Common Vulnerabilities and Exposures (CVE)

CVE-2026-11069

Jun 5, 2026 16:55:10 UTC

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

CVE-2026-45291

Jun 5, 2026 16:52:44 UTC

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR3-20260418.124334-32` impacts publicly accessible software depending on the affected versions of Network and allow...

CVE-2026-11070

Jun 5, 2026 16:52:25 UTC

Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via malicious network traf...

CVE-2026-36501

Jun 5, 2026 16:52:15 UTC

An issue in the Externalizable.readExternal() component of Controller v12.0.5 allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE-2026-11071

Jun 5, 2026 16:51:42 UTC

Use after free in Base in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium se...

CVE-2026-45290

Jun 5, 2026 16:51:12 UTC

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to `1.0.0.CR3-20260417.085727-30` impacts publicly accessible software depending on the affected versions of Network and allow...

CVE-2026-11177

Jun 5, 2026 16:51:11 UTC

Use after free in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: ...

CVE-2026-37460

Jun 5, 2026 16:50:29 UTC

Missing input validation in the rfapiRibBi2Ri() function (rfapi_rib.c) of FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.

CVE-2026-11085

Jun 5, 2026 16:49:56 UTC

Integer overflow in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium)

CVE-2026-38978

Jun 5, 2026 16:49:43 UTC

transmission through 4.1.1 was found to have a clickjacking weakness in the browser-facing WebUI and RPC response paths.

CVE-2026-11072

Jun 5, 2026 16:47:51 UTC

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: Medium)

CVE-2026-11073

Jun 5, 2026 16:47:39 UTC

Use after free in WebGL in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

CVE-2026-11075

Jun 5, 2026 16:47:31 UTC

Out of bounds read in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

CVE-2026-11078

Jun 5, 2026 16:46:40 UTC

Inappropriate implementation in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

CVE-2026-11079

Jun 5, 2026 16:46:30 UTC

Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory write via a crafted video file. (Chromium security severity: Medium)