Loading market data...

CVE Feed

Latest vulnerabilities from the National Vulnerability Database.

23287
Total
1655
Critical
7324
High
7394
Medium
CVE ID Severity Score Description Published
CVE-2026-11645 HIGH 8.8 Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox … Jun 09, 2026
CVE-2026-11644 HIGH 7.5 Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension … Jun 09, 2026
CVE-2026-11643 HIGH 8.1 Use after free in Proxy in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security … Jun 09, 2026
CVE-2026-11642 HIGH 8.3 Use after free in Web Apps in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform … Jun 09, 2026
CVE-2026-11641 HIGH 7.5 Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific … Jun 09, 2026
CVE-2026-11640 HIGH 8.3 Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox … Jun 09, 2026
CVE-2026-11639 HIGH 7.5 Use after free in Compositing in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML … Jun 09, 2026
CVE-2026-11638 CRITICAL 9.6 Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML … Jun 09, 2026
CVE-2026-11637 HIGH 8.8 Use after free in Views in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML … Jun 09, 2026
CVE-2026-11636 HIGH 7.5 Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific … Jun 09, 2026
CVE-2026-11635 HIGH 8.3 Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially … Jun 09, 2026
CVE-2026-11634 CRITICAL 9.6 Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a … Jun 09, 2026
CVE-2026-11633 HIGH 8.8 Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. … Jun 09, 2026
CVE-2026-11632 HIGH 7.5 Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures … Jun 09, 2026
CVE-2026-11631 HIGH 8.3 Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially … Jun 09, 2026
CVE-2026-11630 HIGH 8.8 Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML … Jun 09, 2026
CVE-2026-11629 HIGH 8.8 Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … Jun 09, 2026
CVE-2026-11628 MEDIUM 6.8 Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a local attacker to potentially exploit heap corruption via physical access to the … Jun 09, 2026
CVE-2026-9669 UNKNOWN bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could … Jun 08, 2026
CVE-2026-44541 UNKNOWN Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fides_description … Jun 08, 2026
CVE-2026-40215 UNKNOWN A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory … Jun 08, 2026
CVE-2026-11585 MEDIUM 6.3 A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument … Jun 08, 2026
CVE-2026-49141 HIGH 7.1 WACRM prior to commit 73041bf contain an authorization bypass vulnerability in the automation engine that allows authenticated attackers to access and modify contacts belonging to … Jun 08, 2026
CVE-2026-47345 UNKNOWN Namespace attributes are not encoded correctly during HTML serialization. This allows bypassing the cross-site scripting prevention mechanism of typo3/html-sanitizer before version 2.3.2. Jun 08, 2026
CVE-2026-47344 UNKNOWN When ALLOW_INSECURE_RAW_TEXT is enabled, whitespace-variant closing tags (e.g., </style\t>) are not recognized by the sanitizer but accepted by browsers as valid end tags, allowing subsequent … Jun 08, 2026