|
1941
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape …
|
CWE-20
Improper Input Validation
|
CVE-2026-11113
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1942
|
7.4 |
HIGH
Network
|
google
|
chrome
|
Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-10973
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1943
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-10972
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1944
|
7.4 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via …
|
CWE-20
Improper Input Validation
|
CVE-2026-10968
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1945
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:…
|
CWE-20
Improper Input Validation
|
CVE-2026-10966
|
2026-06-9 04:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1946
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). This issue uniquely…
|
CWE-78
OS Command
|
CVE-2026-25620
|
2026-06-9 04:15 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1947
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW) due to insecure input validation. This issue uniquely affects versi…
|
CWE-78
OS Command
|
CVE-2026-25621
|
2026-06-9 04:13 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1948
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). On affected platforms, an administrative account logg…
|
CWE-78
OS Command
|
CVE-2026-25622
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1949
|
6.0 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Authenticated administrators c…
|
CWE-78
OS Command
|
CVE-2026-25623
|
2026-06-9 04:10 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1950
|
4.8 |
MEDIUM
Network
|
arista
|
ng_firewall
|
An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall (NGFW). Unvalidated use…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25624
|
2026-06-9 04:08 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
