CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/04 11:4 p.m.•9 views

CVE-2026-11018

CVE-2026-11018 affects Google Chrome (Chromium-based). The issue is described as insufficient policy enforcement in the Actor component, enabling a remote attacker to bypass navigation restrictions via a crafted HTML page. Impact is described as allow bypass of navigation restrictions; no other e...

6.5CVSS5.8AI score0.00272EPSS

Debian CVE•added 2026/06/04 11:4 p.m.•5 views

CVE-2026-11017

Inappropriate implementation in Link Preview in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00262EPSS

Cvelist•added 2026/06/04 11:4 p.m.•25 views

CVE-2026-11009

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00316EPSS

Vulnrichment•added 2026/06/04 11:4 p.m.•3 views

CVE-2026-11009

5.5AI score0.00316EPSS

Cvelist•added 2026/06/04 11:4 p.m.•26 views

CVE-2026-11006

Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

0.00299EPSS

Cvelist•added 2026/06/04 11:4 p.m.•28 views

CVE-2026-10996

Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

0.00255EPSS

Vulnrichment•added 2026/06/04 11:4 p.m.•5 views

CVE-2026-10996

Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00255EPSS

Cvelist•added 2026/06/04 11:4 p.m.•29 views

CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

0.00227EPSS

Debian CVE•added 2026/06/04 11:3 p.m.•5 views

CVE-2026-10960

Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00283EPSS

Cvelist•added 2026/06/04 11:3 p.m.•26 views

CVE-2026-10960

0.00283EPSS

Vulnrichment•added 2026/06/04 11:3 p.m.•4 views

CVE-2026-10948

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00479EPSS

CVE•added 2026/06/04 11:3 p.m.•11 views

CVE-2026-10946

CVE-2026-10946 is a heap-buffer-overflow in Chrome's Media stack, fixed in Chrome 149.0.7827.53. The vulnerability could allow remote code execution inside a sandbox when a user is convinced to perform specific UI gestures on a crafted HTML page. Affected product: Google Chrome (pre-149.0.7827.53...

7.5CVSS6.4AI score0.00364EPSS

Vulnrichment•added 2026/06/04 11:3 p.m.•3 views

CVE-2026-10944

Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00299EPSS

CVE•added 2026/06/04 11:3 p.m.•7 views

CVE-2026-10930

CVE-2026-10930 describes an out-of-bounds read in ANGLE used by Google Chrome on macOS, exploitable via a crafted HTML page. The issue affects Chrome on Mac prior to version 149.0.7827.53, with the underlying cause being an out-of-bounds memory read in ANGLE. The vulnerability is rated high sever...

8.1CVSS5.8AI score0.00308EPSS

CVE•added 2026/06/04 11:3 p.m.•8 views

CVE-2026-10928

CVE-2026-10928 affects Google Chrome in headless mode prior to 149.0.7827.53. The issue is described as a script injection via a crafted HTML page that could allow remote code execution. Affected component is the headless browser environment within Chrome/Chromium; root cause is a script-injectio...

8.8CVSS6.2AI score0.00399EPSS

Debian CVE•added 2026/06/04 11:3 p.m.•6 views

CVE-2026-10907

Out of bounds write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00316EPSS

Debian CVE•added 2026/06/04 11:3 p.m.•6 views

CVE-2026-10904

Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00399EPSS

Vulnrichment•added 2026/06/04 11:3 p.m.•7 views

CVE-2026-10900

Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

5.8AI score0.00278EPSS