Lucene search
K

3046 matches found

Vulnrichment
Vulnrichment
added 2026/06/12 12:51 p.m.7 views

CVE-2026-45670 Nuxt: Dev server exposes built source over LAN to malicious sites (incomplete fix for GHSA-4gf7-ff8x-hq99)

Nuxt is an open-source web development framework for Vue.js. In @nuxt/rspack-builder and @nuxt/webpack-builder versions 3.15.4 to before 3.21.6, and 4.0.0-alpha.1 to before 4.4.6, there is an incomplete fix for GHSA-4gf7-ff8x-hq99. Source code may be stolen during dev when using the webpack /...

5.9CVSS5.2AI score0.00208EPSS
Exploits1References3
EUVD
EUVD
added 2026/06/12 12:31 a.m.7 views

EUVD-2026-36335

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS5.5AI score0.00174EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 10:16 p.m.2 views

DEBIAN-CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS5.3AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 10:16 p.m.8 views

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS0.00174EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

8.3CVSS5.3AI score0.00174EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.7 views

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

5.5AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2026/06/11 12:16 p.m.14 views

CVE-2026-8464

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS0.00204EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 10:32 a.m.10 views

CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/11 10:32 a.m.8 views

EUVD-2026-36234

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 10:32 a.m.22 views

CVE-2026-8464

CVE-2026-8464 : Golem OEE MES is affected by an unauthenticated path-traversal vulnerability that could allow an attacker in the same local network to read arbitrary files from the server by manipulating HTTP request paths. The issue is fixed in version 11.6.0. Affected product: Golem OEE MES; vu...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/11 10:32 a.m.29 views

CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS0.00204EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.15 views

PT-2026-48654

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS5.5AI score0.00204EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.17 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google. It primarily provides features for web browsing, extension support, and multi-platform synchronization. There is a resource management vulnerability in Google Chrome. This vulnerability stems from the Cast component’s failure to properly handle...

8.3CVSS5.9AI score0.00174EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.8 views

Neuron Golem OEE MES 路径遍历漏洞

Neuron Golem OEE MES is a manufacturing execution system and equipment integrated efficiency management platform developed by the Polish company Neuron. The Neuron Golem OEE MES has a path traversal vulnerability, which stems from a path traversal flaw. This vulnerability could allow attackers...

8.3CVSS5.8AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/11 12:0 a.m.9 views

PT-2026-48761

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description A use after free issue in Cast allows an attacker on the local network segment to potentially perform a sandbox escape by sending malicious network traffic. Use after free is a memory...

8.3CVSS5.3AI score0.00225EPSS
Exploits0References41
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.7 views

CVE-2026-9211

An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation...

8.8CVSS5.5AI score0.00235EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.13 views

CVE-2026-9212

Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting the product's confidentiality or change certain configurations...

8.3CVSS5.7AI score0.0027EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:4 p.m.10 views

CVE-2026-9210

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and functionality...

7.1CVSS5.4AI score0.00216EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.12 views

CVE-2026-3088

Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests...

7.1CVSS5.5AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.8 views

CVE-2026-0418

Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system...

6.8CVSS5.4AI score0.00245EPSS
Exploits0References1
Rows per page
Query Builder