NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:July 1, 2026, 4:27 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
4751 8.8 HIGH
Network
google chrome Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11657 2026-06-9 23:58 2026-06-9 Show GitHub Exploit DB Packet Storm
4752 9.6 CRITICAL
Network
google chrome Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CWE-20
 Improper Input Validation 
CVE-2026-11659 2026-06-9 23:58 2026-06-9 Show GitHub Exploit DB Packet Storm
4753 8.3 HIGH
Network
google chrome Use after free in Views in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT… CWE-416
 Use After Free
CVE-2026-11661 2026-06-9 23:58 2026-06-9 Show GitHub Exploit DB Packet Storm
4754 8.8 HIGH
Network
google chrome Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:… CWE-416
 Use After Free
CVE-2026-11648 2026-06-9 23:58 2026-06-9 Show GitHub Exploit DB Packet Storm
4755 8.8 HIGH
Network
google chrome Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11649 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4756 8.3 HIGH
Network
google chrome Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox… CWE-20
 Improper Input Validation 
CVE-2026-11660 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4757 8.8 HIGH
Network
google chrome Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11650 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4758 9.6 CRITICAL
Network
google chrome Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11651 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4759 8.3 HIGH
Network
google chrome Use after free in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… CWE-416
 Use After Free
CVE-2026-11652 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4760 9.6 CRITICAL
Network
google chrome Use after free in CameraCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity:… CWE-416
 Use After Free
CVE-2026-11654 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4761 8.3 HIGH
Network
google chrome Use after free in Web Apps in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… CWE-416
 Use After Free
CVE-2026-11642 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4762 7.5 HIGH
Network
google chrome Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Exte… CWE-416
 Use After Free
CVE-2026-11644 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4763 8.1 HIGH
Network
google chrome Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical) CWE-416
 Use After Free
CVE-2026-11643 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4764 8.8 HIGH
Network
flowiseai flowise Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.1.2, evaluator create and update mass-assignment allows cross-workspace evaluator takeover.… CWE-915
 Improperly Controlled Modification of Dynamically-Determined Object Attributes
CVE-2026-46480 2026-06-9 23:57 2026-06-9 Show GitHub Exploit DB Packet Storm
4765 8.8 HIGH
Network
google chrome Use after free in ViewTransitions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… CWE-416
 Use After Free
CVE-2026-11646 2026-06-9 23:56 2026-06-9 Show GitHub Exploit DB Packet Storm
4766 6.8 MEDIUM
Physics
google chrome Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the device. (Chromium security severity: Critic… CWE-416
 Use After Free
CVE-2026-11628 2026-06-9 23:54 2026-06-9 Show GitHub Exploit DB Packet Storm
4767 8.8 HIGH
Network
google chrome Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11674 2026-06-9 23:54 2026-06-9 Show GitHub Exploit DB Packet Storm
4768 8.8 HIGH
Network
google chrome Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… CWE-416
 Use After Free
CVE-2026-11673 2026-06-9 23:54 2026-06-9 Show GitHub Exploit DB Packet Storm
4769 9.6 CRITICAL
Network
google chrome Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11671 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4770 8.8 HIGH
Network
google chrome Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11670 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4771 7.5 HIGH
Network
google chrome Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. (Ch… CWE-125
Out-of-bounds Read
CVE-2026-11667 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4772 7.5 HIGH
Network
google chrome Out of bounds read and write in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write
CVE-2026-11690 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4773 8.8 HIGH
Network
google chrome Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11683 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4774 8.8 HIGH
Network
google chrome Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: … CWE-416
 Use After Free
CVE-2026-11680 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4775 8.3 HIGH
Network
google chrome Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted H… CWE-416
 Use After Free
CVE-2026-11679 2026-06-9 23:53 2026-06-9 Show GitHub Exploit DB Packet Storm
4776 5.3 MEDIUM
Network
google chrome Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory … CWE-472
 External Control of Assumed-Immutable Web Parameter
CVE-2026-11678 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4777 8.3 HIGH
Network
google chrome Race in Network in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via a crafted HTML page. (Chr… CWE-362
Race Condition
CVE-2026-11677 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4778 3.1 LOW
Network
google chrome Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium sec… CWE-20
 Improper Input Validation 
CVE-2026-11675 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4779 8.8 HIGH
Network
google chrome Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CWE-416
 Use After Free
CVE-2026-11629 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4780 7.5 HIGH
Network
google chrome Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HT… CWE-416
 Use After Free
CVE-2026-11694 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4781 8.8 HIGH
Network
google chrome Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity:… CWE-94
Code Injection
CVE-2026-11688 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4782 8.8 HIGH
Network
google chrome Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11687 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4783 3.1 LOW
Network
google chrome Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a… CWE-20
 Improper Input Validation 
CVE-2026-11686 2026-06-9 23:52 2026-06-9 Show GitHub Exploit DB Packet Storm
4784 4.3 MEDIUM
Network
google chrome Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: … CWE-20
 Improper Input Validation 
CVE-2026-11685 2026-06-9 23:51 2026-06-9 Show GitHub Exploit DB Packet Storm
4785 3.1 LOW
Network
google chrome Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page… CWE-693
 Protection Mechanism Failure
CVE-2026-11684 2026-06-9 23:51 2026-06-9 Show GitHub Exploit DB Packet Storm
4786 8.3 HIGH
Network
google chrome Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. … CWE-416
 Use After Free
CVE-2026-11700 2026-06-9 23:51 2026-06-9 Show GitHub Exploit DB Packet Storm
4787 8.8 HIGH
Network
google chrome Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11699 2026-06-9 23:51 2026-06-9 Show GitHub Exploit DB Packet Storm
4788 9.6 CRITICAL
Network
google chrome Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security… CWE-20
 Improper Input Validation 
CVE-2026-11697 2026-06-9 23:51 2026-06-9 Show GitHub Exploit DB Packet Storm
4789 5.3 MEDIUM
Network
google chrome Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proc… CWE-457
 Use of Uninitialized Variable
CVE-2026-11696 2026-06-9 23:51 2026-06-9 Show GitHub Exploit DB Packet Storm
4790 4.3 MEDIUM
Network
google chrome Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) CWE-693
 Protection Mechanism Failure
CVE-2026-11695 2026-06-9 23:50 2026-06-9 Show GitHub Exploit DB Packet Storm
4791 8.8 HIGH
Network
google chrome Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CWE-416
 Use After Free
CVE-2026-11698 2026-06-9 23:50 2026-06-9 Show GitHub Exploit DB Packet Storm
4792 5.3 MEDIUM
Network
checkmk checkmk Incorrect authorization in the User Messages dashboard widget in Checkmk <2.5.0p5 causes the message-fetching endpoints to return the dashboard creator's messages rather than the viewer's, allowing a… CWE-863
 Incorrect Authorization
CVE-2026-7765 2026-06-9 23:49 2026-06-8 Show GitHub Exploit DB Packet Storm
4793 5.4 MEDIUM
Network
checkmk checkmk Improper neutralization of HTML-encoded characters in the URL validation function in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an authenticated user to bypass URL validati… CWE-79
Cross-site Scripting
CVE-2026-8833 2026-06-9 23:49 2026-06-8 Show GitHub Exploit DB Packet Storm
4794 - -
- - The Electron preload script in Logseq exposes an API method that allows the renderer process to invoke IPC handlers without proper path validation. An attacker with JavaScript execution in the render… CWE-749
 Exposed Dangerous Method or Function
CVE-2026-47899 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4795 - -
- - Logseq is vulnerable to a stored cross-site scripting (XSS). A malicious plugin can include a JavaScript payload in the "name" field of its "package.json" file, which is rendered using "innerHTML" wi… CWE-79
Cross-site Scripting
CVE-2026-47900 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4796 - -
- - Logseq is vulnerable to a sandbox escape flaw where plugins running in sandboxed iframes can inject arbitrary HTML attributes, such as event handlers, into their container element in the host DOM. Du… CWE-79
Cross-site Scripting
CVE-2026-47901 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4797 - -
- - Uncontrolled Resource Consumption vulnerability in the Elixir standard library's Version module allows an attacker who controls a version string to cause a denial of service through CPU and memory ex… CWE-400
 Uncontrolled Resource Consumption
CVE-2026-49762 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4798 9.8 CRITICAL
Network
- - Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 befor… CWE-89
SQL Injection
CVE-2026-7486 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4799 - -
- - Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name (e.g. `git`, `pandoc`, `grep`), the argument string is concaten… CWE-78
OS Command 
CVE-2026-9279 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm
4800 8.8 HIGH
Network
google chrome Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) CWE-416
 Use After Free
CVE-2026-11630 2026-06-9 23:47 2026-06-9 Show GitHub Exploit DB Packet Storm