CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added last week•4 views

DEBIAN-CVE-2026-9945

Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00139EPSS

Exploits0References1

NVD•added last week•2 views

CVE-2026-9945

8.8CVSS0.00139EPSS

Vulnrichment•added last week•3 views

CVE-2026-9989

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. Chromium security severity: High...

5.8AI score0.00012EPSS

CVE•added last week•8 views

CVE-2026-9945

Google Chrome (Chromium) for Windows is affected by a use-after-free in the Media component, allowing remote code execution inside the Chrome sandbox via a crafted HTML page. Affected versions are prior to 148.0.7778.216. Upstream bug 503565293 is cited, and the Chrome stable update referenced in...

8.8CVSS6.2AI score0.00139EPSS

Exploits0References2Affected Software1

Vulnrichment•added last week•4 views

CVE-2026-9945

6.2AI score0.00139EPSS

ATTACKERKB•added last week•3 views

CVE-2026-9945

6.2AI score0.00139EPSS

Exploits0References3Affected Software1

Cvelist•added last week•24 views

CVE-2026-9945

0.00139EPSS

Positive Technologies•added 2026/05/27 12:0 a.m.•4 views

PT-2026-44653

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in the Media component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

9.6CVSS6.2AI score0.00156EPSS

Exploits0References156

SUSE CVE•added 2026/05/16 1:15 a.m.•8 views

SUSE CVE-2026-8535

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. Chromium security severity: High...

5.3CVSS5.8AI score0.0003EPSS

SUSE CVE•added 2026/05/16 1:15 a.m.•5 views

SUSE CVE-2026-8548

Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00092EPSS

SUSE CVE•added 2026/05/16 1:15 a.m.•6 views

SUSE CVE-2026-8549

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

NVD•added 2026/05/14 8:17 p.m.•3 views

CVE-2026-8548

8.3CVSS0.00092EPSS

NVD•added 2026/05/14 8:17 p.m.•2 views

CVE-2026-8549

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00086EPSS

NVD•added 2026/05/14 8:17 p.m.•2 views

CVE-2026-8535

5.3CVSS0.0003EPSS

5.3CVSS5.8AI score0.0003EPSS

CVE-2026-8535

CVE-2026-8544

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-8549

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00092EPSS

CVE-2026-8548

CVE•added 2026/05/14 7:52 p.m.•10 views

CVE-2026-8549

CVE-2026-8549 : Use-after-free in Google Chrome’s Media code path prior to 148.0.7778.168 allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Affected product: Google Chrome (Media component). Root cause: use-after-free. Impact: high (arbitrary c...