CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/05 12:31 a.m.•5 views

EUVD-2026-34679

Inappropriate implementation in PlatformIntegration in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a malicious file. Chromium security severity: Low...

6.2AI score0.002EPSS

EUVD-2026-34662

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...

6.2AI score0.00206EPSS

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34646

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

6.2AI score0.00201EPSS

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34534

Inappropriate implementation in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.0028EPSS

EUVD•added 2026/06/05 12:31 a.m.•9 views

EUVD-2026-34520

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: Medium...

6.2AI score0.00107EPSS

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34495

Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00351EPSS

EUVD•added 2026/06/05 12:31 a.m.•6 views

EUVD-2026-34412

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00351EPSS

8.8CVSS6.2AI score0.00182EPSS

EUVD-2026-34375

Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: High...

EUVD-2026-34372

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

6.2AI score0.00341EPSS

8.8CVSS6.2AI score0.00182EPSS

EUVD-2026-34551

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

OSV•added 2026/06/05 12:3 a.m.•5 views

RLSA-2026:21755 Important: flatpak security update

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. Security Fixes: flatpak: Flatpak: Arbitrary code execution via crafted symlinks in sandbox-expose options CVE-2026-34078 flatpak: Flatpak: Arbitrary file deletion on host via improper cache file...

9CVSS7.7AI score0.01636EPSS

Rockylinux•added 2026/06/05 12:3 a.m.•6 views

flatpak security update

An update is available for flatpak. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Flatpak is a system for building, distributing, and running sandboxed desktop...

10CVSS7.7AI score0.01636EPSS

Tenable Nessus•added 2026/06/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11332

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in ansible-core. The ansible-galaxy role install command processes dependency specifications from a role's meta/requirements.yml file. Due to...

7.8CVSS6.2AI score0.00163EPSS

Positive Technologies•added 2026/06/05 12:0 a.m.•7 views

PT-2026-47025

Name of the Vulnerable Software and Affected Versions Markdown Preview Enhanced versions prior to 0.8.28 Description The software parses WaveDrom diagrams by evaluating untrusted markdown content using the eval function, which allows for arbitrary JavaScript execution. This issue affects all rend...

8.8CVSS6AI score0.00343EPSS

Exploits0References7

CNNVD•added 2026/06/05 12:0 a.m.•3 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions of 7-Zip 26.00 and earlier contained a buffer error vulnerability. This vulnerability stemmed from insufficient allocation of the NTFS compression stream buffer, which could allow attackers to execute arbitrary code or caus...

8.8CVSS6.2AI score0.00697EPSS

Exploits1References2

CNNVD•added 2026/06/05 12:0 a.m.•5 views

Ansible 参数注入漏洞

Ansible is an easy-to-use IT automation system developed under the open source license of Ansible. Ansible has a parameter injection vulnerability, which stems from improper use of the parameter separator in the ansible-galaxy role install command, allowing arbitrary code to execute...

7.8CVSS5.6AI score0.00163EPSS

Redos•added 2026/06/05 12:0 a.m.•3 views

ROS-20260605-73-0033

The vulnerability in Tomcat11 is related to insufficient checks on the registry. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

7.5CVSS7.6AI score0.00467EPSS

Redos•added 2026/06/05 12:0 a.m.•4 views

ROS-20260605-73-0066

The vulnerability in Firefox is related to errors in data type mixing. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9.8CVSS5.9AI score0.00474EPSS