|
441
|
- |
|
-
|
-
|
Unexpected Status Code or Return Value vulnerability in ninenines gun (gun_http module) allows a malicious HTTP server to force the client into raw protocol mode via an unsolicited 101 Switching Prot…
New
|
CWE-841
Improper Enforcement of Behavioral Workflow
|
CVE-2026-43974
|
2026-06-10 00:20 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
442
|
- |
|
-
|
-
|
Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in wojtekmach Req allows attacker-controlled HTTP servers to exhaust memory in a Req client via decompression-bomb respo…
New
|
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-49755
|
2026-06-10 00:20 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
443
|
- |
|
-
|
-
|
Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in wojtekmach Req allows multipart parameter smuggling via attacker-influenced part metadata.
Req.Utils.encode_form_part/2 …
New
|
CWE-93
CRLF Injection
|
CVE-2026-49756
|
2026-06-10 00:20 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
444
|
- |
|
-
|
-
|
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') vulnerability in ninenines cowlib allows HTTP response splitting via non-VCHAR bytes in structured-fields…
New
|
CWE-113
HTTP Response Splitting
|
CVE-2026-43966
|
2026-06-10 00:20 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
445
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-843
Type Confusion
|
CVE-2026-11662
|
2026-06-9 23:58 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
446
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
New
|
CWE-416
Use After Free
|
CVE-2026-11663
|
2026-06-9 23:58 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
447
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-416
Use After Free
|
CVE-2026-11664
|
2026-06-9 23:58 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
448
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11665
|
2026-06-9 23:58 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
449
|
8.3 |
HIGH
Network
|
google
|
chrome
|
Use after free in Read Anything in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
New
|
CWE-416
Use After Free
|
CVE-2026-11692
|
2026-06-9 23:58 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
450
|
3.1 |
LOW
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a …
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11691
|
2026-06-9 23:58 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
