CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

AstraLinux•added 4 days ago•4 views

Astra Linux – Vulnerability in Chromium

Before version 90.0.4430.72, using extensions in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape through a crafted Chrome Extension...

8.6CVSS7.7AI score0.01022EPSS

AstraLinux•added 4 days ago•3 views

Astra Linux – Vulnerability in Chromium

Before version 91.0.4472.101, using “After Free” in Google Chrome extensions allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8AI score0.00977EPSS

AstraLinux•added 4 days ago•6 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.00912EPSS

EUVD•added 6 days ago•8 views

EUVD-2026-37541

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

4.2CVSS5.3AI score0.00134EPSS

EUVD•added 6 days ago•7 views

EUVD-2026-37535

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.3AI score0.00222EPSS

CVE•added 6 days ago•18 views

CVE-2026-12464

CVE-2026-12464 : A use-after-free in the Google Chrome renderer before 149.0.7827.155 may allow a remote attacker who compromises the renderer to escape the sandbox via a crafted HTML page, per multiple sources. Affected software is Chrome browsers with the vulnerable Chromium component; the issu...

8.3CVSS5.4AI score0.00216EPSS

Exploits0References2Affected Software1

Debian CVE•added 6 days ago•4 views

CVE-2026-12462

Use after free in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6AI score0.00263EPSS

Exploits0

Positive Technologies•added 6 days ago•9 views

PT-2026-50194

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An out-of-bounds read in Chromoting allows a local attacker to obtain potentially sensitive information from process memory by using a malicious file. An out-of-bounds read occurs when...

9.6CVSS5.9AI score0.00522EPSS

Exploits0References39

Positive Technologies•added 6 days ago•10 views

PT-2026-50215

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An object lifecycle issue in Metrics allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a...

9.6CVSS5.9AI score0.00522EPSS

Exploits0References41

SUSE CVE•added 2026/06/13 2:28 a.m.•13 views

SUSE CVE-2026-12015

Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.3AI score0.00203EPSS

EUVD•added 2026/06/12 12:31 a.m.•9 views

EUVD-2026-36343

Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00206EPSS

OSV•added 2026/06/11 10:16 p.m.•5 views

DEBIAN-CVE-2026-12033

Out of bounds read in VideoCapture in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the GPU process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.3AI score0.00169EPSS

OSV•added 2026/06/11 10:16 p.m.•5 views

DEBIAN-CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00158EPSS

NVD•added 2026/06/11 10:16 p.m.•11 views

CVE-2026-12017

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS0.00184EPSS

OSV•added 2026/06/11 10:16 p.m.•5 views

DEBIAN-CVE-2026-12015

5.3CVSS5.4AI score0.00203EPSS

CVE•added 2026/06/11 8:48 p.m.•25 views

CVE-2026-12031

Google Chrome on Windows before 149.0.7827.115 is affected by CVE-2026-12031 due to an inappropriate implementation in Views that can allow a remote attacker, who has compromised the renderer process, to potentially escape the sandbox via a crafted HTML page. The issue is rated High (CVSS 3.1: AV...

8.3CVSS5.5AI score0.00171EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/06/11 8:48 p.m.•7 views

CVE-2026-12023

5.5AI score0.00206EPSS