|
291
|
5.3 |
MEDIUM
Adjacent
|
-
|
-
|
OpenTelemetry-cpp is the C++ implementation of OpenTelemetry. Prior to release 1.27.0, the OTLP HTTP exporters (traces/metrics/logs) read the full HTTP response into an in-memory vector of bytes with…
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-44967
|
2026-06-13 02:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
292
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to restrict role_updated websocket event broadcasts to members of the affected team or channel wh…
New
|
CWE-200
Information Exposure
|
CVE-2026-3433
|
2026-06-13 02:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
293
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Crypt::PBKDF2 versions before 0.261630 for Perl are vulnerable to timing attacks.
These versions use Perl's built-in eq comparison. Discrepancies in timing could be used to guess the underlying deri…
New
|
CWE-208
Information Exposure Through Timing Discrepancy
|
CVE-2017-20240
|
2026-06-13 02:16 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
294
|
8.1 |
HIGH
Network
|
google
|
chrome
|
Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. (Chromium…
New
|
CWE-416
Use After Free
|
CVE-2026-12012
|
2026-06-13 02:12 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
295
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Media in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-416
Use After Free
|
CVE-2026-12013
|
2026-06-13 02:12 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
296
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
New
|
CWE-416
Use After Free
|
CVE-2026-12008
|
2026-06-13 02:10 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
297
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
New
|
CWE-416
Use After Free
|
CVE-2026-12007
|
2026-06-13 02:08 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
298
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2019
windows_server_2022
windows_server_2025
|
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Update
|
CWE-416
Use After Free
|
CVE-2026-44802
|
2026-06-13 02:05 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
299
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_26h1
|
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Update
|
CWE-416
Use After Free
|
CVE-2026-44804
|
2026-06-13 02:02 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300
|
7.8 |
HIGH
Local
|
microsoft
|
windows_11_26h1
|
Use after free in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
Update
|
CWE-416
Use After Free
|
CVE-2026-44807
|
2026-06-13 02:01 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
