|
511
|
5.0 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged u…
Update
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-10533
|
2026-06-8 23:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
512
|
4.3 |
MEDIUM
Network
|
misp
|
misp
|
An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already e…
Update
|
CWE-862
Missing Authorization
|
CVE-2026-10855
|
2026-06-8 23:03 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
513
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a…
Update
|
CWE-284
Improper Access Control
|
CVE-2026-11275
|
2026-06-8 23:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
514
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Update
|
CWE-352
Origin Validation Error
|
CVE-2026-11270
|
2026-06-8 23:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
515
|
8.6 |
HIGH
Network
|
vertex-app
|
vertex
|
Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.…
Update
|
CWE-22
Path Traversal
|
CVE-2024-40646
|
2026-06-8 22:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
516
|
6.1 |
MEDIUM
Network
|
misp
|
misp
|
A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation …
Update
|
CWE-601
Open Redirect
|
CVE-2026-10856
|
2026-06-8 22:59 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
517
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data vi…
Update
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-11263
|
2026-06-8 22:58 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
518
|
7.5 |
HIGH
Network
|
microsoft
|
copilot_chat
|
Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a netw…
Update
|
CWE-74
Injection
|
CVE-2026-47644
|
2026-06-8 22:57 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
519
|
6.1 |
MEDIUM
Network
|
misp
|
misp
|
An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination w…
Update
|
CWE-601
Open Redirect
|
CVE-2026-10861
|
2026-06-8 22:56 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
520
|
8.8 |
HIGH
Network
|
microsoft
|
copilot
|
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.
Update
|
CWE-77
Command Injection
|
CVE-2026-45497
|
2026-06-8 22:55 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
