Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

22971
Total
1632
Critical
7220
High
7324
Medium
CVE ID Severity Score Description Published
CVE-2026-40128 CRITICAL 9.0 SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path … Jun 09, 2026
CVE-2026-27671 CRITICAL 9.8 Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker … Jun 09, 2026
CVE-2026-24315 MEDIUM 4.2 SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could … Jun 09, 2026
CVE-2026-11701 MEDIUM 5.4 Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium … Jun 09, 2026
CVE-2026-11700 HIGH 8.3 Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a … Jun 09, 2026
CVE-2026-11699 HIGH 8.8 Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … Jun 09, 2026
CVE-2026-11698 HIGH 8.8 Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … Jun 09, 2026
CVE-2026-11697 CRITICAL 9.6 Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a … Jun 09, 2026
CVE-2026-11696 MEDIUM 5.3 Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially … Jun 09, 2026
CVE-2026-11695 MEDIUM 4.3 Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security … Jun 09, 2026
CVE-2026-11694 HIGH 7.5 Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code … Jun 09, 2026
CVE-2026-11693 HIGH 8.1 Inappropriate implementation in Plugins in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via … Jun 09, 2026
CVE-2026-11692 HIGH 8.3 Use after free in Read Anything in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform … Jun 09, 2026
CVE-2026-11691 LOW 3.1 Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process … Jun 09, 2026
CVE-2026-11690 HIGH 7.5 Out of bounds read and write in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer … Jun 09, 2026
CVE-2026-11689 HIGH 8.1 Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation … Jun 09, 2026
CVE-2026-11688 HIGH 8.8 Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … Jun 09, 2026
CVE-2026-11687 HIGH 8.8 Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … Jun 09, 2026
CVE-2026-11686 LOW 3.1 Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process … Jun 09, 2026
CVE-2026-11685 MEDIUM 4.3 Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. … Jun 09, 2026
CVE-2026-11684 LOW 3.1 Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data … Jun 09, 2026
CVE-2026-11683 HIGH 8.8 Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … Jun 09, 2026
CVE-2026-11682 HIGH 8.3 Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform … Jun 09, 2026
CVE-2026-11681 HIGH 8.8 Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … Jun 09, 2026
CVE-2026-11680 HIGH 8.8 Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via … Jun 09, 2026