|
721
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a craf…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11128
|
2026-06-9 12:05 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
722
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from pr…
New
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11669
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
723
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High)
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11668
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
724
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in Printing in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted…
New
|
CWE-416
Use After Free
|
CVE-2026-11647
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
725
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
New
|
CWE-416
Use After Free
|
CVE-2026-11638
|
2026-06-9 11:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
726
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proc…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11005
|
2026-06-9 11:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
727
|
- |
|
-
|
-
|
Routinator does not properly check the module component of rsync URIs, which are used to create the file system paths for the Routinator cache. This allows for path traversal by having a module name …
New
|
CWE-22
Path Traversal
|
CVE-2026-49233
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
728
|
- |
|
-
|
-
|
When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes.
This only affects users who allow API access from untrusted n…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-49234
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
729
|
- |
|
-
|
-
|
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes.
New
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-49235
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
730
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in 389 Directory Server. The Content Synchronization persistent search plugin allows unbounded memory growth when an authenticated client stops reading sync responses, enabling denia…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-11611
|
2026-06-9 11:08 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
