Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

302922 matches found

OSV
OSVadded 2026/06/08 11:35 p.m.8 views

GHSA-QM33-P5P9-F8VG nebula-mesh: GET /api/v1/audit-log discloses all entries to any operator

internal/api/audit.go:12 — handleGetAuditLog does no admin check. The route is bearer-auth gated only; any operator API key returns the full audit log via store.ListAuditEntries up to limit=1000. This includes cross-tenant actor names, host/CA/operator IDs, action timestamps, and masked-IP entrie...

7.1CVSS5.5AI score0.00043EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.5 views

CVE-2026-11695

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00177EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/06/08 11:27 p.m.27 views

CVE-2026-11695

CVE-2026-11695 affects Google Chrome Passwords with an inappropriate implementation that allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Google Chrome (password handling). Root cause: improper handling leading to cross-origin data exposure. Impact: cr...

4.3CVSS5.5AI score0.00177EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11695

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00177EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/08 11:27 p.m.38 views

CVE-2026-11691

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00169EPSS
Exploits0References2
CVE
CVEadded 2026/06/08 11:27 p.m.30 views

CVE-2026-11691

CVE-2026-11691 involves Google Chrome’s New Tab Page and is caused by insufficient validation of untrusted input. The vulnerability affects Chrome prior to version 149.0.7827.103, enabling a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page...

3.1CVSS5.5AI score0.00169EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11691

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00169EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.6 views

CVE-2026-11691

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00169EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.9 views

CVE-2026-11691

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00169EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/08 11:27 p.m.39 views

CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00171EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00171EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.5 views

CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/06/08 11:27 p.m.32 views

CVE-2026-11686

The CVE-2026-11686 entry describes an issue in Dawn within Google Chrome on macOS before 149.0.7827.103. The root cause is insufficient validation of untrusted input in Dawn, which could allow a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML ...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11686

Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00171EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/08 11:27 p.m.36 views

CVE-2026-11685

Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00177EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11684

Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00171EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.6 views

CVE-2026-11685

Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00177EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/06/08 11:27 p.m.26 views

CVE-2026-11684

CVE-2026-11684 affects Google Chrome’s Network policy enforcement. Affected component: network policy handling in Chrome before 149.0.7827.103. Root cause: insufficient policy enforcement allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTM...

3.1CVSS5.5AI score0.00171EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/06/08 11:27 p.m.36 views

CVE-2026-11684

Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.00171EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11685

Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00177EPSS
Exploits0References2
Rows per page
Query Builder