|
591
|
8.1 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in Plugins in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (…
New
|
CWE-346
Origin Validation Error
|
CVE-2026-11693
|
2026-06-10 02:26 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
592
|
5.4 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-20
NVD-CWE-noinfo
Improper Input Validation
|
CVE-2026-11701
|
2026-06-10 02:24 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
593
|
7.5 |
HIGH
Network
|
perl
|
dbi
|
DBI versions before 1.648 for Perl saved errors in a limited-sized buffer.
Error messages that were returned when RaiseError, PrintError or HandleError were set were written to a 200-byte buffer wit…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-9698
|
2026-06-10 02:20 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
594
|
- |
|
-
|
-
|
An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.
New
|
CWE-20
Improper Input Validation
|
CVE-2026-9211
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
595
|
- |
|
-
|
-
|
Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-9210
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
596
|
9.8 |
CRITICAL
Network
|
-
|
-
|
YesWiki is a wiki system written in PHP. Prior to version 4.6.6, an unsafe execution vulnerability exists in the Bazar form field calculator (CalcField.php) of YesWiki. The application attempts to sa…
New
|
CWE-94
CWE-1333
Code Injection
Inefficient Regular Expression Complexity
|
CVE-2026-52778
|
2026-06-10 02:17 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
597
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
New
|
CWE-200
Information Exposure
|
CVE-2026-50508
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
598
|
7.5 |
HIGH
Network
|
-
|
-
|
Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's mod_http leads to denial of service via malicious HTTP requests.
This issue affects Apache HTTP Server: from 2.4.17 …
New
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2026-49975
|
2026-06-10 02:17 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
599
|
8.8 |
HIGH
Network
|
-
|
-
|
Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration…
New
|
CWE-78
OS Command
|
CVE-2026-49959
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
600
|
5.0 |
MEDIUM
Local
|
-
|
-
|
Hermes WebUI before version 0.51.303 contains a time-of-check time-of-use (TOCTOU) race condition vulnerability in the git_discard function within api/workspace_git.py that allows attackers to delete…
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-49958
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
