CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 5 days ago•5 views

CVE-2026-10979

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00033EPSS

NVD•added 5 days ago•4 views

CVE-2026-10890

Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: Critical...

8.8CVSS0.00012EPSS

Cvelist•added 5 days ago•35 views

CVE-2026-11309

Insufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00013EPSS

4.3CVSS5.5AI score0.00013EPSS

CVE-2026-11309

Insufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Debian CVE•added 5 days ago•4 views

CVE-2026-11294

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

Debian CVE•added 5 days ago•5 views

CVE-2026-11295

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.5AI score0.00077EPSS

Cvelist•added 5 days ago•34 views

CVE-2026-11285

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00022EPSS

Debian CVE•added 5 days ago•5 views

CVE-2026-11284

Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00028EPSS

Vulnrichment•added 5 days ago•6 views

CVE-2026-11276

Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. Chromium security severity: Low...

5.8AI score0.00005EPSS

6.1CVSS5.6AI score0.00025EPSS

CVE-2026-11273

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

Debian CVE•added 5 days ago•5 views

CVE-2026-11259

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.0002EPSS

Vulnrichment•added 5 days ago•5 views

CVE-2026-11252

Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.0002EPSS

CVE•added 5 days ago•7 views

CVE-2026-11248

The CVE covers an issue described as an inappropriate implementation in Google Lens within Google Chrome, before version 149.0.7827.53, allowing a remote attacker to bypass navigation restrictions via a crafted HTML page. The vulnerability affects Chrome/Lens behavior and is tagged with low Chrom...

8.8CVSS5.8AI score0.00039EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 5 days ago•4 views

CVE-2026-11248

Inappropriate implementation in Google Lens in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.5AI score0.00039EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 5 days ago•4 views

CVE-2026-11245

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

Exploits0References3Affected Software1

5.4CVSS5.5AI score0.00057EPSS

CVE-2026-11232

Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Low...

6.5CVSS5.5AI score0.0002EPSS

CVE-2026-11225

Inappropriate implementation in WebUI in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...