CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2 days ago•3 views

SUSE CVE-2026-11302

4.3CVSS5.5AI score0.0002EPSS

RedhatCVE•added 4 days ago•4 views

CVE-2026-43661

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. Processing a maliciously crafted image may corrupt process memory...

7.5CVSS5.8AI score0.00059EPSS

RedhatCVE•added 4 days ago•6 views

CVE-2026-44698

Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and 2026.4.4 for Android, he Home Assistant Companion apps for Android and iOS expose a JavaScript bridge to the in-app WebView window.externalApp on Android and...

8.3CVSS5.8AI score0.0002EPSS

EUVD•added 4 days ago•8 views

EUVD-2026-34759

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0001EPSS

EUVD•added 4 days ago•4 views

EUVD-2026-34410

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00068EPSS

NVD•added 4 days ago•6 views

CVE-2026-11302

4.3CVSS0.0002EPSS

OSV•added 5 days ago•4 views

DEBIAN-CVE-2026-11205

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted QR code. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00033EPSS

OSV•added 5 days ago•4 views

DEBIAN-CVE-2026-10952

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.00068EPSS

CVE•added 5 days ago•8 views

CVE-2026-11272

CVE-2026-11272 affects Google Chrome on iOS, specifically the Reading List feature. The root cause is insufficient validation of untrusted input, enabling a remote attacker to escalate privileges via a crafted HTML page when a user is guided to perform certain UI gestures. Impact is described as ...

8.8CVSS5.8AI score0.00066EPSS

Exploits0References2Affected Software1

CVE•added 5 days ago•7 views

CVE-2026-10961

The CVE-2026-10961 issue affects Chrome for iOS (Google Chrome on iOS), where a use-after-free in the renderer allows a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Impact is a sandbox escape with high severity; exploitation s...

8.3CVSS5.8AI score0.00068EPSS

Exploits0References2Affected Software1

Vulnrichment•added 5 days ago•3 views

CVE-2026-10952

5.8AI score0.00068EPSS

Debian CVE•added 5 days ago•4 views

CVE-2026-10896

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00128EPSS

Exploits0

Vulnrichment•added 5 days ago•7 views

CVE-2026-10885

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

6.2AI score0.00128EPSS

SUSE CVE•added 5 days ago•5 views

SUSE CVE-2026-28904

The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5, iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. Processing maliciously crafted web content may lead to an unexpected process crash...

7.5CVSS5.8AI score0.00049EPSS

Positive Technologies•added 5 days ago•8 views

PT-2026-46480

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue in the Autofill component allows a remote attacker to potentially exploit heap corruption. This occurs when a user is convinced to perform specific UI...

9.6CVSS6.1AI score0.04468EPSS

Exploits0References433

Positive Technologies•added 5 days ago•6 views

PT-2026-46812

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00022EPSS

SUSE CVE•added 2026/05/30 2:17 a.m.•10 views

SUSE CVE-2026-9955

Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00031EPSS

EUVD•added 2026/05/29 12:38 a.m.•12 views

EUVD-2026-33113

Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6AI score0.00028EPSS