CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE-2026-9889

Out of bounds read and write in Dawn in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00086EPSS

OSV•added 2026/05/28 11:16 p.m.•3 views

DEBIAN-CVE-2026-9875

Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.8AI score0.0008EPSS

CVE-2026-9875

9.6CVSS0.0008EPSS

NVD•added 2026/05/28 11:16 p.m.•7 views

CVE-2026-9876

Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS0.00108EPSS

CVE-2026-9872

Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS0.00109EPSS

OSV•added 2026/05/28 11:16 p.m.•7 views

DEBIAN-CVE-2026-9872

9.6CVSS5.8AI score0.00109EPSS

OSV•added 2026/05/28 11:16 p.m.•3 views

DEBIAN-CVE-2026-9876

9.6CVSS5.8AI score0.00108EPSS

NVD•added 2026/05/28 11:16 p.m.•6 views

CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS0.00087EPSS

NVD•added 2026/05/28 11:16 p.m.•5 views

CVE-2026-10014

Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00108EPSS

OSV•added 2026/05/28 11:16 p.m.•3 views

DEBIAN-CVE-2026-10014

8.3CVSS5.8AI score0.00108EPSS

OSV•added 2026/05/28 11:16 p.m.•4 views

DEBIAN-CVE-2026-10020

8.3CVSS5.8AI score0.00087EPSS

OSV•added 2026/05/28 11:16 p.m.•4 views

DEBIAN-CVE-2026-10010

Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5CVSS5.8AI score0.00014EPSS

OSV•added 2026/05/28 11:16 p.m.•7 views

DEBIAN-CVE-2026-10008

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00036EPSS

CVE-2026-10008

6.5CVSS0.00036EPSS

NVD•added 2026/05/28 11:16 p.m.•6 views

CVE-2026-10010

5CVSS0.00014EPSS

OSV•added 2026/05/28 11:16 p.m.•4 views

UBUNTU-CVE-2026-10020

8.3CVSS5.8AI score0.00087EPSS

Exploits0References4

OSV•added 2026/05/28 11:16 p.m.•6 views

UBUNTU-CVE-2026-9892

Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00084EPSS

Exploits0References4

CVE•added 2026/05/28 10:25 p.m.•23 views

CVE-2026-10020

Affected software: Skia component in Google Chrome on Android. Vulnerability: Insufficient validation of untrusted input in Skia allows a renderer process–level attacker to potentially escape the sandbox via a crafted HTML page. Impact: Sandbox escape risk as described; exploitation requires a co...

8.3CVSS5.8AI score0.00087EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/28 10:25 p.m.•29 views

CVE-2026-10020

0.00087EPSS