|
4201
|
8.8 |
HIGH
Network
|
flowiseai
|
flowise
|
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluator create and update mass-assignment allows cross-workspace evaluator takeover.…
|
CWE-915
Improperly Controlled Modification of Dynamically-Determined Object Attributes
|
CVE-2026-46480
|
2026-06-9 23:57 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4202
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
|
CWE-416
Use After Free
|
CVE-2026-11646
|
2026-06-9 23:56 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4203
|
6.8 |
MEDIUM
Physics
|
google
|
chrome
|
Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: Critic…
|
CWE-416
Use After Free
|
CVE-2026-11628
|
2026-06-9 23:54 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4204
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-11674
|
2026-06-9 23:54 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4205
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
|
CWE-416
Use After Free
|
CVE-2026-11673
|
2026-06-9 23:54 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4206
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-11671
|
2026-06-9 23:53 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4207
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-11670
|
2026-06-9 23:53 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4208
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. (Ch…
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11667
|
2026-06-9 23:53 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4209
|
7.5 |
HIGH
Network
|
google
|
chrome
|
Out of bounds read and write in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2026-11690
|
2026-06-9 23:53 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4210
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-11683
|
2026-06-9 23:53 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
