Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

528 matches found

Tenable Nessus
Tenable Nessusadded 2026/05/17 12:0 a.m.14 views

Fedora 44 : chromium (2026-885a3f8c70)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-885a3f8c70 advisory. Update to 148.0.7778.167 CVE-2026-8509: Heap buffer overflow in WebML CVE-2026-8510: Integer overflow in Skia CVE-2026-8511: Use after free in UI...

9.6CVSS6AI score0.00148EPSS
Exploits0References95
Microsoft CVE
Microsoft CVEadded 2026/05/16 12:21 a.m.5 views

Chromium: CVE-2026-8551 Use after free in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00086EPSS
Exploits0
NVD
NVDadded 2026/05/14 8:17 p.m.6 views

CVE-2026-8565

Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.7CVSS0.00017EPSS
Exploits0References2
NVD
NVDadded 2026/05/14 8:17 p.m.3 views

CVE-2026-8551

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00086EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/14 7:52 p.m.26 views

CVE-2026-8551

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00086EPSS
Exploits0References2
CVE
CVEadded 2026/05/14 7:52 p.m.13 views

CVE-2026-8551

CVE-2026-8551 describes a use-after-free in the Downloads component of Google Chrome affecting versions prior to 148.0.7778.168 . The vulnerability allows a remote attacker to cause arbitrary code execution by convincing a user to perform specific UI gestures on a crafted HTML page. This is an in...

8.8CVSS6.2AI score0.00086EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/14 7:52 p.m.7 views

CVE-2026-8551

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00086EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/14 7:52 p.m.4 views

CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00148EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/14 7:52 p.m.4 views

EUVD-2026-30434

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00086EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/14 7:52 p.m.3 views

CVE-2026-8522

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

6.2AI score0.00086EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/14 7:52 p.m.5 views

CVE-2026-8522

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00086EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/05/14 7:52 p.m.6 views

CVE-2026-8522

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.00086EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 2026/05/07 2:0 p.m.4 views

Chromium: CVE-2026-7932 Insufficient policy enforcement in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.4CVSS5.8AI score0.00006EPSS
Exploits0
EUVD
EUVDadded 2026/05/06 9:31 p.m.4 views

EUVD-2026-27967

Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

4.4CVSS5.8AI score0.00006EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2026/05/06 7:16 p.m.2 views

CVE-2026-7932

Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

4.4CVSS5.8AI score0.00006EPSS
Exploits0References1
OSV
OSVadded 2026/04/13 12:0 p.m.4 views

RUSTSEC-2026-0101 `safe-agent-rs` was removed from crates.io for being affiliated with malicious code

While safe-agent-rs did not directly contain malicious code, it was owned by the same user as pretty-changelog-logger and microsoftsystem64. safe-agent-rs also appeared to be imitating a different websocket library. We decided to remove it out of an abundance of caution. This crate had 2 versions...

5.8AI score
Exploits0References2
Microsoft CVE
Microsoft CVEadded 2026/04/11 12:31 a.m.4 views

Chromium: CVE-2026-5887 Insufficient validation of untrusted input in Downloads

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.8AI score0.00038EPSS
Exploits0
SUSE CVE
SUSE CVEadded 2026/04/09 11:29 p.m.2 views

SUSE CVE-2026-5887

Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. Chromium security severity: Medium...

7.3AI score0.00038EPSS
Exploits0References3
EUVD
EUVDadded 2026/04/09 12:32 a.m.2 views

EUVD-2026-20724

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. Chromium security severity: Low...

5.9AI score0.00034EPSS
Exploits0References3
NVD
NVDadded 2026/04/08 10:16 p.m.1 views

CVE-2026-5887

Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00038EPSS
Exploits0References2
Rows per page
Query Builder