CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/06/04 11:4 p.m.•28 views

CVE-2026-10995

0.00079EPSS

Cvelist•added 2026/06/04 11:4 p.m.•25 views

CVE-2026-10989

Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00086EPSS

Vulnrichment•added 2026/06/04 11:4 p.m.•3 views

CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00063EPSS

Vulnrichment•added 2026/06/04 11:4 p.m.•4 views

CVE-2026-10983

Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00087EPSS

CVE•added 2026/06/04 11:4 p.m.•9 views

CVE-2026-10980

CVE-2026-10980 : In Google Chrome, the DevTools component had insufficient validation of untrusted input, allowing a remote attacker who had compromised the renderer process to bypass the same-origin policy via a crafted HTML page. This stems from a Chromium-level input-validation issue and could...

6.5CVSS5.8AI score0.00026EPSS

CVE•added 2026/06/04 11:4 p.m.•12 views

CVE-2026-10968

CVE-2026-10968 affects Google Chrome on Windows, specifically Dawn, with insufficient validation of untrusted input. The underlying issue allows a remote attacker who has compromised theRenderer process to leak cross-origin data through a crafted HTML page. Affected version range is before Chrome...

7.4CVSS5.8AI score0.00036EPSS

8.8CVSS5.5AI score0.00088EPSS

CVE-2026-10955

Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.00118EPSS

CVE-2026-10952

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE•added 2026/06/04 11:3 p.m.•10 views

CVE-2026-10933

CVE-2026-10933 is a use-after-free in Audio in Google Chrome on Windows. The vulnerability could allow a compromised renderer process to escape the sandbox via a crafted HTML page. Affected software is Google Chrome on Windows; the issue is tied to the Audio component and is described as high sev...

8.3CVSS5.8AI score0.00073EPSS

Cvelist•added 2026/06/04 11:3 p.m.•23 views

CVE-2026-10925

Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00109EPSS

CVE•added 2026/06/04 11:3 p.m.•10 views

CVE-2026-10918

CVE-2026-10918 describes a use-after-free in Viz for Google Chrome that could let a renderer-compromised attacker perform a sandbox escape via a crafted HTML page before Chrome 149.0.7827.53. Affected product/version: Google Chrome (Viz), prior to 149.0.7827.53. Root cause: use-after-free in Viz ...

8.3CVSS5.8AI score0.00118EPSS

Cvelist•added 2026/06/04 11:3 p.m.•26 views

CVE-2026-10916

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

0.00062EPSS

8.8CVSS6AI score0.00104EPSS

CVE-2026-10910

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Vulnrichment•added 2026/06/04 11:3 p.m.•4 views

CVE-2026-10908

Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00118EPSS

Vulnrichment•added 2026/06/04 11:3 p.m.•6 views

CVE-2026-10910

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00104EPSS

CVE•added 2026/06/04 11:3 p.m.•9 views

CVE-2026-10906

CVE-2026-10906 : Use-after-free in WebAuthentication of Google Chrome before 149.0.7827.53 allows a remote attacker, user must engage in specific UI gestures, potentially leading to heap corruption via a crafted HTML page. Affected component: WebAuthentication in Chrome/Chromium stack. Root cause...

7.5CVSS5.8AI score0.00145EPSS

CVE•added 2026/06/04 11:3 p.m.•8 views

CVE-2026-10902

CVE-2026-10902 describes a Use-after-Free in Ozone for Google Chrome, affecting Chrome builds prior to 149.0.7827.53. The vulnerability could allow a remote attacker to execute arbitrary code via a crafted HTML page, with a Chromium/Chrome security severity marked as Critical. The public referenc...

8.8CVSS6.2AI score0.00139EPSS

7.5CVSS6AI score0.00139EPSS

CVE-2026-10901

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

Debian CVE•added 2026/06/04 11:3 p.m.•6 views

CVE-2026-10900

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS5.5AI score0.00118EPSS