CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2026/06/04 11:17 p.m.•3 views

DEBIAN-CVE-2026-11128

Inappropriate implementation in Web Share in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.0004EPSS

NVD•added 2026/06/04 11:16 p.m.•4 views

CVE-2026-10951

Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00118EPSS

CVE•added 2026/06/04 11:6 p.m.•10 views

CVE-2026-11272

CVE-2026-11272 affects Google Chrome on iOS, specifically the Reading List feature. The root cause is insufficient validation of untrusted input, enabling a remote attacker to escalate privileges via a crafted HTML page when a user is guided to perform certain UI gestures. Impact is described as ...

8.8CVSS5.8AI score0.00106EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2026/06/02 12:0 a.m.•6 views

PT-2026-46742

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Incorrect security UI in the File Input component allows a remote attacker to perform UI spoofing via a crafted HTML page, provided they can convince a user to perform specific UI...

9.6CVSS5.8AI score0.04819EPSS

Exploits1References434

EUVD•added 2026/05/29 12:38 a.m.•7 views

EUVD-2026-33076

Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00139EPSS

Debian CVE•added 2026/05/28 10:25 p.m.•6 views

CVE-2026-9956

Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00139EPSS

Exploits0

AlpineLinux•added 2026/05/14 7:52 p.m.•8 views

CVE-2026-8515

Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00073EPSS

Exploits0

OSV•added 2026/04/08 10:16 p.m.•0 views

DEBIAN-CVE-2026-5897

Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00029EPSS

AstraLinux•added 2026/04/01 3:55 a.m.•3 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.5AI score0.00025EPSS

SUSE CVE•added 2026/02/13 12:26 a.m.•1 views

SUSE CVE-2026-2320

6.5CVSS5.6AI score0.00035EPSS

OSV•added 2026/02/11 7:15 p.m.•1 views

CVE-2026-2322

5.4CVSS5.8AI score

NVD•added 2026/02/11 7:15 p.m.•5 views

CVE-2026-2322

5.4CVSS0.00025EPSS

UbuntuCve•added 2026/02/11 7:15 p.m.•1 views

CVE-2026-2322

5.4CVSS5.9AI score0.00025EPSS

Vulnrichment•added 2026/02/11 6:8 p.m.•2 views

CVE-2026-2322

5.6AI score0.00025EPSS

RedhatCVE•added 2025/11/11 8:42 p.m.•4 views

CVE-2025-12434

Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS6AI score0.00052EPSS

RedhatCVE•added 2025/11/11 8:42 p.m.•1 views

CVE-2025-12728

Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS4.8AI score0.0007EPSS

RedhatCVE•added 2025/11/11 1:41 p.m.•0 views

CVE-2025-11208

Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS8.1AI score0.0005EPSS

Exploits0References5

OSV•added 2025/11/10 8:15 p.m.•1 views

CVE-2025-12729

4.2CVSS5.8AI score

NVD•added 2025/11/10 8:15 p.m.•1 views

CVE-2025-12729

4.2CVSS0.0003EPSS