CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

117 matches found

CVE-2026-12417

The CVE-2026-12417 issue affects the WordPress SignUp & SignIn plugin (versions ≤ 1.0.0). The vulnerability arises in the pravel_change_password() AJAX handler, exposed via wp_ajax_nopriv_pravel_change_password, which performs no nonce verification, no capability check, and uses only a loose equa...

9.8CVSS5.9AI score

Exploits1References4

EUVD•added 12 hours ago•6 views

EUVD-2026-38679

The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass via Weak Password Reset Validation leading to Account Takeover in versions up to, and including, 1.0.0. This is due to the pravelchangepassword AJAX handler — registered via wpajaxnoprivpravelchangepassword and...

9.8CVSS5.9AI score

Exploits1References4

SUSE CVE•added 2026/06/07 4:42 a.m.•9 views

SUSE CVE-2026-11204

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS

Exploits0References2

SUSE CVE•added 2026/06/07 4:39 a.m.•7 views

SUSE CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00183EPSS

Exploits0References2

RedhatCVE•added 2026/06/06 12:44 a.m.•13 views

CVE-2026-11280

An insufficient validation of untrusted input flaw was found in the Signin component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501892820...

4.3CVSS5.4AI score0.00183EPSS

Exploits0References4

RedhatCVE•added 2026/06/06 12:44 a.m.•17 views

CVE-2026-11204

An inappropriate implementation flaw was found in the Signin component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505200733...

6.5CVSS5.4AI score0.00201EPSS

Exploits0References4

EUVD•added 2026/06/05 12:31 a.m.•7 views

EUVD-2026-34741

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00183EPSS

Exploits0References3

EUVD•added 2026/06/05 12:31 a.m.•9 views

EUVD-2026-34665

5.8AI score0.00201EPSS

Exploits0References3

NVD•added 2026/06/05 12:17 a.m.•13 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00183EPSS

Exploits0References2

OSV•added 2026/06/05 12:17 a.m.•5 views

DEBIAN-CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00183EPSS

Exploits0References1

Tenable Nessus•added 2026/06/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted...

6.5CVSS5.4AI score0.00201EPSS

Exploits0References2

NVD•added 2026/06/04 11:17 p.m.•8 views

CVE-2026-11204

6.5CVSS0.00201EPSS

Exploits0References2

ATTACKERKB•added 2026/06/04 11:6 p.m.•5 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00183EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/06/04 11:6 p.m.•37 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00183EPSS

Exploits0References2

Vulnrichment•added 2026/06/04 11:6 p.m.•6 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00183EPSS

Exploits0References2

CVE•added 2026/06/04 11:6 p.m.•18 views

CVE-2026-11280

The vulnerability CVE-2026-11280 affects Google Chrome on iOS (pre-149.0.7827.53). It arises from an inappropriate implementation in Sign-in, allowing a remote attacker to perform UI spoofing through a crafted HTML page. The issue is described with Chromium security severity: Low. The available c...

4.3CVSS5.8AI score0.00183EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/06/04 11:5 p.m.•7 views

CVE-2026-11204

5.5AI score0.00201EPSS

Exploits0References2

ATTACKERKB•added 2026/06/04 11:5 p.m.•9 views

CVE-2026-11204

5.8AI score0.00201EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/06/04 11:5 p.m.•28 views

CVE-2026-11204

0.00201EPSS

Exploits0References2

CVE•added 2026/06/04 11:5 p.m.•13 views

CVE-2026-11204

CVE-2026-11204 describes an inappropriate implementation in the Signin flow of Google Chrome on iOS before 149.0.7827.53 that allows a remote attacker to bypass navigation restrictions via a crafted HTML page. The vulnerability is in the Chromium-based iOS Signin function, with a Network attack v...

6.5CVSS5.8AI score0.00201EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by