Lucene search
K

364829 matches found

NVD
NVD
added 2026/06/09 12:16 a.m.15 views

CVE-2026-11671

Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS0.00243EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11663

Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11668

Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. Chromium security severity: High...

4.3CVSS0.00193EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.16 views

CVE-2026-11660

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00258EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.17 views

CVE-2026-11662

Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00359EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11661

Use after free in Views in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00242EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.19 views

CVE-2026-11665

Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00217EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.13 views

CVE-2026-11666

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.4CVSS0.00214EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.12 views

CVE-2026-11664

Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.8 views

CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00215EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.8 views

CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00242EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11653

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.7 views

CVE-2026-11652

Use after free in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00242EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS0.00169EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.12 views

CVE-2026-11651

Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

9.6CVSS0.00337EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.12 views

CVE-2026-11657

Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.14 views

CVE-2026-11658

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00225EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.29 views

CVE-2026-11659

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.12 views

CVE-2026-11654

Use after free in CameraCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.13 views

CVE-2026-11647

Use after free in Printing in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11646

Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00262EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00314EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11644

Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

7.5CVSS0.00202EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.7 views

CVE-2026-11643

Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS0.00271EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.12 views

CVE-2026-11649

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00314EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.13 views

CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.01654EPSS
Exploits4References3
NVD
NVD
added 2026/06/09 12:16 a.m.8 views

CVE-2026-11648

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00263EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11642

Use after free in Web Apps in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00231EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11636

Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11640

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00231EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.11 views

CVE-2026-11638

Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.9 views

CVE-2026-11637

Use after free in Views in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS0.00262EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.7 views

CVE-2026-11639

Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00275EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.9 views

CVE-2026-11641

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00275EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11635

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.16 views

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS0.0027EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.13 views

CVE-2026-11630

Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.13 views

CVE-2026-11628

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: Critical...

6.8CVSS0.00181EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

8.8CVSS0.00232EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.18 views

CVE-2026-11634

Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS0.00252EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.9 views

CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00264EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 12:16 a.m.10 views

CVE-2026-11631

Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 11:17 p.m.14 views

CVE-2026-9669

bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...

8.2CVSS0.00433EPSS
Exploits0References9
NVD
NVD
added 2026/06/08 9:16 p.m.22 views

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion...

6.1CVSS0.00309EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 9:16 p.m.13 views

CVE-2026-44541

Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fidesdescription override. This issue has been patched in version 2.84.5...

7CVSS0.00297EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 9:16 p.m.14 views

CVE-2026-11585

A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/06/08 8:17 p.m.14 views

CVE-2026-49141

WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to other tenants by supplying an arbitrary caller-controlled contactid in the POST request body without tenant ownership...

7.1CVSS0.00216EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 8:17 p.m.20 views

CVE-2026-46484

Headplane is a feature-complete Web UI for Headscale. Prior to versions 0.6.3 and 0.7.0-beta.3, Headplane was vulnerable to a path traversal / authorization bypass in the Headscale API client used by node and user rename operations. This issue has been patched in versions 0.6.3 and 0.7.0-beta.3...

8.1CVSS0.00374EPSS
Exploits0References3
NVD
NVD
added 2026/06/08 8:17 p.m.14 views

CVE-2026-47345

Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2...

5.1CVSS0.00366EPSS
Exploits0References2
NVD
NVD
added 2026/06/08 8:17 p.m.13 views

CVE-2026-47344

When ALLOWINSECURERAWTEXT is enabled, whitespace-variant closing tags e.g., are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent content to escape sanitization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitiz...

2.1CVSS0.00282EPSS
Exploits0References2
Total number of security vulnerabilities364829