CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

406 matches found

EUVD-2026-35244

Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

7.5CVSS6AI score0.00018EPSS

Exploits0References3

EUVD•added yesterday•3 views

EUVD-2026-35256

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS5.4AI score0.00017EPSS

Exploits0References3

Cvelist•added 2 days ago•18 views

CVE-2026-11644

0.00018EPSS

Exploits0References2

CVE•added 2 days ago•9 views

CVE-2026-11644

CVE-2026-11644 describes a use-after-free in the Views component of Google Chrome on Linux, allowing code execution via a crafted Chrome Extension when a user is convinced to install a malicious extension. Affected software: Google Chrome (Linux) with the vulnerable Views code path. Root cause: u...

7.5CVSS6AI score0.00018EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2 days ago•4 views

CVE-2026-11644

6AI score0.00018EPSS

Exploits0References2

Debian CVE•added 2 days ago•4 views

CVE-2026-11644

7.5CVSS6AI score0.00018EPSS

Exploits0

SUSE CVE•added 3 days ago•3 views

SUSE CVE-2026-11048

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00007EPSS

Exploits0References2

SUSE CVE•added 3 days ago•4 views

SUSE CVE-2026-11189

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00019EPSS

Exploits0References2

SUSE CVE•added 3 days ago•4 views

SUSE CVE-2026-11269

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Low...

7.1CVSS6AI score0.00008EPSS

Exploits0References2

SUSE CVE•added 4 days ago•5 views

SUSE CVE-2026-11112

Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Medium...

9.6CVSS5.5AI score0.0009EPSS

Exploits0References3

EUVD•added 5 days ago•9 views

EUVD-2026-34769

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00016EPSS

Exploits0References3

EUVD•added 5 days ago•5 views

EUVD-2026-34651

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00012EPSS

Exploits0References3

EUVD•added 5 days ago•5 views

EUVD-2026-34618

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.9AI score0.00013EPSS

Exploits0References3

EUVD•added 5 days ago•6 views

EUVD-2026-34446

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00015EPSS

Exploits0References3

NVD•added 5 days ago•7 views

CVE-2026-11269

7.1CVSS0.00008EPSS

Exploits0References2

Tenable Nessus•added 5 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-11112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Chromoting in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the...

9.6CVSS5.6AI score0.0009EPSS

Exploits0References2

OSV•added 6 days ago•2 views

DEBIAN-CVE-2026-11112

9.6CVSS5.5AI score0.0009EPSS

Exploits0References1

NVD•added 6 days ago•3 views

CVE-2026-11092

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS0.00024EPSS

Exploits0References2

CVE•added 6 days ago•17 views

CVE-2026-11308

Summary : CVE-2026-11308 describes an insecure implementation in Google Chrome’s Extensions handling prior to version 149.0.7827.53. Affected software/area : Google Chrome — Extensions module. Root cause : Inappropriate implementation in Extensions, enabling privilege escalation. Impact : An atta...

6.3CVSS5.8AI score0.00016EPSS

Exploits0References2Affected Software1

Debian CVE•added 6 days ago•6 views

CVE-2026-11308

6.3CVSS5.4AI score0.00016EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by