Lucene search
K

214995 matches found

CVE
CVE
added 2026/06/11 8:48 p.m.31 views

CVE-2026-12018

CVE-2026-12018 affects Google Chrome on Windows: an “Inappropriate implementation” in Mojo allows local OS-level privilege escalation via a malicious file. The issue is tied to Chrome before build 149.0.7827.115. Impact is described as High severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,...

8.8CVSS5.5AI score0.0016EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12018

Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

8.8CVSS5.3AI score0.0016EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/11 8:48 p.m.33 views

CVE-2026-12018

Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...

0.0016EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.9 views

CVE-2026-12013

Removed by vendor...

5.2AI score0.0024EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.7 views

CVE-2026-12013

...

5.1AI score0.0024EPSS
Exploits0
CVE
CVE
added 2026/06/11 8:48 p.m.22 views

CVE-2026-12013

CVE-2026-12013 is a Chromium use-after-free vulnerability in Media on Windows, reported as part of Google Chrome/Chromium family. The issue allows a remote attacker to potentially exploit heap corruption by delivering a crafted HTML page, with impact described as remote code execution or heap cor...

5.6AI score0.0024EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/11 8:48 p.m.30 views

CVE-2026-12013

...

0.0024EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.7 views

CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.00246EPSS
Exploits0References2
CVE
CVE
added 2026/06/11 8:48 p.m.61 views

CVE-2026-12011

Concisely: CVE-2026-12011 is a use-after-free in Chrome’s WebMIDI on Windows prior to 149.0.7827.115. This weakness could allow a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. The Chromium update (149.0.7827.114/115) fixes this issue; users should upgrade to ...

8.3CVSS5.5AI score0.00246EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.6 views

CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.4AI score0.00246EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/11 8:48 p.m.31 views

CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00246EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.7 views

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

6AI score0.00287EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.6 views

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00287EPSS
Exploits0
CVE
CVE
added 2026/06/11 8:48 p.m.69 views

CVE-2026-12007

CVE-2026-12007 is a use-after-free in Chrome's Core on Windows, caused by a vulnerability in the handling of crafted HTML pages. The issue affects Chrome prior to version 149.0.7827.115 and could allow a remote attacker to execute arbitrary code. Google’s June 2026 stable-channel update (149.0.78...

8.8CVSS6AI score0.00287EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/11 8:48 p.m.27 views

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

0.00287EPSS
Exploits0References2
Metasploit
Metasploit
added 2026/06/11 7:0 p.m.182 views

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/06/11 5:43 p.m.11 views

New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files

Security researcher Chaotic Eclipse aka Nightmare-Eclipse and MSNightmare has released a new Windows BitLocker bypass dubbed GreatXML , a day after they published an exploit for Microsoft Defender. "This was an accidental discovery, it took a total of 4 hours to find this," the researcher said in...

6.8CVSS6.4AI score0.01249EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2026-52750

Ghidra before 12.1 contains a command injection vulnerability in URL annotation handling on Windows where cmd.exe metacharacters are not properly escaped. Attackers can execute arbitrary commands under the Ghidra user's privileges by embedding malicious URLs in program comments that victims click...

8.4CVSS5.9AI score0.00503EPSS
Exploits0References1
NVD
NVD
added 2026/06/11 2:16 p.m.14 views

CVE-2026-10847

A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process. Successful exploitatio...

7.8CVSS0.00124EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 1:52 p.m.8 views

CVE-2026-10847 Local Privilege Escalation vulnerability in Check Point Identity Agent Full for Windows OS

A local privilege escalation vulnerability exists in Check Point Identity Agent Full for Windows OS. An authenticated local user may be able to execute arbitrary code with SYSTEM privileges due to improper handling of executable resolution during the log collection process. Successful exploitatio...

7.8CVSS6AI score0.00124EPSS
Exploits0References1
Rows per page
Query Builder