|
221
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Printing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. …
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11093
|
2026-06-9 00:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
Update
|
CWE-416
Use After Free
|
CVE-2026-11094
|
2026-06-9 00:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
223
|
9.9 |
CRITICAL
Network
|
termix
|
termix
|
Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/file_manager/ssh/resolvePath endpoint in Termix is v…
Update
|
CWE-78
OS Command
|
CVE-2026-45744
|
2026-06-9 00:25 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
224
|
9.6 |
CRITICAL
Network
|
guardrailsai
|
guardrails_ai
|
Guardrails AI is a Python framework that helps build AI applications. On May 11, 2026 at approximately 6:00 PM Pacific, an attacker published a malicious version of `guardrails-ai` (0.10.1) to PyPI. …
New
|
CWE-506
Embedded Malicious Code
|
CVE-2026-45758
|
2026-06-9 00:22 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
225
|
7.8 |
HIGH
Local
|
bitdefender
|
napoca
|
Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bios_handlers.c. The handler comput…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10046
|
2026-06-9 00:18 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
226
|
7.8 |
HIGH
Local
|
bitdefender
|
napoca
|
The Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the real-mode hook handler, implemented in napoca/kernel/handler.c. The handler uses a guest-controlled S…
Update
|
CWE-787
Out-of-bounds Write
|
CVE-2026-10047
|
2026-06-9 00:17 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
227
|
5.8 |
MEDIUM
Network
|
-
|
-
|
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is …
Update
|
CWE-1023
Incomplete Comparison with Missing Factors
|
CVE-2026-7473
|
2026-06-9 00:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
228
|
7.0 |
HIGH
Local
|
-
|
-
|
Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292
Update
|
-
|
CVE-2026-50265
|
2026-06-9 00:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
229
|
- |
|
-
|
-
|
When Routinator encounters a file via RRDP using a specifically crafted Document Type Definition, Routinator crashes.
New
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-49235
|
2026-06-9 00:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
230
|
- |
|
-
|
-
|
When sending a specifically crafted non-UTF-8 string as select-asn query parameter to the /api/v1/origins endpoint, Routinator crashes.
This only affects users who allow API access from untrusted n…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-49234
|
2026-06-9 00:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
