misp
|
A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method. Due to missing parentheses in the delete condition, the e…
Update
|
CWE-863
Incorrect Authorization
|
CVE-2026-10860
|
2026-06-8 22:54 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
522
|
7.5 |
HIGH
Network
|
microsoft
|
copilot
|
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
New
|
CWE-77
Command Injection
|
CVE-2026-42824
|
2026-06-8 22:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
523
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted H…
New
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-11027
|
2026-06-8 22:45 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
524
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Medium)
New
|
CWE-416
Use After Free
|
CVE-2026-11030
|
2026-06-8 22:44 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
525
|
4.3 |
MEDIUM
Network
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 9.11 through 26.00 contain a heap out-of-bounds read of up to 3 bytes in the UDF disc image handler's File Identifier Descriptor parse…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48102
|
2026-06-8 22:43 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
526
|
6.5 |
MEDIUM
Network
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an An uninitialized memory disclosure vulnerability in the UEFI capsule (.scap) parser in 7-Zip. The OpenCa…
New
|
CWE-908
Use of Uninitialized Resource
|
CVE-2026-48101
|
2026-06-8 22:41 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
527
|
8.8 |
HIGH
Network
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCu…
New
|
CWE-190
CWE-787
Integer Overflow or Wraparound
Out-of-bounds Write
|
CVE-2026-48095
|
2026-06-8 22:40 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
528
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium securi…
New
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-11031
|
2026-06-8 22:40 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
529
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi…
New
|
CWE-346
Origin Validation Error
|
CVE-2026-11032
|
2026-06-8 22:39 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
530
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in WebML in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium …
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11033
|
2026-06-8 22:39 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
