|
3941
|
7.0 |
HIGH
Local
|
milvus
|
milvus
|
A vulnerability has been found in milvus-io milvus up to 2.6.13. This vulnerability affects unknown code of the file internal/metastore/kv/rootcoord/kv_catalog.go of the component Grantee ID Hash Han…
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-10814
|
2026-06-11 02:32 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3942
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafte…
|
CWE-451
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11228
|
2026-06-11 02:25 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3943
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Type Confusion in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted XML file. (Chromium security seve…
|
CWE-843
Type Confusion
|
CVE-2026-11196
|
2026-06-11 02:25 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3944
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2025
|
Out-of-bounds read in Windows DWM Core Library allows an authorized attacker to disclose information locally.
|
CWE-125
Out-of-bounds Read
|
CVE-2026-48566
|
2026-06-11 02:19 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3945
|
7.9 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-48568
|
2026-06-11 02:18 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3946
|
7.9 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-48570
|
2026-06-11 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3947
|
8.3 |
HIGH
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, there is an authentication bypass vulnerability via 'api' substring in URL + unau…
|
CWE-287
CWE-306
CWE-697
Improper Authentication
Missing Authentication for Critical Function
Incorrect Comparison
|
CVE-2026-45567
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3948
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the login flow allow-lists next URLs by rejecting strings containing https:// or …
|
CWE-601
Open Redirect
|
CVE-2026-45566
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3949
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/{version,uptime,status,checks}/<server_ip> family of routes takes…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-45561
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3950
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, wrap_line (app/modules/common/common.py:181-186) and highlight_word (app/modules/…
|
CWE-79
Cross-site Scripting
|
CVE-2026-45560
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
