CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

SUSE CVE-2026-12027

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.3AI score0.00224EPSS

Exploits0References3

EUVD•added 5 days ago•6 views

EUVD-2026-36347

5.5AI score0.00224EPSS

Exploits0References3

Debian CVE•added 6 days ago•5 views

CVE-2026-12027

9.6CVSS5.4AI score0.00224EPSS

Exploits0

Vulnrichment•added 6 days ago•6 views

CVE-2026-12027

5.3AI score0.00224EPSS

Exploits0References2

CVE•added 6 days ago•63 views

CVE-2026-12027

The CVE-2026-12027 entry corresponds to an insecure/incorrect implementation in Google Chrome’s Headless mode prior to 149.0.7827.115, where a renderer-compromised page could trigger a sandbox escape through a crafted HTML page. Affected software is Chrome/Chromium Headless; root cause is an inap...

9.6CVSS5.5AI score0.00224EPSS

Exploits0References2Affected Software1

Positive Technologies•added 6 days ago•7 views

PT-2026-48773

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.115 Description An inappropriate implementation in Headless mode allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page....

9.6CVSS5.3AI score0.00224EPSS

Exploits0References6

SUSE CVE•added 2026/06/07 4:50 a.m.•7 views

SUSE CVE-2026-10928

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00399EPSS

Exploits0References2

Tenable Nessus•added 2026/06/05 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-10928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

8.8CVSS5.9AI score0.00399EPSS

Exploits0References2

OSV•added 2026/06/04 11:16 p.m.•8 views

DEBIAN-CVE-2026-10928

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00399EPSS

Exploits0References1

Cvelist•added 2026/06/04 11:3 p.m.•25 views

CVE-2026-10928

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00399EPSS

Exploits0References2

CVE•added 2026/06/04 11:3 p.m.•8 views

CVE-2026-10928

CVE-2026-10928 affects Google Chrome in headless mode prior to 149.0.7827.53. The issue is described as a script injection via a crafted HTML page that could allow remote code execution. Affected component is the headless browser environment within Chrome/Chromium; root cause is a script-injectio...

8.8CVSS6.2AI score0.00399EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/06/04 11:3 p.m.•6 views

CVE-2026-10928

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00399EPSS

Exploits0

Positive Technologies•added 2026/06/02 12:0 a.m.•8 views

PT-2026-46457

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Script injection in Headless mode allows a remote attacker to execute arbitrary code through a crafted HTML page. Recommendations Update to version 149.0.7827.53 or later...

9.6CVSS6.4AI score0.00865EPSS

Exploits0References434

SUSE CVE•added 2026/05/30 2:15 a.m.•11 views

SUSE CVE-2026-10017

Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00185EPSS

Exploits0References3

EUVD•added 2026/05/29 12:38 a.m.•7 views

EUVD-2026-33159

5.8AI score0.00185EPSS

Exploits0References3

Tenable Nessus•added 2026/05/29 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10017

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perfor...

8.3CVSS5.9AI score0.00185EPSS

Exploits0References2

NVD•added 2026/05/28 11:16 p.m.•5 views

CVE-2026-10017

8.3CVSS0.00185EPSS

Exploits0References2

CVE•added 2026/05/28 10:25 p.m.•16 views

CVE-2026-10017

Summary (CVE-2026-10017) Out-of-bounds read in Chrome/Chromium Headless before 148.0.7778.216. An attacker who already compromised the renderer process could potentially escape the sandbox via a crafted HTML page. The issue affects the Headless component of Chromium and is described with Chromium...

8.3CVSS5.8AI score0.00185EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/28 10:25 p.m.•6 views

CVE-2026-10017

5.8AI score0.00185EPSS

Exploits0References2

Debian CVE•added 2026/05/28 10:25 p.m.•10 views

CVE-2026-10017

8.3CVSS5.8AI score0.00185EPSS

Exploits0

Rows per page