CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Chromium: CVE-2026-11139 Policy bypass in Paint

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00014EPSS

Exploits0

Microsoft CVE•added 2 days ago•5 views

Chromium: CVE-2026-11132 Policy bypass in Paint

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.0001EPSS

Exploits0

NVD•added 3 days ago•4 views

CVE-2026-11139

Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00014EPSS

Exploits0References2

OSV•added 3 days ago•4 views

DEBIAN-CVE-2026-11139

Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00014EPSS

Exploits0References1

Vulnrichment•added 3 days ago•6 views

CVE-2026-11289

Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00028EPSS

Exploits0References2

Cvelist•added 3 days ago•22 views

CVE-2026-11139

Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00014EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 2:34 a.m.•13 views

CVE-2010-5240

Multiple untrusted search path vulnerabilities in Corel PHOTO-PAINT and CorelDRAW X5 15.1.0.588 allow local users to gain privileges via a Trojan horse 1 dwmapi.dll or 2 CrlRib.dll file in the current working directory, as demonstrated by a directory that contains a .cdr, .cpt, .cmx, or .csl file...

6.9CVSS7.1AI score0.00999EPSS

Exploits0References1

Veracode•added 2023/03/13 5:45 a.m.•32 views

Information Disclosure

Google Chrome is vulnerable to Information Disclosure. The vulnerability exists due to the inappropriate implementation in Paint, which allows an attacker to leak cross-origin data outside an iframe via a crafted HTML page...

4.3CVSS4.9AI score0.00172EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2022/02/01 12:0 a.m.•4 views

PT-2022-25304 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 98.0.4758.80 Description: The issue is related to an inappropriate implementation in Paint, allowing a remote attacker to leak cross-origin data outside an iframe via a crafted HTML page. This can be achieved b...

9.6CVSS6.3AI score0.49EPSS

Exploits71References405

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by