|
91
|
6.1 |
MEDIUM
Network
|
-
|
-
|
draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.12, a crafted .drawio file can execute arbitrary JavaScript in the editor's origin when the file is opened. …
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-46642
|
2026-06-11 03:17 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
92
|
- |
|
-
|
-
|
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, before the round-1 security swee…
New
|
CWE-78
CWE-250
CWE-269
OS Command
Execution with Unnecessary Privileges
Improper Privilege Management
|
CVE-2026-46618
|
2026-06-11 03:17 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
93
|
- |
|
-
|
-
|
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, Fission runtime pods were create…
New
|
CWE-250
CWE-269
CWE-538
Execution with Unnecessary Privileges
Improper Privilege Management
File and Directory Information Exposure
|
CVE-2026-46617
|
2026-06-11 03:17 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
94
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission router registers an …
New
|
CWE-284
CWE-862
Improper Access Control
Missing Authorization
|
CVE-2026-46614
|
2026-06-11 03:17 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
95
|
8.8 |
HIGH
Network
|
-
|
-
|
Fission is an open-source, Kubernetes-native serverless framework that simplifies the deployment of functions and applications on Kubernetes. Prior to version 1.23.0, the Fission storagesvc component…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-46612
|
2026-06-11 03:17 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
96
|
8.1 |
HIGH
Network
|
-
|
-
|
FrankenPHP is a modern application server for PHP. From version 1.11.2 to before version 1.12.3, the splitPos() function in cgi.go misuses golang.org/x/text/search with search.IgnoreCase when the req…
New
|
CWE-20
CWE-176
CWE-178
Improper Input Validation
Improper Handling of Unicode Encoding
Improper Handling of Case Sensitivity
|
CVE-2026-45062
|
2026-06-11 03:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
97
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the qossetting function. This vulnerability allows attackers to cause a Den…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-36803
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
98
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda PW201A v1.0.5 was discovered to contain a buffer overflow in the page parameter of the SafeMacFilter function. This vulnerability allows attackers to cause a …
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-36802
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
99
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindRule parameter of the formIPMacBindAdd function. This vulnerability allows attackers…
New
|
CWE-120
Classic Buffer Overflow
|
CVE-2026-36801
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
100
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain multiple stack overflows in the R7WebsSecurityHandler function via the username and password param…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36794
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
