|
2991
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruptio…
|
CWE-416
Use After Free
|
CVE-2026-9990
|
2026-06-2 03:15 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2992
|
3.1 |
LOW
Network
|
google
|
chrome
|
Inappropriate implementation in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HT…
|
CWE-200
Information Exposure
|
CVE-2026-9991
|
2026-06-2 03:15 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2993
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-9996
|
2026-06-2 03:14 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2994
|
10.0 |
CRITICAL
Network
|
-
|
-
|
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (pull-request.yaml) executes attacker-controlled code from fork pull requests i…
|
CWE-94
Code Injection
|
CVE-2026-45131
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2995
|
10.0 |
CRITICAL
Network
|
-
|
-
|
CloudPirates Open Source Helm Charts is a collection of Helm charts. Prior to commit fcf9302, a GitHub Actions workflow (generate-schema.yaml) exposes sensitive credentials (Personal Access Token and…
|
CWE-94
Code Injection
|
CVE-2026-45132
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2996
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 33.0.0 to before version 33.1.0, after unlocking a locked Android phone the back-button could be used to bypass the Nextcloud …
|
CWE-287
Improper Authentication
|
CVE-2026-45153
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2997
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From version 2.6.0 to before version 4.3.0, when a previous collective pages was deleted and the collective was shared view-only, guests wi…
|
CWE-284
Improper Access Control
|
CVE-2026-45154
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2998
|
2.6 |
LOW
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.7 and 33.0.0 to before 33.0.1, a missing access check on API level allowed to add u…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-45155
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2999
|
8.1 |
HIGH
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. From versions 0.3.0 to before 3.1.0, 5.0.0 to before 5.1.0, and 6.0.0 to before 6.4.0, a missing signature verification in User OIDC allowe…
|
CWE-287
Improper Authentication
|
CVE-2026-45156
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3000
|
6.3 |
MEDIUM
Network
|
-
|
-
|
Nextcloud is an open source content collaboration platform. In Nextcloud Server from versions 32.0.0 to before 32.0.9, and 33.0.0 to before 33.0.3, when a malicious user has access to a file share of…
|
CWE-284
Improper Access Control
|
CVE-2026-45157
|
2026-06-2 03:14 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
