CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

PT-2026-46629

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Isolated Web Apps allows a remote attacker to execute arbitrary code inside a sandbox by using a malicious file. Recommendations Update to version...

PT-2026-46464

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in V8, the JavaScript and WebAssembly engine. This allows a remote attacker to execute arbitrary code within a sandbox by inducing a user to open a special...

PT-2026-46663

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Canvas allows a remote attacker to execute arbitrary code inside a sandbox by utilizing a crafted HTML page. Use after free is a memory corruption flaw that...

PT-2026-46483

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Actor component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

Tenable Nessus•added 6 days ago•7 views

SUSE SLES15 Security Update : samba (SUSE-SU-2026:2108-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2108-1 advisory. This update for samba fixes the following issues - CVE-2026-2340: vfsworm does not block directory modification bsc1261158. -...

9.8CVSS6AI score0.00392EPSS

Exploits4References14

9.6CVSS6.4AI score0.00255EPSS

PT-2026-46492

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

Exploits0References438

CVE•added 6 days ago•9 views

CVE-2026-30649

CVE-2026-30649 reports a Buffer Overflow in VIVOTEK INC FD8136-VVTK-0300a, exploitable remotely via the set_getparam.cgi component. This vulnerability could allow an attacker to execute arbitrary code on affected devices. The CVE records list the vulnerable product (FD8136-VVTK-0300a) and the aff...

7.3CVSS6.2AI score0.0018EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 6 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-42588

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ...

8.1CVSS6.4AI score0.00081EPSS

Exploits1References3

PT-2026-46477

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory...

PT-2026-46443

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in ANGLE Almost Native Graphics Layer Engine allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page...

Positive Technologies•added 6 days ago•9 views

PT-2026-46411

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Network component allows a remote attacker to execute arbitrary code when a user opens a specially crafted HTML page. Use after free is a memory corruption...

9.6CVSS6.3AI score0.00255EPSS

PT-2026-46507

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code through malicious network traffic. Use after free occurs when an application continues to use a...

Exploits0References437

9.6CVSS6.4AI score0.00255EPSS

PT-2026-46511

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebXR, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

Exploits0References437

Positive Technologies•added 6 days ago•7 views

PT-2026-46494

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in DevTools allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Recommendations Update to version 149.0.7827....

9.6CVSS6.4AI score0.00255EPSS

Exploits0References438

AlmaLinux•added 6 days ago•6 views

Important: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: group policy certificate enrollment uses without...

9.8CVSS5.9AI score0.00392EPSS

Exploits4References8

Vulnrichment•added 6 days ago•4 views

CVE-2026-30649

Buffer Overflow vulnerability in VIVOTEK INC FD8136-VVTK-0300a allows a remote attacker to execute arbitrary code via the setgetparam.cgi component...

6.2AI score0.0018EPSS

Exploits0References2