|
701
|
8.8 |
HIGH
Network
|
-
|
-
|
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
New
|
CWE-416
Use After Free
|
CVE-2026-11681
|
2026-06-9 20:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
702
|
8.3 |
HIGH
Network
|
-
|
-
|
Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially per…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-11676
|
2026-06-9 20:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
703
|
8.3 |
HIGH
Network
|
-
|
-
|
Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-11672
|
2026-06-9 20:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
704
|
- |
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
io_uring/waitid: clear waitid info before copying it to userspace
IORING_OP_WAITID stores its result fields in struct io_waitid::…
New
|
-
|
CVE-2026-46315
|
2026-06-9 18:16 |
2026-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
705
|
7.1 |
HIGH
Network
|
-
|
-
|
A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-10840
|
2026-06-9 18:16 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
706
|
7.5 |
HIGH
Network
|
-
|
-
|
Protocol::HTTP2 versions before 1.13 for Perl is vulnerable to a HTTP/2 Bomb.
Protocol::HTTP2's inbound HPACK path has no header-list size limit, so a small HTTP/2 request can expand into large serv…
New
|
CWE-409
Improper Handling of Highly Compressed Data (Data Amplification)
|
CVE-2026-10725
|
2026-06-9 17:16 |
2026-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
707
|
3.3 |
LOW
Local
|
-
|
-
|
A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. Impacted is an unknown function in the library saappctl.sys of the component IOCTL Handler. The manipulation leads to …
New
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-11459
|
2026-06-9 15:16 |
2026-06-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
708
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in WebAppInstalls in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HT…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11023
|
2026-06-9 12:08 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
709
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-11024
|
2026-06-9 12:07 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
710
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium securit…
Update
|
CWE-602
Client-Side Enforcement of Server-Side Security
|
CVE-2026-11025
|
2026-06-9 12:07 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
