|
31
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-9913
|
2026-05-30 03:17 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
32
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML pa…
New
|
CWE-200
Information Exposure
|
CVE-2026-9912
|
2026-05-30 03:17 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
33
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-9908
|
2026-05-30 03:17 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
34
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in Dawn in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-9907
|
2026-05-30 03:17 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
35
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter
device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials …
New
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-7786
|
2026-05-30 03:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
36
|
8.4 |
HIGH
Network
|
-
|
-
|
A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can injec…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-6824
|
2026-05-30 03:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
37
|
8.8 |
HIGH
Adjacent
|
-
|
-
|
The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range …
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-5768
|
2026-05-30 03:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
38
|
9.1 |
CRITICAL
Network
|
-
|
-
|
The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without …
New
|
CWE-620
Unverified Password Change
|
CVE-2026-5386
|
2026-05-30 03:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
39
|
7.7 |
HIGH
Network
|
-
|
-
|
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.4, ProjectService.GetProjectFileContent returns the contents of any Docker Compose include directiv…
New
|
CWE-22
Path Traversal
|
CVE-2026-47179
|
2026-05-30 03:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
40
|
8.8 |
HIGH
Network
|
-
|
-
|
Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.19.2, the PUT /api/environments/{id}/templates/variables endpoint, which writes the system-wide .env.g…
New
|
CWE-862
Missing Authorization
|
CVE-2026-47125
|
2026-05-30 03:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
