Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

106912 matches found

CVE
CVEadded 2026/06/04 11:5 p.m.11 views

CVE-2026-11169

The CVE-2026-11169 issue affects Google Chrome (Chromium-based) and is described as an inappropriate XML implementation that enables UXSS via a crafted XML file. Affected software is Chrome prior to version 149.0.7827.53. The underlying cause is an improper XML handling path within Chrome/Chromiu...

8.1CVSS6AI score0.00211EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

8.1CVSS5.6AI score0.00211EPSS
Exploits0
CVE
CVEadded 2026/06/04 11:5 p.m.10 views

CVE-2026-11166

CVE-2026-11166 concerns an Inappropriate implementation in SVG in Google Chrome (Chromium) prior to 149.0.7827.53. The vulnerability allows a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. Affected software is Google Chrome’s SVG handling in the Chromium stack...

6.8CVSS6AI score0.00205EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:5 p.m.5 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00205EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.5 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.6AI score0.00205EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS5.6AI score0.00205EPSS
Exploits0
CVE
CVEadded 2026/06/04 11:5 p.m.8 views

CVE-2026-11158

Google Chrome on macOS is affected by CVE-2026-11158 due to insufficient validation of untrusted input in Downloads. A local attacker could potentially escape the sandbox via a crafted AppleScript command, with the issue present in versions prior to 149.0.7827.53. The vulnerability, described as ...

8.6CVSS5.8AI score0.00083EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

5.4AI score0.00083EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/06/04 11:5 p.m.25 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

0.00083EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.7 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

8.6CVSS5.4AI score0.00083EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/04 11:5 p.m.25 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

0.00121EPSS
Exploits0References2
CVE
CVEadded 2026/06/04 11:5 p.m.9 views

CVE-2026-11157

Summary: CVE-2026-11157 is a UXSS vulnerability in Google Chrome’s Accessibility feature exploitable via a crafted Chrome Extension. The issue occurs in Chrome builds prior to 149.0.7827.53 and could allow an attacker, by convincing a user to install a malicious extension, to inject arbitrary scr...

5.4CVSS5.9AI score0.00121EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.4 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.5AI score0.00121EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:5 p.m.4 views

CVE-2026-11150

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00159EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/06/04 11:5 p.m.26 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00159EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.5 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00159EPSS
Exploits0
CVE
CVEadded 2026/06/04 11:4 p.m.10 views

CVE-2026-11062

CVE-2026-11062 affects Google Chrome extensions: insufficient policy enforcement in Extensions allows an attacker to inject scripts/HTML into a privileged page when a user installs a crafted malicious extension. Impact is partial integrity compromise of privileged pages; exploit not confirmed in ...

4.3CVSS5.8AI score0.00134EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/06/04 11:4 p.m.26 views

CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

0.00134EPSS
Exploits0References2
CVE
CVEadded 2026/06/04 11:4 p.m.11 views

CVE-2026-11034

The CVE-2026-11034 entry affects Google Chrome on Android, specifically the Tab Group Sync feature. The issue is insufficient validation of untrusted input, allowing a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. Affects Chrome versions before 149.0.78...

6.1CVSS6AI score0.00177EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:4 p.m.4 views

CVE-2026-11034

Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

5.6AI score0.00177EPSS
Exploits0References2
Rows per page
Query Builder