CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1990 matches found

SUSE CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.2AI score0.00134EPSS

Exploits0References3

EUVD•added 4 days ago•7 views

EUVD-2026-37541

4.2CVSS5.3AI score0.00134EPSS

Exploits0References3

EUVD•added 4 days ago•7 views

EUVD-2026-37530

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS5.4AI score0.00198EPSS

Exploits0References3

NVD•added 4 days ago•4 views

CVE-2026-12456

4.2CVSS0.00134EPSS

Exploits0References2

OSV•added 4 days ago•4 views

DEBIAN-CVE-2026-12445

7.5CVSS5.4AI score0.00198EPSS

Exploits0References1

NVD•added 4 days ago•4 views

CVE-2026-12445

7.5CVSS0.00198EPSS

Exploits0References2

Debian CVE•added 4 days ago•3 views

CVE-2026-12456

4.2CVSS5.3AI score0.00134EPSS

Exploits0

CVE•added 4 days ago•13 views

CVE-2026-12445

CVE-2026-12445 : A use-after-free in Google Chrome extensions handling leads to potential heap corruption when a user is persuaded to install a malicious extension. Affected product: Google Chrome (Extensions component). Root cause: use-after-free in the Extensions code path, enabling memory corr...

7.5CVSS5.4AI score0.00198EPSS

Exploits0References2Affected Software1

Debian CVE•added 4 days ago•3 views

CVE-2026-12445

7.5CVSS5.5AI score0.00198EPSS

Exploits0

Positive Technologies•added 4 days ago•9 views

PT-2026-50195

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in Extensions allows an attacker who convinces a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Use...

7.5CVSS5.8AI score0.00198EPSS

Exploits0References6

Metasploit•added 2026/06/11 7:0 p.m.•101 views

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

5.6AI score

Exploits0

Packet Storm News•added 2026/06/11 12:0 a.m.•8 views

VS Code Extension Persistence

This Metasploit module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested...

5.5AI score

Exploits0

SUSE CVE•added 2026/06/10 2:31 a.m.•4 views

SUSE CVE-2026-11644

Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

7.5CVSS6AI score0.00195EPSS

Exploits0References3

SUSE CVE•added 2026/06/10 2:31 a.m.•5 views

SUSE CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS5.4AI score0.00163EPSS

Exploits0References3

EUVD•added 2026/06/09 12:33 a.m.•5 views

EUVD-2026-35256

8.3CVSS5.4AI score0.00163EPSS

Exploits0References3

OSV•added 2026/06/09 12:16 a.m.•3 views

DEBIAN-CVE-2026-11656

8.3CVSS5.4AI score0.00163EPSS

Exploits0References1

OSV•added 2026/06/09 12:16 a.m.•4 views

DEBIAN-CVE-2026-11644