Lucene search
K

3631 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.9 views

CVE-2026-9015

The Equalize Digital Accessibility Checker – WCAG, ADA, EAA and Section 508 compliance plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.42.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This mak...

4.3CVSS5.5AI score0.003EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/06/05 2:0 p.m.8 views

Chromium: CVE-2026-11157 Script injection in Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS5.4AI score0.00121EPSS
Exploits0
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34618

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.9AI score0.00121EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.10 views

EUVD-2026-34433

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00233EPSS
Exploits0References3
Redos
Redos
added 2026/06/05 12:0 a.m.5 views

ROS-20260605-73-0055

The vulnerability of the XPCOM component in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to a numerical overflow vulnerability. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected informatio...

9.6CVSS5.5AI score0.00773EPSS
Exploits0
NVD
NVD
added 2026/06/04 11:17 p.m.6 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.4CVSS0.00121EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.6 views

DEBIAN-CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.4CVSS5.5AI score0.00233EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.4CVSS0.00233EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.9AI score0.00121EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.5AI score0.00121EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.29 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

0.00121EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.4CVSS5.5AI score0.00121EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.5 views

CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00233EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.48 views

CVE-2026-10984

Summary: CVE-2026-10984 affects Google Chrome on Android due to an inappropriate Accessibility implementation, enabling UI spoofing via a crafted HTML page. The issue lies in older Android builds before 149.0.7827.53; upgrading to 149.0.7827.53 or later mitigates the vulnerability. The vulnerabil...

5.4CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.36 views

CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

0.00233EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.8 views

CVE-2026-10984

Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.4CVSS5.5AI score0.00233EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.17 views

PT-2026-46513

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Accessibility component allows a remote attacker to perform UI spoofing via a crafted HTML page. UI spoofing is a technique where an...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References437
EUVD
EUVD
added 2026/06/02 12:31 a.m.16 views

EUVD-2026-33768

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS5.9AI score0.00071EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.11 views

PT-2026-46684

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Script injection in the Accessibility component allows an attacker to inject arbitrary scripts or HTML, leading to Universal Cross-Site Scripting UXSS, which is a vulnerability that...

9.6CVSS6.1AI score0.00985EPSS
Exploits0References434
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.7 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability, which was caused by improper implementation of accessibility features. This vulnerability could allow remote attackers to exploit UI...

5.4CVSS5.3AI score0.00233EPSS
Exploits0References3
Rows per page
Query Builder