|
31
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-10993
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
32
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (C…
New
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2026-10992
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
33
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
New
|
CWE-416
Use After Free
|
CVE-2026-10990
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
34
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mage_ai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performi…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-11436
|
2026-06-7 01:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
35
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx. Such manipulation of the argument httpOID leads to sql injection. The at…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11435
|
2026-06-7 01:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
36
|
2.4 |
LOW
Network
|
-
|
-
|
A weakness has been identified in FluentCMS 0.0.5. The impacted element is an unknown function of the file /admin/blocks of the component Blocks Plugin. This manipulation causes cross site scripting.…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-11434
|
2026-06-7 00:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
37
|
8.8 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stac…
New
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-11413
|
2026-06-6 23:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
38
|
8.8 |
HIGH
Network
|
-
|
-
|
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
New
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-11211
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
39
|
5.9 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebRTC in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. (Chromium …
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11199
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
40
|
7.8 |
HIGH
Local
|
-
|
-
|
Inappropriate implementation in Installer in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-11103
|
2026-06-6 22:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
