Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
22971
Total
1632
Critical
7220
High
7324
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-40128 | CRITICAL | 9.0 | SAP NetWeaver Application Server Java (Web Container) allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path … | Jun 09, 2026 |
| CVE-2026-27671 | CRITICAL | 9.8 | Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker … | Jun 09, 2026 |
| CVE-2026-24315 | MEDIUM | 4.2 | SAP Fiori Launchpad allows attackers to craft malicious URLs that triggers arbitrary service calls on the Fiori domain, this when opened by the user could … | Jun 09, 2026 |
| CVE-2026-11701 | MEDIUM | 5.4 | Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium … | Jun 09, 2026 |
| CVE-2026-11700 | HIGH | 8.3 | Use after free in Tracing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Jun 09, 2026 |
| CVE-2026-11699 | HIGH | 8.8 | Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … | Jun 09, 2026 |
| CVE-2026-11698 | HIGH | 8.8 | Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … | Jun 09, 2026 |
| CVE-2026-11697 | CRITICAL | 9.6 | Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a … | Jun 09, 2026 |
| CVE-2026-11696 | MEDIUM | 5.3 | Uninitialized Use in Video in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially … | Jun 09, 2026 |
| CVE-2026-11695 | MEDIUM | 4.3 | Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security … | Jun 09, 2026 |
| CVE-2026-11694 | HIGH | 7.5 | Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to execute arbitrary code … | Jun 09, 2026 |
| CVE-2026-11693 | HIGH | 8.1 | Inappropriate implementation in Plugins in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via … | Jun 09, 2026 |
| CVE-2026-11692 | HIGH | 8.3 | Use after free in Read Anything in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform … | Jun 09, 2026 |
| CVE-2026-11691 | LOW | 3.1 | Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process … | Jun 09, 2026 |
| CVE-2026-11690 | HIGH | 7.5 | Out of bounds read and write in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer … | Jun 09, 2026 |
| CVE-2026-11689 | HIGH | 8.1 | Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation … | Jun 09, 2026 |
| CVE-2026-11688 | HIGH | 8.8 | Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Jun 09, 2026 |
| CVE-2026-11687 | HIGH | 8.8 | Use after free in Dawn in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … | Jun 09, 2026 |
| CVE-2026-11686 | LOW | 3.1 | Insufficient validation of untrusted input in Dawn in Google Chrome on macOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process … | Jun 09, 2026 |
| CVE-2026-11685 | MEDIUM | 4.3 | Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. … | Jun 09, 2026 |
| CVE-2026-11684 | LOW | 3.1 | Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data … | Jun 09, 2026 |
| CVE-2026-11683 | HIGH | 8.8 | Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Jun 09, 2026 |
| CVE-2026-11682 | HIGH | 8.3 | Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform … | Jun 09, 2026 |
| CVE-2026-11681 | HIGH | 8.8 | Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted … | Jun 09, 2026 |
| CVE-2026-11680 | HIGH | 8.8 | Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via … | Jun 09, 2026 |