|
11
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in perfree go-fastdfs-web up to 1.3.7. Affected is the function checkServer of the file /install/checkServer of the component Installation Endpoint. Executing a manipulation can…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-11437
|
2026-06-7 02:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
4.2 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted …
New
|
CWE-290
CWE-451
Authentication Bypass by Spoofing
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2026-11001
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
6.1 |
MEDIUM
Network
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proces…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-10999
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…
New
|
CWE-457
Use of Uninitialized Variable
|
CVE-2026-10994
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-10993
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (C…
New
|
NVD-CWE-noinfo
CWE-20
Improper Input Validation
|
CVE-2026-10992
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
New
|
CWE-416
Use After Free
|
CVE-2026-10990
|
2026-06-7 02:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Mage AI up to 0.9.79. This impacts the function useMutation of the file mage_ai/frontend/components/Sessions/SignForm/index.tsx of the component Sign-in Flow. Performi…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-11436
|
2026-06-7 01:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx. Such manipulation of the argument httpOID leads to sql injection. The at…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-11435
|
2026-06-7 01:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
2.4 |
LOW
Network
|
-
|
-
|
A weakness has been identified in FluentCMS 0.0.5. The impacted element is an unknown function of the file /admin/blocks of the component Blocks Plugin. This manipulation causes cross site scripting.…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-11434
|
2026-06-7 00:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
