|
411
|
- |
|
-
|
-
|
A Missing Required Cryptographic Step vulnerability has been identified in Moxa's embedded Linux firmware for industrial computers and controllers. This vulnerability represents an incomplete remedia…
New
|
CWE-325
Missing Required Cryptographic Step
|
CVE-2026-9266
|
2026-06-13 01:06 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
412
|
8.7 |
HIGH
Network
|
-
|
-
|
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, Symbol.for override in setup-sandbox.js only intercepts 2 of 9 dangerous Node.js cross-realm symbols. Combined with the bridge's…
New
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-47135
|
2026-06-13 01:03 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
413
|
10.0 |
CRITICAL
Network
|
-
|
-
|
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the fix for GHSA-8hg8-63c5-gwmx (CVE-2023-37903) introduced a check in nodevm.js line 263 that blocks the combination nesting: t…
New
|
CWE-913
Improper Control of Dynamically-Managed Code Resources
|
CVE-2026-47137
|
2026-06-13 01:03 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
414
|
8.6 |
HIGH
Network
|
-
|
-
|
vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, the BaseHandler.set trap in bridge.js (line 1231) ignores the receiver parameter and unconditionally writes to the host target o…
New
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-47209
|
2026-06-13 01:03 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
415
|
- |
|
-
|
-
|
Nuxt is an open-source web development framework for Vue.js. From versions 3.4.3 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6, navigateTo() with external: true generates a server-side HTML redi…
New
|
CWE-83
Improper Neutralization of Script in Attributes in a Web Page
|
CVE-2026-45669
|
2026-06-13 01:01 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
416
|
- |
|
-
|
-
|
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incompl…
New
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2026-45670
|
2026-06-13 01:01 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
417
|
- |
|
-
|
-
|
Nuxt is an open-source web development framework for Vue.js. In Nuxt versions 3.1.0 to before 3.21.6 and 4.0.0-alpha.1 to before 4.4.6 and @nuxt/nitro-server versions 3.20.0 to before 3.21.6 and 4.0.…
New
|
CWE-79
CWE-349
CWE-444
Cross-site Scripting
Acceptance of Extraneous Untrusted Data With Trusted Data
HTTP Request Smuggling
|
CVE-2026-46342
|
2026-06-13 01:01 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
418
|
- |
|
-
|
-
|
Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder from versions 3.15.4 to before 3.21.7 and 4.0.0 to before 4.4.7, there is an incomplete …
New
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2026-49993
|
2026-06-13 01:01 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
419
|
- |
|
-
|
-
|
Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch bet…
New
|
CWE-178
CWE-863
Improper Handling of Case Sensitivity
Incorrect Authorization
|
CVE-2026-53721
|
2026-06-13 01:01 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
420
|
- |
|
-
|
-
|
Nuxt is an open-source web development framework for Vue.js. Prior to versions 3.21.7 and 4.4.7, <NuxtLink> did not validate the URL scheme of values bound to its to or href props before rendering th…
New
|
CWE-79
CWE-83
Cross-site Scripting
Improper Neutralization of Script in Attributes in a Web Page
|
CVE-2026-53722
|
2026-06-13 01:01 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
