|
21
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in WebShare in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
New
|
CWE-416
Use After Free
|
CVE-2026-11010
|
2026-06-7 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-416
Use After Free
|
CVE-2026-11009
|
2026-06-7 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11006
|
2026-06-7 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory …
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11004
|
2026-06-7 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. …
New
|
CWE-416
Use After Free
|
CVE-2026-11002
|
2026-06-7 03:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in theonedev onedev up to 15.0.5. Affected by this vulnerability is an unknown functionality of the file /projects. The manipulation of the argument project.forkedFromI…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-11438
|
2026-06-7 02:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-11437
|
2026-06-7 02:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
4.2 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted …
New
|
CWE-290
CWE-451
Authentication Bypass by Spoofing
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11001
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proces…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-10999
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-10994
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
