|
4221
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: …
|
CWE-20
Improper Input Validation
|
CVE-2026-11685
|
2026-06-9 23:51 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4222
|
3.1 |
LOW
Network
|
google
|
chrome
|
Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page…
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-11684
|
2026-06-9 23:51 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4223
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. …
|
CWE-416
Use After Free
|
CVE-2026-11700
|
2026-06-9 23:51 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4224
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-11699
|
2026-06-9 23:51 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4225
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security…
|
CWE-20
Improper Input Validation
|
CVE-2026-11697
|
2026-06-9 23:51 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4226
|
5.3 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proc…
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-11696
|
2026-06-9 23:51 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4227
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-11695
|
2026-06-9 23:50 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4228
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
CWE-416
Use After Free
|
CVE-2026-11698
|
2026-06-9 23:50 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4229
|
5.3 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Incorrect authorization in the User Messages dashboard widget in Checkmk <2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing a…
|
CWE-863
Incorrect Authorization
|
CVE-2026-7765
|
2026-06-9 23:49 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4230
|
5.4 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validati…
|
CWE-79
Cross-site Scripting
|
CVE-2026-8833
|
2026-06-9 23:49 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
