CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 16 hours ago•3 views

SUSE CVE-2026-12025

Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.3AI score0.00027EPSS

EUVD•added yesterday•6 views

EUVD-2026-36352

Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.4AI score0.0001EPSS

EUVD•added yesterday•5 views

EUVD-2026-36344

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00016EPSS

EUVD•added yesterday•5 views

EUVD-2026-36328

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.0008EPSS

NVD•added 2 days ago•6 views

CVE-2026-12035

Use after free in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00035EPSS

NVD•added 2 days ago•7 views

CVE-2026-12031

Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00089EPSS

OSV•added 2 days ago•1 views

DEBIAN-CVE-2026-12016

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00066EPSS

Exploits0References1

OSV•added 2 days ago•2 views

DEBIAN-CVE-2026-12013

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00068EPSS

Exploits0References1

Cvelist•added 2 days ago•28 views

CVE-2026-45173 Idira Identity Browser Extension: Unauthorized Application Interaction via Origin Validation Failure

Idira Identity Browser Extension Chrome, Firefox, and Edge builds versions prior to 26.8.1 exhibit an origin validation flaw within its internal web-page verification routines. If an authenticated user navigates to a specially crafted webpage, this interaction could potentially allow a remote...

8.4CVSS0.00086EPSS

Exploits0References1

Cvelist•added 2 days ago•25 views

CVE-2026-12035

0.00035EPSS

Debian CVE•added 2 days ago•5 views

CVE-2026-12033

Out of bounds read in VideoCapture in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the GPU process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.3AI score0.00028EPSS

Debian CVE•added 2 days ago•4 views

CVE-2026-12031

8.3CVSS5.4AI score0.00089EPSS

CVE•added 2 days ago•33 views

CVE-2026-12032

CVE-2026-12032 affects Google Chrome on Android (pre‑149.0.7827.115) where an inappropriate implementation in Passwords allowed a remote attacker, who had renderer access, to bypass site isolation via a crafted HTML page. The connected sources confirm the issue exists in Passwords and is tied to ...

3.1CVSS5.4AI score0.0001EPSS

Exploits0References2Affected Software1

Debian CVE•added 2 days ago•5 views

CVE-2026-12027

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.4AI score0.00035EPSS

Debian CVE•added 2 days ago•4 views

CVE-2026-12025

5.3CVSS5.3AI score0.00027EPSS

CVE•added 2 days ago•11 views

CVE-2026-12026

CVE-2026-12026: Out-of-bounds read in Video on ChromeOS Chrome, before version 149.0.7827.115, allows a renderer-compromised attacker to read potentially sensitive process memory via a crafted HTML page. Affected product: Google Chrome on ChromeOS; root cause: memory read issue in the Video compo...

5.5AI score0.00035EPSS

Cvelist•added 2 days ago•25 views

CVE-2026-12023

Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00068EPSS

Debian CVE•added 2 days ago•6 views

CVE-2026-12024

6.5CVSS5.4AI score0.00016EPSS

Cvelist•added 2 days ago•24 views

CVE-2026-12019

Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00062EPSS