|
771
|
- |
|
-
|
-
|
Svelte is a performance oriented web framework. From version 5.51.5 to before version 5.55.7, an internal regex in the Svelte runtime can take exponential time to test in <svelte:element this={tag}><…
New
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2026-42567
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
772
|
7.0 |
HIGH
Local
|
-
|
-
|
Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-41108
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
773
|
8.4 |
HIGH
Network
|
-
|
-
|
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Stack Edge allows an authorized attacker to perform spoofing over a network.
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-41098
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
774
|
7.8 |
HIGH
Local
|
-
|
-
|
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally.
New
|
CWE-284
Improper Access Control
|
CVE-2026-41092
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
775
|
7.8 |
HIGH
Local
|
-
|
-
|
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
New
|
CWE-197
Numeric Truncation Error
|
CVE-2026-40409
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
776
|
7.8 |
HIGH
Local
|
-
|
-
|
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability
New
|
CWE-122
CWE-197
Heap-based Buffer Overflow
Numeric Truncation Error
|
CVE-2026-40404
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
777
|
7.5 |
HIGH
Network
|
-
|
-
|
Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.
New
|
CWE-20
Improper Input Validation
|
CVE-2026-40376
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
778
|
8.8 |
HIGH
Network
|
-
|
-
|
Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 (on-premises) allows an authorized attacker to elevate privileges over a network.
New
|
CWE-280
Improper Handling of Insufficient Permissions or Privileges
|
CVE-2026-40371
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
779
|
- |
|
-
|
-
|
Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-3088
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
780
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Adobe Experience Manager versions 6.5.24, LTS SP1, 2026.04 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this issue by manipulating the D…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-34692
|
2026-06-10 02:17 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
