CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 3 days ago•6 views

PT-2026-47476

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6AI score0.00128EPSS

Positive Technologies•added 3 days ago•5 views

PT-2026-47467

Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00128EPSS

Positive Technologies•added 3 days ago•5 views

PT-2026-47499

Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0008EPSS

GithubExploit•added 4 days ago•49 views

Exploit for OS Command Injection in Redhat Openshift_Container_Platform

🚨 CVE-2026-4480 - Critical Remote Code Execution in Samba Prin...

9.8CVSS6.4AI score0.00389EPSS

Exploits5

GithubExploit•added 4 days ago•56 views

Exploit for Use After Free in Redis

redis-server from 7.2.0 until 8.6.3, the Remote Code Execution...

8.8CVSS6.3AI score0.00119EPSS

Exploits3

RedhatCVE•added 4 days ago•11 views

CVE-2026-4944

vllm-project/vllm version 0.14.1 contains a vulnerability where the trustremotecode=True parameter is hardcoded in two model implementation files vllm/modelexecutor/models/nemotronvl.py and vllm/modelexecutor/models/kimik25.py. This bypasses the user's explicit --trust-remote-code=False setting,...

8.8CVSS8.3AI score0.00097EPSS

Exploits0References1

Debian•added 4 days ago•6 views

[SECURITY] [DSA 6326-1] nginx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6326-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 07, 2026 https://www.debian.org/security/faq -...

9.2CVSS6.3AI score0.00076EPSS

Exploits3

GithubExploit•added 4 days ago•55 views

write-up

Prototype Pollution in JavaScript: The Complete Bug Bounty Hun...

6.3AI score

Exploits0

GithubExploit•added 4 days ago•50 views

Exploit for SQL Injection in Drupal

CVE-2026-9082 Unauthenticated SQL injection in Drupal Core on...

9.8CVSS6.9AI score0.10403EPSS

Exploits11

RedhatCVE•added 4 days ago•11 views

CVE-2026-7537

The MDJM Event Management plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7.8.3 via the mdjmsendcommemail function. This is due to no file type, extension, or MIME type validation being performed on uploaded files. This makes it possible for...

7.2CVSS6.3AI score0.00358EPSS

Exploits1References1

SUSE CVE•added 4 days ago•8 views

SUSE CVE-2026-10882

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE•added 4 days ago•7 views

SUSE CVE-2026-10885

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE•added 4 days ago•6 views

SUSE CVE-2026-10887

Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.1CVSS6AI score0.00336EPSS

SUSE CVE-2026-10893

Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

SUSE CVE-2026-10895

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-10896

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE•added 4 days ago•4 views

SUSE CVE-2026-10901

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00139EPSS

SUSE CVE-2026-10902

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...