|
1541
|
4.8 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Stored cross-site scripting in the global settings change log in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can change global settings to store malicio…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-8078
|
2026-06-9 00:53 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1542
|
5.4 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Stored cross-site scripting in the URL dashboard widget in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows a user with dashboard editing permissions to store a URL with a danger…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-7186
|
2026-06-9 00:53 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1543
|
4.8 |
MEDIUM
Network
|
checkmk
|
checkmk
|
Stored cross-site scripting in the service discovery active check output in Checkmk <2.5.0p5, <2.4.0p31, <2.3.0p48, and all 2.2.0 versions allows an administrator who can configure active or custom c…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-9549
|
2026-06-9 00:53 |
2026-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1544
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perfor…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11056
|
2026-06-9 00:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1545
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity:…
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11069
|
2026-06-9 00:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1546
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the network process to potentially perform a …
Update
|
CWE-20
Improper Input Validation
|
CVE-2026-11070
|
2026-06-9 00:52 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1547
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Use after free in Base in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process mem…
Update
|
CWE-416
Use After Free
|
CVE-2026-11071
|
2026-06-9 00:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1548
|
7.8 |
HIGH
Local
|
google
|
chrome
|
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium)
Update
|
CWE-416
Use After Free
|
CVE-2026-11072
|
2026-06-9 00:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1549
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Use after free in WebGL in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security s…
Update
|
CWE-416
Use After Free
|
CVE-2026-11073
|
2026-06-9 00:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1550
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Out of bounds read in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security …
Update
|
CWE-125
Out-of-bounds Read
|
CVE-2026-11075
|
2026-06-9 00:51 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
