|
21
|
8.8 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stac…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-11413
|
2026-06-6 23:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
8.8 |
HIGH
Network
|
-
|
-
|
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11211
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
5.9 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. (Chromium …
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11199
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
7.8 |
HIGH
Local
|
-
|
-
|
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-11103
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
7.8 |
HIGH
Local
|
-
|
-
|
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium)
New
|
CWE-416
Use After Free
|
CVE-2026-11072
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a s…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-10971
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
6.1 |
MEDIUM
Physics
|
-
|
-
|
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. (Chromium security sever…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-11229
|
2026-06-6 21:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
- |
|
-
|
-
|
Protocol::HTTP2 versions through 1.12 for Perl is vulnerable to a HTTP/2 Bomb.
Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large ser…
New
|
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-10725
|
2026-06-6 21:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Jinher OA C6. The affected element is an unknown function of the file /C6/JHSoft.Web.ModuleCount/GetFormSn.aspx. Executing a manipulation of the argument queryID can…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11412
|
2026-06-6 20:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
4.4 |
MEDIUM
Local
|
-
|
-
|
A security flaw has been discovered in iAI Lab PDF AI App 4.21.0 on Android. Impacted is the function getExternalCacheDir of the component chatpdf.pro. Performing a manipulation of the argument _disp…
New
|
CWE-22
Path Traversal
|
CVE-2026-11411
|
2026-06-6 20:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
