|
2751
|
8.1 |
HIGH
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. (Chromium…
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11170
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2752
|
6.5 |
MEDIUM
隣接
|
ericsson
|
packet_core_gateway
|
Ericsson Packet Core Gateway (PCG) versions prior to 1.30 contain an Improper Handling of Syntactically Invalid Structure (CWE-228) vulnerability where an attacker continuously sending a specially cr…
|
CWE-228
不正な構文構造の不適切な処理
|
CVE-2026-25657
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2753
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Incorrect security UI in Contact Picker in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Mediu…
|
CWE-451
ユーザインターフェースにおける重要情報の誤った表示
|
CVE-2026-11172
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2754
|
5.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Site Isolation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML p…
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11174
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2755
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Incorrect security UI in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-451
ユーザインターフェースにおける重要情報の誤った表示
|
CVE-2026-11175
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2756
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-346
同一生成元ポリシー違反
|
CVE-2026-11176
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2757
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Use after free in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted…
|
CWE-416
解放済みメモリの使用
|
CVE-2026-11177
|
2026-06-8 23:21 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2758
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity:…
|
CWE-346
同一生成元ポリシー違反
|
CVE-2026-11178
|
2026-06-8 23:20 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2759
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in ORB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-284
不適切なアクセス制御
|
CVE-2026-11179
|
2026-06-8 23:20 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2760
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-200
情報漏えい
|
CVE-2026-11180
|
2026-06-8 23:20 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2761
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary acc…
|
CWE-284
不適切なアクセス制御
|
CVE-2026-11258
|
2026-06-8 23:19 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2762
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity:…
|
CWE-20
不適切な入力確認
|
CVE-2026-11259
|
2026-06-8 23:19 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2763
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: L…
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11260
|
2026-06-8 23:19 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2764
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromiu…
|
CWE-20
不適切な入力確認
|
CVE-2026-11261
|
2026-06-8 23:19 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2765
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11264
|
2026-06-8 23:18 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2766
|
7.5 |
HIGH
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
|
CWE-352
同一生成元ポリシー違反
|
CVE-2026-11265
|
2026-06-8 23:18 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2767
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. (Chromium security severity: Low)
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11266
|
2026-06-8 23:18 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2768
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a…
|
CWE-602
サーバ側のセキュリティのクライアント側での実施
|
CVE-2026-11267
|
2026-06-8 23:18 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2769
|
7.1 |
HIGH
隣接
|
google
|
chrome
|
Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome…
|
CWE-829
信頼性のない制御領域からの機能の組み込み
|
CVE-2026-11269
|
2026-06-8 23:18 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2770
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a craf…
|
CWE-200
情報漏えい
|
CVE-2026-11271
|
2026-06-8 23:17 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2771
|
6.1 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scri…
|
CWE-20
CWE-79
不適切な入力確認
クロスサイト・スクリプティング(XSS)
|
CVE-2026-11273
|
2026-06-8 23:17 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2772
|
5.0 |
MEDIUM
ネットワーク
|
redhat
|
openshift_container_platform
|
A flaw was found in OpenShift Container Platform. Completed pods with restartPolicy: Never do not count toward ResourceQuota pod limits, and Kubernetes events are not quota-scoped. A non-privileged u…
|
CWE-770
制限またはスロットリング無しのリソースの割り当て
|
CVE-2026-10533
|
2026-06-8 23:09 |
2026-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2773
|
4.3 |
MEDIUM
ネットワーク
|
misp
|
misp
|
An authorization flaw existed in the MISP Event Template Importer overwrite workflow. When importing an event template in overwrite mode, the application checked whether a matching template already e…
|
CWE-862
認証の欠如
|
CVE-2026-10855
|
2026-06-8 23:03 |
2026-06-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2774
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a…
|
CWE-284
不適切なアクセス制御
|
CVE-2026-11275
|
2026-06-8 23:00 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2775
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
|
CWE-352
同一生成元ポリシー違反
|
CVE-2026-11270
|
2026-06-8 23:00 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2776
|
8.6 |
HIGH
ネットワーク
|
vertex-app
|
vertex
|
Vertex is a management tool for PT (Private Tracker) users to manage streaming and watching videos. Versions prior to commit fbde301b97986d5913fc4bc95f5445750d282e11 are vulnerable to path traversal.…
|
CWE-22
パス・トラバーサル
|
CVE-2024-40646
|
2026-06-8 22:59 |
2026-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2777
|
6.1 |
MEDIUM
ネットワーク
|
misp
|
misp
|
A URL validation flaw in the MISP dashboard button widget allowed a crafted relative-looking URL to be accepted as a local path while being interpreted by browsers as an external URL. The validation …
|
CWE-601
オープンリダイレクト
|
CVE-2026-10856
|
2026-06-8 22:59 |
2026-06-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2778
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data vi…
|
CWE-693
保護メカニズムの不具合
|
CVE-2026-11263
|
2026-06-8 22:58 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2779
|
7.5 |
HIGH
ネットワーク
|
microsoft
|
copilot_chat
|
Improper neutralization of special elements in output used by a downstream component ('injection') in Copilot Chat (Microsoft Edge) allows an unauthorized attacker to disclose information over a netw…
|
CWE-74
インジェクション
|
CVE-2026-47644
|
2026-06-8 22:57 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2780
|
6.1 |
MEDIUM
ネットワーク
|
misp
|
misp
|
An open redirect vulnerability existed in MISP UsersController::routeafterlogin() because the value stored in the pre_login_requested_url session key was used as the post-login redirect destination w…
|
CWE-601
オープンリダイレクト
|
CVE-2026-10861
|
2026-06-8 22:56 |
2026-06-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2781
|
8.8 |
HIGH
ネットワーク
|
microsoft
|
copilot
|
Improper neutralization of special elements used in a command ('command injection') in Microsoft Copilot allows an authorized attacker to execute code over a network.
|
CWE-77
コマンドインジェクション
|
CVE-2026-45497
|
2026-06-8 22:55 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2782
|
6.5 |
MEDIUM
ネットワーク
|
misp
|
misp
|
A logic error in the MISP CRUD component delete handler allowed validation failures to be bypassed when requests used the HTTP DELETE method. Due to missing parentheses in the delete condition, the e…
|
CWE-863
不正な認証
|
CVE-2026-10860
|
2026-06-8 22:54 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2783
|
7.5 |
HIGH
ネットワーク
|
microsoft
|
copilot
|
Improper neutralization of special elements used in a command ('command injection') in M365 Copilot allows an unauthorized attacker to disclose information over a network.
|
CWE-77
コマンドインジェクション
|
CVE-2026-42824
|
2026-06-8 22:52 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2784
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted H…
|
CWE-20
NVD-CWE-noinfo
不適切な入力確認
|
CVE-2026-11027
|
2026-06-8 22:45 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2785
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Medium)
|
CWE-416
解放済みメモリの使用
|
CVE-2026-11030
|
2026-06-8 22:44 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2786
|
8.8 |
HIGH
ネットワーク
|
7-zip
|
7-zip
|
7-Zip is a file archiver with a high compression ratio. Versions 26.00 and prior contain a heap buffer overflow vulnerability caused by an under-allocation in the NTFS compressed stream buffer (GetCu…
|
CWE-190
CWE-787
整数オーバーフローまたはラップアラウンド
境界外書き込み
|
CVE-2026-48095
|
2026-06-8 22:40 |
2026-06-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2787
|
4.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium securi…
|
CWE-20
NVD-CWE-noinfo
不適切な入力確認
|
CVE-2026-11031
|
2026-06-8 22:40 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2788
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi…
|
CWE-346
同一生成元ポリシー違反
|
CVE-2026-11032
|
2026-06-8 22:39 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2789
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Uninitialized Use in WebML in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium …
|
CWE-457
初期化されていない変数の使用
|
CVE-2026-11033
|
2026-06-8 22:39 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2790
|
6.1 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious netw…
|
CWE-20
不適切な入力確認
|
CVE-2026-11034
|
2026-06-8 22:38 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2791
|
6.1 |
MEDIUM
ネットワーク
|
cisco
|
webex_meetings
|
A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco has addressed this…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2026-20233
|
2026-06-8 22:36 |
2026-06-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2792
|
8.1 |
HIGH
ネットワーク
|
misp
|
misp
|
A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user…
|
CWE-20
不適切な入力確認
|
CVE-2026-10863
|
2026-06-8 22:35 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2793
|
7.3 |
HIGH
ローカル
|
google
|
chrome
|
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. (Chromium security seve…
|
CWE-20
NVD-CWE-noinfo
不適切な入力確認
|
CVE-2026-11035
|
2026-06-8 22:34 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2794
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-346
同一生成元ポリシー違反
|
CVE-2026-11036
|
2026-06-8 22:34 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2795
|
6.5 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
|
CWE-457
初期化されていない変数の使用
|
CVE-2026-11039
|
2026-06-8 22:31 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2796
|
8.8 |
HIGH
ネットワーク
|
google
|
chrome
|
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
|
CWE-20
NVD-CWE-noinfo
不適切な入力確認
|
CVE-2026-11041
|
2026-06-8 22:31 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2797
|
9.6 |
CRITICAL
ネットワーク
|
google
|
chrome
|
Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
|
CWE-787
境界外書き込み
|
CVE-2026-11043
|
2026-06-8 22:29 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2798
|
5.3 |
MEDIUM
ネットワーク
|
google
|
chrome
|
Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proces…
|
CWE-190
CWE-125
CWE-787
整数オーバーフローまたはラップアラウンド
境界外読み取り
境界外書き込み
|
CVE-2026-10999
|
2026-06-8 22:16 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2799
|
9.1 |
CRITICAL
ネットワーク
|
apache
|
fory
|
Deserialization of Untrusted Data in the Java replace-resolve path in Apache Fory fory-core Java SDK before 1.1.0 on Java/JVM platforms allows a remote attacker to bypass class registration, TypeChec…
|
CWE-502
信頼性のないデータのデシリアライゼーション
|
CVE-2026-50076
|
2026-06-8 22:00 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2800
|
4.3 |
MEDIUM
ネットワーク
|
misp
|
misp
|
A vulnerability in the MISP dashboard widgets allowed an authenticated user to manipulate the fields option and influence which fields were returned by the New Users and New Organisations widgets. In…
|
CWE-200
情報漏えい
|
CVE-2026-10864
|
2026-06-8 21:59 |
2026-06-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
