Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

280 matches found

Microsoft CVE
Microsoft CVEadded yesterday2 views

Chromium: CVE-2026-11206 Policy bypass in ServiceWorker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00035EPSS
Exploits0
EUVD
EUVDadded yesterday3 views

EUVD-2026-34667

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00035EPSS
Exploits0References3
EUVD
EUVDadded yesterday3 views

EUVD-2026-34662

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

6.2AI score0.00009EPSS
Exploits0References3
OSV
OSVadded 2 days ago2 views

DEBIAN-CVE-2026-11206

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00035EPSS
Exploits0References1
NVD
NVDadded 2 days ago3 views

CVE-2026-11206

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00035EPSS
Exploits0References2
CVE
CVEadded 2 days ago5 views

CVE-2026-11206

This CVE concerns Google Chrome’s ServiceWorker: insufficient policy enforcement allows a remote attacker to leak cross-origin data via a crafted HTML page. Vulnerable are Chrome versions prior to 149.0.7827.53; the issue’s impact is cross-origin data disclosure with a network attacker, requiring...

6.5CVSS5.8AI score0.00035EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2 days ago3 views

CVE-2026-11206

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00035EPSS
Exploits0
Cvelist
Cvelistadded 2 days ago23 views

CVE-2026-11206

Insufficient policy enforcement in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00035EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2 days ago4 views

CVE-2026-11201

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

5.9AI score0.00009EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2 days ago3 views

CVE-2026-11201

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

6.2AI score0.00009EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2 days ago4 views

CVE-2026-11201

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS5.9AI score0.00009EPSS
Exploits0
Cvelist
Cvelistadded 2 days ago23 views

CVE-2026-11201

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

0.00009EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 4 days ago4 views

PT-2026-46727

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the ServiceWorker component. This occurs when a user is convinced to install a malicious extension, allowing an attacker to execute arbitrary code throu...

8.8CVSS6AI score0.00009EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 4 days ago4 views

PT-2026-46732

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in ServiceWorker allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. ServiceWorker is a script that the browser ru...

9.6CVSS5.8AI score0.01636EPSS
Exploits0References434
RedhatCVE
RedhatCVEadded 2026/05/28 6:16 p.m.10 views

CVE-2026-9116

An insufficient policy enforcement flaw was found in the ServiceWorker component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497436273...

7.4CVSS5.7AI score0.00034EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/05/27 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2022-45410

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When a ServiceWorker intercepted a request with FetchEvent, the origin of the request was lost after the ServiceWorker took ownership of it. This had the effect...

6.5CVSS6.9AI score0.00153EPSS
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2026/05/22 4:43 a.m.16 views

Chromium: CVE-2026-9116 Insufficient policy enforcement in ServiceWorker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.8AI score0.00034EPSS
Exploits0
Tenable Nessus
Tenable Nessusadded 2026/05/21 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-9116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted...

4.3CVSS5.8AI score0.00034EPSS
Exploits0References2
NVD
NVDadded 2026/05/20 8:16 p.m.11 views

CVE-2026-9116

Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00034EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2026/05/20 8:16 p.m.9 views

CVE-2026-9116

Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00034EPSS
Exploits0References3
Rows per page
Query Builder