|
731
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11096
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
732
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11095
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
733
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Integer overflow in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (…
New
|
CWE-472
CWE-190
External Control of Assumed-Immutable Web Parameter
Integer Overflow or Wraparound
|
CVE-2026-11088
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
734
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted H…
New
|
CWE-416
Use After Free
|
CVE-2026-11042
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
735
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
New
|
CWE-416
Use After Free
|
CVE-2026-11040
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
736
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. (Chromium s…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11038
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
737
|
9.6 |
CRITICAL
Network
|
-
|
-
|
Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-11037
|
2026-06-6 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
738
|
6.5 |
MEDIUM
Network
|
-
|
-
|
CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial …
New
|
CWE-20
Improper Input Validation
|
CVE-2025-5090
|
2026-06-6 02:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
739
|
6.5 |
MEDIUM
Network
|
-
|
-
|
In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Similarly, the CVX server is not resilient to certain …
New
|
CWE-20
Improper Input Validation
|
CVE-2025-5089
|
2026-06-6 02:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
740
|
8.3 |
HIGH
Network
|
-
|
-
|
An authenticated Redis session could be used to obtain full root access to all servers in the CVX cluster. Note that this would require an attacker to have both network access to the Redis service on…
New
|
CWE-269
Improper Privilege Management
|
CVE-2025-5088
|
2026-06-6 02:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
