CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

90009 matches found

Vulnrichment•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11167

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00234EPSS

Exploits0References2

Cvelist•added 2026/06/04 11:5 p.m.•28 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00205EPSS

Exploits0References2

Debian CVE•added 2026/06/04 11:5 p.m.•7 views

CVE-2026-11166

6.8CVSS5.6AI score0.00205EPSS

Exploits0

Debian CVE•added 2026/06/04 11:5 p.m.•9 views

CVE-2026-11167

9.6CVSS5.5AI score0.00234EPSS

Exploits0

CVE•added 2026/06/04 11:5 p.m.•16 views

CVE-2026-11164

CVE-2026-11164 describes a use-after-free in Blink of Google Chrome before 149.0.7827.53, enabling a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. The connected documents confirm the component (Blink), impact (remote code execution in sandbox), and affected...

8.8CVSS6.2AI score0.0028EPSS

Exploits0References2Affected Software1

CVE•added 2026/06/04 11:5 p.m.•13 views

CVE-2026-11165

CVE-2026-11165 describes a use-after-free in WebMIDI for Google Chrome on iOS, prior to version 149.0.7827.53. The vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. The description also notes Chromium security severity as Medium and shows...

9.6CVSS5.8AI score0.00234EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/06/04 11:5 p.m.•27 views

CVE-2026-11165

Use after free in WebMIDI in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00234EPSS

Exploits0References2

Vulnrichment•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11163

Use after free in Messages in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00234EPSS

Exploits0References2

Vulnrichment•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11165

5.5AI score0.00234EPSS

Exploits0References2

Cvelist•added 2026/06/04 11:5 p.m.•29 views

CVE-2026-11164

Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.0028EPSS

Exploits0References2

Debian CVE•added 2026/06/04 11:5 p.m.•9 views

CVE-2026-11165

9.6CVSS5.5AI score0.00234EPSS

Exploits0

Debian CVE•added 2026/06/04 11:5 p.m.•8 views

CVE-2026-11164

Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.0028EPSS

Exploits0

CVE•added 2026/06/04 11:5 p.m.•17 views

CVE-2026-11161

CVE-2026-11161 affects Google Chrome due to an inappropriate implementation in DataTransfer. A crafted HTML page can leak cross-origin data, as described for Chrome versions prior to 149.0.7827.53. The described impact is a cross-origin data leak with Medium severity. The fix is to update to Chro...

4.3CVSS5.8AI score0.00152EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/06/04 11:5 p.m.•28 views

CVE-2026-11161

Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00152EPSS

Exploits0References2

Vulnrichment•added 2026/06/04 11:5 p.m.•7 views

CVE-2026-11162

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00187EPSS

Exploits0References2

Cvelist•added 2026/06/04 11:5 p.m.•27 views

CVE-2026-11162

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00187EPSS

Exploits0References2

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11161

Inappropriate implementation in DataTransfer in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00152EPSS

Exploits0

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11162

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00187EPSS

Exploits0

ATTACKERKB•added 2026/06/04 11:5 p.m.•4 views

CVE-2026-11160

Out of bounds read in Input in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00229EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11159

Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00204EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by