CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/06/04 11:6 p.m.•4 views

CVE-2026-11247

Insufficient policy enforcement in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00177EPSS

Debian CVE•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11226

Insufficient policy enforcement in PreviewTab in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.0015EPSS

Cvelist•added 2026/06/04 11:5 p.m.•28 views

CVE-2026-11226

0.0015EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11226

5.5AI score0.0015EPSS

CVE•added 2026/06/04 11:5 p.m.•12 views

CVE-2026-11226

The CVE affects Google Chrome on Android, where the PreviewTab’s policy enforcement is insufficient. A remote attacker could entice a user to perform specific UI gestures, enabling bypass of the same-origin policy via a crafted HTML page. Affected versions are Chrome for Android prior to 149.0.78...

6.5CVSS5.8AI score0.0015EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•4 views

CVE-2026-11226

5.8AI score0.0015EPSS

CVE•added 2026/06/04 11:5 p.m.•15 views

CVE-2026-11215

CVE-2026-11215 concerns an insecure/incorrect Cronet implementation in Google Chrome on Android prior to version 149.0.7827.53, enabling a remote attacker to spoof a domain via a crafted domain name. The vulnerability arises in Cronet’s domain handling and is described with a Chromium security se...

6.5CVSS5.8AI score0.00158EPSS

Cvelist•added 2026/06/04 11:5 p.m.•27 views

CVE-2026-11215

Inappropriate implementation in Cronet in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Medium...

0.00158EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•4 views

CVE-2026-11215

5.8AI score0.00158EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11215

5.5AI score0.00158EPSS

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11215

6.5CVSS5.5AI score0.00158EPSS

CVE•added 2026/06/04 11:5 p.m.•12 views

CVE-2026-11188

The connected sources confirm CVE-2026-11188 is a use-after-free in the USB handling of Google Chrome on Android, prior to version 149.0.7827.53, enabling a remote attacker to potentially escape the sandbox via a crafted HTML page. Affected software: Google Chrome on Android; vulnerable component...

8.8CVSS5.8AI score0.00234EPSS

Cvelist•added 2026/06/04 11:5 p.m.•28 views

CVE-2026-11188

Use after free in USB in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00234EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•4 views

CVE-2026-11188

5.8AI score0.00234EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11188

5.5AI score0.00234EPSS

Debian CVE•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11188

8.8CVSS5.5AI score0.00234EPSS

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11178

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00152EPSS

Cvelist•added 2026/06/04 11:5 p.m.•28 views

CVE-2026-11178

0.00152EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11178

5.5AI score0.00152EPSS