Lucene search
K

1205 matches found

CVE
CVE
added 2026/06/08 11:27 p.m.32 views

CVE-2026-11664

This CVE (CVE-2026-11664) affects Google Chrome’s Payments component and concerns a use-after-free in the Payments pathway that could enable remote heap corruption via a crafted HTML page. The vulnerability is rooted in use-after-free semantics within Chromium’s Payments code, leading to potentia...

8.8CVSS5.6AI score0.00252EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.7 views

CVE-2026-11652

Use after free in Extensions in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00242EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/06/08 1:15 p.m.12 views

JLSEC-2026-581

Use after free in Blink XSLT in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.9AI score0.21623EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.19 views

Google Chrome < 149.0.7827.102 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.102. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0153744567 advisory. - Use after free in Tracing in Google Chrome prior to 149.0.7827.10...

9.6CVSS6.2AI score0.01654EPSS
Exploits4References149
SUSE CVE
SUSE CVE
added 2026/06/07 4:51 a.m.13 views

SUSE CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS6AI score0.00187EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.9 views

SUSE CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.4CVSS5.6AI score0.00121EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.14 views

SUSE CVE-2026-11171

Integer overflow in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.1AI score0.0028EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:40 a.m.10 views

SUSE CVE-2026-11246

Insufficient validation of untrusted input in IndexedDB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.3CVSS5.5AI score0.00202EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:38 a.m.18 views

SUSE CVE-2026-11308

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Low...

6.3CVSS5.4AI score0.00099EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/06 12:44 a.m.12 views

CVE-2026-10950

An insufficient policy enforcement flaw was found in the Autofill component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505123022...

8.8CVSS5.4AI score0.00296EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:38 p.m.10 views

CVE-2026-34670

CAI Content Credentials versions [email protected], c2pa-v0.78.2 and earlier are affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service...

6.2CVSS5.5AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:36 p.m.9 views

CVE-2026-41591

Marko is a declarative, HTML-based language for building web apps. Prior to marko version 5.38.36 and prior to @marko/runtime-tags 6.0.164, when dynamic text is interpolated into a ,...

6.4CVSS5.4AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.10 views

CVE-2026-47114

IINA before 1.4.3 contains a user-assisted command execution vulnerability that allows remote attackers to execute arbitrary commands by supplying malicious mpv-prefixed query parameters through the iina://open custom URL scheme handler. Attackers can deliver a crafted URL via a browser that pass...

8.8CVSS6.2AI score0.00702EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/05 2:8 p.m.44 views

CVE-2026-6209

...

Exploits0
CBLMariner
CBLMariner
added 2026/06/05 12:59 p.m.9 views

CVE-2026-33814 affecting package kata-containers for versions less than 3.19.1.kata3-4

CVE-2026-33814 affecting package kata-containers for versions less than 3.19.1.kata3-4. A patched version of the package is available...

7.5CVSS5.4AI score0.00781EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34652

Out of bounds memory access in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00272EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.13 views

EUVD-2026-34635

Inappropriate implementation in Site Isolation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00207EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34511

Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00234EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34453

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00274EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.12 views

EUVD-2026-34396

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00493EPSS
Exploits0References3
Rows per page
Query Builder