CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 3 days ago•6 views

EUVD-2026-34706

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00022EPSS

OSV•added 3 days ago•3 views

DEBIAN-CVE-2026-11245

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

Exploits0References1

NVD•added 3 days ago•5 views

CVE-2026-11245

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00022EPSS

Tenable Nessus•added 3 days ago•8 views

Linux Distros Unpatched Vulnerability : CVE-2026-11245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page...

4.3CVSS5.6AI score0.00022EPSS

NVD•added 4 days ago•4 views

CVE-2026-11001

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00026EPSS

Vulnrichment•added 4 days ago•4 views

CVE-2026-11245

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00022EPSS

ATTACKERKB•added 4 days ago•4 views

CVE-2026-11245

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

Exploits0References3Affected Software1

Cvelist•added 4 days ago•34 views

CVE-2026-11245

Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00022EPSS

Vulnrichment•added 4 days ago•4 views

CVE-2026-11001

5.5AI score0.00026EPSS

Positive Technologies•added 4 days ago•5 views

PT-2026-46548

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker who has compromised the renderer process to perform domain spoofing by using a crafted HTML...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References433

Positive Technologies•added 6 days ago•7 views

PT-2026-46530

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker to perform UI spoofing via a crafted HTML page, provided they can convince a user to perform specific ...

9.6CVSS5.8AI score0.04468EPSS

Exploits0References434

SUSE CVE•added 2026/05/16 1:15 a.m.•6 views

SUSE CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE•added 2026/05/16 1:14 a.m.•6 views

SUSE CVE-2026-8566

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00025EPSS

NVD•added 2026/05/14 8:17 p.m.•3 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00066EPSS

UbuntuCve•added 2026/05/14 8:17 p.m.•3 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

EUVD•added 2026/05/14 7:52 p.m.•7 views

EUVD-2026-30383

5.8AI score0.00025EPSS

Debian CVE•added 2026/05/14 7:52 p.m.•5 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE•added 2026/05/14 7:52 p.m.•12 views

Exploits0

CVE-2026-8520

CVE-2026-8520 : A race in the Payments component of Google Chrome before version 148.0.7778.168 could allow a remote attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is described as critical in Chromium, with a network attack vector and high impact on confiden...

Exploits0References2Affected Software1

Cvelist•added 2026/05/14 7:52 p.m.•26 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00066EPSS