CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•4 views

CVE-2026-3773

The Accessibility Suite by Ability, Inc plugin for WordPress is vulnerable to SQL Injection via the 'scanid' parameter in all versions up to, and including, 4.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

6.5CVSS5.7AI score0.00012EPSS

RedhatCVE•added yesterday•2 views

CVE-2026-9015

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS5.5AI score0.00046EPSS

Microsoft CVE•added yesterday•2 views

Chromium: CVE-2026-11157 Script injection in Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS5.4AI score0.00013EPSS

Nuclei•added yesterday•20 views

WordPress Accessibility Helper <0.6.0.7 - Cross-Site Scripting

WordPress Accessibility Helper plugin before 0.6.0.7 contains a cross-site scripting vulnerability. It does not sanitize and escape the wahi parameter before outputting back its base64 decode value in the page. id: CVE-2022-0150 info: name: WordPress Accessibility Helper 0.6.0.7 - Cross-Site...

6.1CVSS6AI score0.0113EPSS

Exploits2References4

EUVD•added yesterday•3 views

EUVD-2026-34618

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.9AI score0.00013EPSS

Exploits0References3

EUVD•added yesterday•4 views

EUVD-2026-34433

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00035EPSS

Exploits0References3

Redos•added yesterday•2 views

ROS-20260605-73-0055

The vulnerability of the XPCOM component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

9.6CVSS5.5AI score0.0002EPSS

NVD•added 2 days ago•2 views

CVE-2026-11157

5.4CVSS0.00013EPSS

OSV•added 2 days ago•3 views

DEBIAN-CVE-2026-10984

5.4CVSS5.5AI score0.00035EPSS

NVD•added 2 days ago•3 views

CVE-2026-10984

5.4CVSS0.00035EPSS

Debian CVE•added 2 days ago•2 views

CVE-2026-11157

5.4CVSS5.5AI score0.00013EPSS

Cvelist•added 2 days ago•21 views

CVE-2026-11157

0.00013EPSS

Vulnrichment•added 2 days ago•3 views

CVE-2026-11157

5.5AI score0.00013EPSS

ATTACKERKB•added 2 days ago•4 views

CVE-2026-11157

5.9AI score0.00013EPSS

Exploits0References3Affected Software1

CVE•added 2 days ago•6 views

CVE-2026-10984

Summary: CVE-2026-10984 affects Google Chrome on Android due to an inappropriate Accessibility implementation, enabling UI spoofing via a crafted HTML page. The issue lies in older Android builds before 149.0.7827.53; upgrading to 149.0.7827.53 or later mitigates the vulnerability. The vulnerabil...

5.4CVSS5.8AI score0.00035EPSS

Exploits0References2Affected Software1

Debian CVE•added 2 days ago•3 views

CVE-2026-10984

5.4CVSS5.5AI score0.00035EPSS

Vulnrichment•added 2 days ago•2 views

CVE-2026-10984

5.5AI score0.00035EPSS