CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

429 matches found

EUVD-2026-36329

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.5AI score0.00068EPSS

Exploits0References3

OSV•added 2 days ago•1 views

DEBIAN-CVE-2026-12034

Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

8.3CVSS5.4AI score0.00066EPSS

Exploits0References1

OSV•added 2 days ago•1 views

DEBIAN-CVE-2026-12032

Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.3AI score0.0001EPSS

Exploits0References1

NVD•added 2 days ago•5 views

CVE-2026-12025

Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.3CVSS0.00027EPSS

Exploits0References2

NVD•added 2 days ago•6 views

CVE-2026-12034

8.3CVSS0.00066EPSS

Exploits0References2

OSV•added 2 days ago•2 views

DEBIAN-CVE-2026-12022

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

8.3CVSS5.4AI score0.00061EPSS

Exploits0References1

CVE•added 2 days ago•11 views

CVE-2026-12034

The CVE-2026-12034 entry describes an issue in Google Chrome on Linux where Linux Toolkit Theming mishandles untrusted input, allowing a renderer process in a compromised sandbox to escape via a malicious file. Affected software: Google Chrome on Linux (pre-149.0.7827.115). Root cause: insufficie...

8.3CVSS5.5AI score0.00066EPSS

Exploits0References2Affected Software1

Cvelist•added 2 days ago•23 views

CVE-2026-12034

0.00066EPSS

Exploits0References2

Vulnrichment•added 2 days ago•5 views

CVE-2026-12032

5.4AI score0.0001EPSS

Exploits0References2

Debian CVE•added 2 days ago•4 views

CVE-2026-12031

Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00089EPSS

Exploits0

Debian CVE•added 2 days ago•5 views

CVE-2026-12027

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.4AI score0.00035EPSS

Exploits0

Vulnrichment•added 2 days ago•4 views

CVE-2026-12022

5.5AI score0.00061EPSS

Exploits0References2

Vulnrichment•added 2 days ago•4 views

CVE-2026-12023

Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00068EPSS

Exploits0References2

Debian CVE•added 2 days ago•4 views

CVE-2026-12019

Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.7AI score0.00062EPSS

Exploits0

CVE•added 2 days ago•9 views

CVE-2026-12017

Google Chrome extension component (Extensions) is affected by CVE-2026-12017. An insufficient input validation in the Extensions path allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Affected product: Google Chrome (Extensions). ...

3.1CVSS5.4AI score0.00019EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2 days ago•4 views

CVE-2026-12017

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.4AI score0.00019EPSS

Exploits0References2

Positive Technologies•added 2 days ago•7 views

PT-2026-48771

5.5AI score0.00027EPSS

Exploits0References3

Positive Technologies•added 2 days ago•6 views

PT-2026-48777

5.5AI score0.00089EPSS

Exploits0References3

SUSE CVE•added 3 days ago•3 views

SUSE CVE-2026-11655

Integer overflow in Media in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.0008EPSS

Exploits0References3

EUVD•added 4 days ago•4 views

EUVD-2026-35215

Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.4AI score0.00025EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by