Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

302943 matches found

ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00177EPSS
Exploits0References3Affected Software1
CVE
CVEadded 2026/06/08 11:27 p.m.27 views

CVE-2026-11675

CVE-2026-11675 : Out-of-bounds read in Skia used by Google Chrome before 149.0.7827.103. A remote attacker who compromises the renderer process could leak cross-origin data via a crafted HTML page. The issue arises from Skia, with impact limited to confidentiality (LOW in CVSS 3.1 per the documen...

3.1CVSS5.5AI score0.002EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.7 views

CVE-2026-11675

Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.002EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.8 views

CVE-2026-11675

Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.002EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/06/08 11:27 p.m.37 views

CVE-2026-11675

Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

0.002EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.9 views

CVE-2026-11675

Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.002EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/08 11:27 p.m.36 views

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

0.00193EPSS
Exploits0References2
CVE
CVEadded 2026/06/08 11:27 p.m.23 views

CVE-2026-11668

CVE-2026-11668 concerns Google Chrome on Linux and ChromeOS versions before 149.0.7827.103, with an uninitialized use in codecs leading to potential cross-origin data leakage via a crafted video file. The issue is described as high severity; affected: Chrome on Linux/ChromeOS prior to the listed ...

4.3CVSS5.5AI score0.00193EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.4 views

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

4.3CVSS5.5AI score0.00193EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.9 views

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

5.5AI score0.00193EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.9 views

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

4.3CVSS5.5AI score0.00193EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.3 views

CVE-2026-11665

Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00217EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/08 11:27 p.m.9 views

CVE-2026-11665

Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00217EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.8 views

CVE-2026-11665

Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00217EPSS
Exploits0
OSV
OSVadded 2026/06/08 11:17 p.m.7 views

DEBIAN-CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS5.4AI score0.00376EPSS
Exploits0References1
NVD
NVDadded 2026/06/08 11:17 p.m.9 views

CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS0.00376EPSS
Exploits0References8
Snyk
Snykadded 2026/06/08 11:16 p.m.4 views

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the bz2.BZ2Decompressor objects. An attacker can cause out-of-bounds writes to a stack buffer by reusing a decompressor object after a decompression error and providing crafted input. This can result in...

8.2CVSS5.5AI score0.00376EPSS
Exploits0References2
GithubExploit
GithubExploitadded 2026/06/08 11:8 p.m.72 views

coruna-postexploit

Coruna Post-Exploitation Framework Overview This is a com...

7.8CVSS7.5AI score0.0141EPSS
Exploits3
OSV
OSVadded 2026/06/08 11:6 p.m.17 views

GHSA-H9FJ-C2QR-76G2 FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of escapeTdString

Summary The TDengine DAQ storage connector's escapeTdString at server/runtime/storage/tdengine/index.js:10 doubles single quotes but does not escape backslashes. TDengine's SQL parser treats ' as a literal single quote inside a string, so a tag id of the form x' OR 1=1-- escapes the first single...

5.3CVSS5.5AI score0.00082EPSS
Exploits0References2
Github Security Blog
Github Security Blogadded 2026/06/08 11:6 p.m.9 views

FUXA has SQL Injection in its TDengine DAQ connector via backslash bypass of escapeTdString

Summary The TDengine DAQ storage connector's escapeTdString at server/runtime/storage/tdengine/index.js:10 doubles single quotes but does not escape backslashes. TDengine's SQL parser treats ' as a literal single quote inside a string, so a tag id of the form x' OR 1=1-- escapes the first single...

5.5AI score0.00082EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder