|
251
|
7.1 |
HIGH
Local
|
-
|
-
|
Markdown Preview Enhanced 0.8.x with crossnote engine 0.9.28 contains a code injection vulnerability in the WaveDrom rendering pipeline that allows attackers to execute arbitrary JavaScript by embedd…
New
|
CWE-95
Eval Injection
|
CVE-2026-11422
|
2026-06-9 00:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
252
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium securit…
Update
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-11025
|
2026-06-9 00:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
253
|
8.8 |
HIGH
Network
|
-
|
-
|
Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-11024
|
2026-06-9 00:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
254
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HT…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11023
|
2026-06-9 00:16 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
255
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Type Confusion in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
Update
|
CWE-843
Type Confusion
|
CVE-2026-11052
|
2026-06-9 00:08 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
256
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in ANGLE in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi…
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11051
|
2026-06-9 00:08 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
257
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted…
Update
|
CWE-346
Origin Validation Error
|
CVE-2026-11048
|
2026-06-9 00:04 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Inappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via …
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11047
|
2026-06-9 00:03 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
259
|
7.5 |
HIGH
Network
|
-
|
-
|
Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 packet parser. The parser decrements an unsigned 64-bit payload-length value (taken from the IPv6 fixe…
New
|
CWE-191
Integer Underflow (Wrap or Wraparound)
|
CVE-2026-49494
|
2026-06-9 00:03 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
260
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informatio…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11045
|
2026-06-9 00:02 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
