|
1271
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
CWE-94
Code Injection
|
CVE-2026-9976
|
2026-05-30 01:43 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1272
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9978
|
2026-05-30 01:43 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1273
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-843
Type Confusion
|
CVE-2026-9983
|
2026-05-30 01:42 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1274
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9984
|
2026-05-30 01:42 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1275
|
7.8 |
HIGH
Local
|
google
|
chrome
|
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 148.0.7778.216 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium sec…
|
CWE-20
Improper Input Validation
|
CVE-2026-9987
|
2026-05-30 01:41 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1276
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9992
|
2026-05-30 01:41 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1277
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-9995
|
2026-05-30 01:40 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1278
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.9 before 18.10.7, 18.11 before 18.11.4, and 19.0 before 19.0.1 that under certain conditions could have allowed a blocked…
|
CWE-863
Incorrect Authorization
|
CVE-2026-9807
|
2026-05-30 01:40 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1279
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name r…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-10064
|
2026-05-30 01:33 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1280
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Plesk contains an XPath injection vulnerability in the APS Application Catalog search functionality, where user-supplied input is interpolated into XPath queries without proper sanitization. This all…
|
CWE-643
XPath Injection
|
CVE-2026-44962
|
2026-05-30 01:33 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
