|
2771
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scri…
|
CWE-20
CWE-79
Improper Input Validation
Cross-site Scripting
|
CVE-2026-11273
|
2026-06-8 23:17 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2772
|
5.0 |
MEDIUM
Network
|
redhat
|
openshift_container_platform
|
A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged u…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-10533
|
2026-06-8 23:09 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2773
|
4.3 |
MEDIUM
Network
|
misp
|
misp
|
An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already e…
|
CWE-862
Missing Authorization
|
CVE-2026-10855
|
2026-06-8 23:03 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2774
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a…
|
CWE-284
Improper Access Control
|
CVE-2026-11275
|
2026-06-8 23:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2775
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
|
CWE-352
Origin Validation Error
|
CVE-2026-11270
|
2026-06-8 23:00 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2776
|
8.6 |
HIGH
Network
|
vertex-app
|
vertex
|
Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.…
|
CWE-22
Path Traversal
|
CVE-2024-40646
|
2026-06-8 22:59 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2777
|
6.1 |
MEDIUM
Network
|
misp
|
misp
|
A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation …
|
CWE-601
Open Redirect
|
CVE-2026-10856
|
2026-06-8 22:59 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2778
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data vi…
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-11263
|
2026-06-8 22:58 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2779
|
7.5 |
HIGH
Network
|
microsoft
|
copilot_chat
|
Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a netw…
|
CWE-74
Injection
|
CVE-2026-47644
|
2026-06-8 22:57 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2780
|
6.1 |
MEDIUM
Network
|
misp
|
misp
|
An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination w…
|
CWE-601
Open Redirect
|
CVE-2026-10861
|
2026-06-8 22:56 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
