|
1
|
4.7 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted H…
Update
|
CWE-20
不適切な入力確認
|
CVE-2026-11233
|
2026-06-10 03:58 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
Update
|
CWE-451
ユーザインターフェースにおける重要情報の誤った表示
|
CVE-2026-11294
|
2026-06-10 03:55 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pag…
Update
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11234
|
2026-06-10 03:54 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
7.5 |
HIGH
ネットワーク
|
google
|
chrome
|
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a…
Update
|
CWE-122
ヒープオーバーフロー
|
CVE-2026-10946
|
2026-06-10 03:53 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Update
|
CWE-416
解放済みメモリの使用
|
CVE-2026-10947
|
2026-06-10 03:53 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Update
|
CWE-416
解放済みメモリの使用
|
CVE-2026-10948
|
2026-06-10 03:52 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
8.3 |
HIGH
ネットワーク
|
google
|
chrome
|
Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
Update
|
CWE-122
ヒープオーバーフロー
|
CVE-2026-10949
|
2026-06-10 03:52 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
Update
|
CWE-416
解放済みメモリの使用
|
CVE-2026-10954
|
2026-06-10 03:49 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
Update
|
CWE-416
解放済みメモリの使用
|
CVE-2026-10956
|
2026-06-10 03:48 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
6.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Media Session in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medi…
Update
|
CWE-346
同一生成元ポリシー違反
|
CVE-2026-11181
|
2026-06-10 03:47 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
11
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox vi…
Update
|
CWE-20
不適切な入力確認
|
CVE-2026-11235
|
2026-06-10 03:44 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
12
|
8.3 |
HIGH
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in Web Bluetooth in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via…
Update
|
CWE-602
サーバ側のセキュリティのクライアント側での実施
|
CVE-2026-11236
|
2026-06-10 03:42 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
13
|
8.3 |
HIGH
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTM…
Update
|
CWE-20
不適切な入力確認
|
CVE-2026-11237
|
2026-06-10 03:41 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
14
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
Update
|
CWE-457
初期化されていない変数の使用
|
CVE-2026-11268
|
2026-06-10 03:38 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
15
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform p…
Update
|
CWE-20
不適切な入力確認
|
CVE-2026-11272
|
2026-06-10 03:34 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
16
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security se…
Update
|
CWE-284
不適切なアクセス制御
|
CVE-2026-11274
|
2026-06-10 03:32 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
17
|
9.3 |
CRITICAL
ネットワーク
|
checkpoint
|
gaia_os
gaia_embedded
|
A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish …
New
|
CWE-287
不適切な認証
|
CVE-2026-50751
|
2026-06-10 03:30 |
2026-06-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
18
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium se…
Update
|
CWE-284
不適切なアクセス制御
|
CVE-2026-11277
|
2026-06-10 03:26 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
19
|
5.8 |
MEDIUM
ネットワーク
|
-
|
-
|
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN (Virtual Extensible LAN), decap-groups, or a GRE (Generic Routing Encapsulation) tunnel interface—is …
Update
|
CWE-1023
要素の欠如による不完全な比較
|
CVE-2026-7473
|
2026-06-10 03:17 |
2026-06-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
20
|
8.8 |
HIGH
ネットワーク
|
-
|
-
|
The RemoteControl API methods invite_participants and remind_participants pass a caller-supplied token-ID array into TokenDynamic::findUninvited(), which concatenates the values directly into a tid I…
New
|
CWE-89
SQLインジェクション
|
CVE-2026-50636
|
2026-06-10 03:17 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
21
|
8.8 |
HIGH
ネットワーク
|
-
|
-
|
LimeSurvey constructs account password-reset links from the client-supplied HTTP Host header without validating it. The optional allowedHosts allowlist that would constrain this is undefined in the d…
New
|
CWE-640
パスワードを忘れた場合の脆弱なパスワードリカバリの仕組み
|
CVE-2026-50635
|
2026-06-10 03:17 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
22
|
7.8 |
HIGH
ローカル
|
-
|
-
|
Missing authentication for critical function in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
New
|
CWE-306
重要な機能に対する認証の欠如 解説
|
CVE-2026-50512
|
2026-06-10 03:17 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
23
|
7.8 |
HIGH
ローカル
|
-
|
-
|
Improper link resolution before file access ('link following') in Microsoft PC Manager allows an authorized attacker to elevate privileges locally.
New
|
CWE-59
リンク解釈の問題
|
CVE-2026-50511
|
2026-06-10 03:17 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
24
|
6.5 |
MEDIUM
ネットワーク
|
-
|
-
|
Hermes WebUI before version 0.51.269 contains a profile isolation bypass vulnerability that allows authenticated users to access data belonging to other profiles by querying the session search endpoi…
New
|
CWE-862
認証の欠如
|
CVE-2026-49956
|
2026-06-10 03:17 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
25
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …
New
|
CWE-787
境界外書き込み
|
CVE-2026-48293
|
2026-06-10 03:17 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
26
|
8.1 |
HIGH
ネットワーク
|
-
|
-
|
Improper authorization in Microsoft Exchange Server allows an authorized attacker to disclose information over a network.
New
|
CWE-285
不適切な認可
|
CVE-2026-45503
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
27
|
6.5 |
MEDIUM
ネットワーク
|
-
|
-
|
Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to perform spoofing over a network.
New
|
CWE-918
サーバサイドリクエストフォージェリ
|
CVE-2026-45501
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
28
|
6.3 |
MEDIUM
ローカル
|
-
|
-
|
Dell/Alienware Purchased Apps, versions prior to 1.1.32.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could p…
New
|
CWE-59
リンク解釈の問題
|
CVE-2026-44275
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
29
|
6.3 |
MEDIUM
ローカル
|
-
|
-
|
Dell Inventory Collector Client, versions prior to 13.8.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could p…
New
|
CWE-1386
Windows ジャンクション / マウントポイントの安全でない操作
|
CVE-2026-41116
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
30
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InCopy versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of …
New
|
CWE-121
スタックオーバーフロー
|
CVE-2026-34708
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
31
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InCopy versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t…
New
|
CWE-122
ヒープオーバーフロー
|
CVE-2026-34707
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
32
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InCopy versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this is…
New
|
CWE-787
境界外書き込み
|
CVE-2026-34706
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
33
|
5.5 |
MEDIUM
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability…
New
|
CWE-125
境界外読み取り
|
CVE-2026-34705
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
34
|
5.5 |
MEDIUM
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulne…
New
|
CWE-476
NULL ポインタデリファレンス
|
CVE-2026-34704
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
35
|
5.5 |
MEDIUM
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulne…
New
|
CWE-476
NULL ポインタデリファレンス
|
CVE-2026-34703
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
36
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploi…
New
|
CWE-121
スタックオーバーフロー
|
CVE-2026-34702
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
37
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
New
|
CWE-122
ヒープオーバーフロー
|
CVE-2026-34701
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
38
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation …
New
|
CWE-787
境界外書き込み
|
CVE-2026-34700
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
39
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
New
|
CWE-122
ヒープオーバーフロー
|
CVE-2026-34699
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
40
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploit…
New
|
CWE-122
ヒープオーバーフロー
|
CVE-2026-34698
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
41
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploi…
New
|
CWE-121
スタックオーバーフロー
|
CVE-2026-34697
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
42
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of thi…
New
|
CWE-416
解放済みメモリの使用
|
CVE-2026-34696
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
43
|
7.8 |
HIGH
ローカル
|
-
|
-
|
InDesign Desktop versions 21.3, 20.5.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploi…
New
|
CWE-121
スタックオーバーフロー
|
CVE-2026-34695
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
44
|
5.9 |
MEDIUM
ネットワーク
|
-
|
-
|
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a high-privileged attacker to injec…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2026-34694
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
45
|
8.0 |
HIGH
ネットワーク
|
-
|
-
|
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. An attacker could exploit this vulnerability to inject …
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2026-34693
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
46
|
9.3 |
CRITICAL
ネットワーク
|
-
|
-
|
Adobe Experience Manager Forms JEE versions LTS SP1, 6.5.24.0 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scr…
New
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2026-34691
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
47
|
- |
-
|
-
|
-
|
Unrestricted resource allocation in AMD uProf may be exploitable to consume excessive system resources, potentially leading to a loss of availability.
New
|
CWE-770
制限またはスロットリング無しのリソースの割り当て
|
CVE-2026-28237
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
48
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: …
New
|
CWE-125
CWE-787
境界外読み取り
境界外書き込み
|
CVE-2026-11645
|
2026-06-10 03:16 |
2026-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
49
|
- |
-
|
-
|
-
|
Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service.
New
|
CWE-497
認可されていない制御領域への重要情報の漏えい
|
CVE-2026-0466
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
50
|
- |
-
|
-
|
-
|
Improper access control for register interface in the input-output memory management unit (IOMMU) could allow a privileged attacker to cause non-coherent accesses by the AMD secure processor (ASP) po…
New
|
CWE-1262
レジスタインターフェイスの不適切なアクセス制御
|
CVE-2025-54509
|
2026-06-10 03:16 |
2026-06-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
