Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

720 matches found

SUSE CVE
SUSE CVEadded 4 days ago5 views

SUSE CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.2AI score0.00134EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 4 days ago6 views

SUSE CVE-2026-12457

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.2AI score0.00191EPSS
Exploits0References3
OSV
OSVadded 5 days ago3 views

DEBIAN-CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.3AI score0.00134EPSS
Exploits0References1
NVD
NVDadded 5 days ago4 views

CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS0.00134EPSS
Exploits0References2
NVD
NVDadded 5 days ago5 views

CVE-2026-48294

Adobe Acrobat PDF Extension Chrome versions 26.5.2.2 and earlier are affected by a UXSS-class cross-origin data disclosure vulnerability. An attacker could exploit this vulnerability to gain access to data regarding the victim's session. Exploitation of this issue requires user interaction in tha...

8.2CVSS0.00784EPSS
Exploits0References1
Debian CVE
Debian CVEadded 5 days ago3 views

CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.3AI score0.00134EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 5 days ago10 views

PT-2026-50206

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in Extensions allows an attacker to bypass the Same Origin Policy SOP—a security mechanism that restricts how a document or script loaded from one origi...

9.6CVSS5.9AI score0.00522EPSS
Exploits0References40
Cvelist
Cvelistadded 2026/06/11 8:48 p.m.27 views

CVE-2026-12017

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

0.00184EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/06/10 2:31 a.m.5 views

SUSE CVE-2026-11653

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00225EPSS
Exploits0References3
NVD
NVDadded 2026/06/09 12:16 a.m.7 views

CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS0.00163EPSS
Exploits0References2
OSV
OSVadded 2026/06/09 12:16 a.m.5 views

DEBIAN-CVE-2026-11652

Use after free in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00233EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/06/08 11:27 p.m.4 views

CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS5.4AI score0.00163EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.6 views

CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS5.4AI score0.00163EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/06/08 11:27 p.m.6 views

CVE-2026-11653

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00225EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2026/06/07 4:44 a.m.8 views

SUSE CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/06/07 4:42 a.m.4 views

SUSE CVE-2026-11190

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00165EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/06/07 4:42 a.m.6 views

SUSE CVE-2026-11201

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS6AI score0.00206EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2026/06/07 4:41 a.m.6 views

SUSE CVE-2026-11212

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.4AI score0.00137EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/06/05 7:45 p.m.5 views

CVE-2026-31192

Insufficient validation of Chrome extension identifiers in Raindrop.io Bookmark Manager Web App 5.6.76.0 allows attackers to obtain sensitive user data via a crafted request...

6.5CVSS5.5AI score0.00281EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/06/05 7:43 p.m.4 views

CVE-2026-8876

Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data...

7.3CVSS5.3AI score0.00178EPSS
Exploits0References1
Rows per page
Query Builder