|
2401
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results …
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-10070
|
2026-05-30 03:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2402
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in Shibby Tomato 1.28. The affected element is the function send of the file usr/sbin/miniupnpd of the component SUBSCRIBE Call Handler. This manipulation causes server-side req…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10068
|
2026-05-30 03:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2403
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-10019
|
2026-05-30 03:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2404
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-10018
|
2026-05-30 03:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2405
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-787
Out-of-bounds Write
|
CVE-2026-9896
|
2026-05-30 03:08 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2406
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9897
|
2026-05-30 03:08 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2407
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page…
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-9909
|
2026-05-30 03:07 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2408
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2026-9910
|
2026-05-30 02:56 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2409
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9927
|
2026-05-30 02:49 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2410
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
CWE-125
Out-of-bounds Read
|
CVE-2026-9928
|
2026-05-30 02:49 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
