Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

590091 matches found

OSV
OSVadded 2026/05/28 11:16 p.m.5 views

DEBIAN-CVE-2026-10016

Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00252EPSS
Exploits0References1
OSV
OSVadded 2026/05/28 11:16 p.m.5 views

DEBIAN-CVE-2026-10021

Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00234EPSS
Exploits0References1
OSV
OSVadded 2026/05/28 11:16 p.m.5 views

DEBIAN-CVE-2026-10005

Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00261EPSS
Exploits0References1
NVD
NVDadded 2026/05/28 11:16 p.m.11 views

CVE-2026-10005

Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00261EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 11:16 p.m.8 views

CVE-2026-10007

Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00252EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 11:16 p.m.6 views

CVE-2026-10006

Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.0023EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 11:16 p.m.8 views

CVE-2026-10009

Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00221EPSS
Exploits0References2
OSV
OSVadded 2026/05/28 11:16 p.m.4 views

DEBIAN-CVE-2026-10009

Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.3AI score0.00221EPSS
Exploits0References1
OSV
OSVadded 2026/05/28 11:16 p.m.5 views

DEBIAN-CVE-2026-10003

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00221EPSS
Exploits0References1
OSV
OSVadded 2026/05/28 11:16 p.m.5 views

DEBIAN-CVE-2026-10006

Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.0023EPSS
Exploits0References1
NVD
NVDadded 2026/05/28 11:16 p.m.6 views

CVE-2026-10003

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS0.00221EPSS
Exploits0References2
OSV
OSVadded 2026/05/28 11:16 p.m.5 views

UBUNTU-CVE-2026-9909

Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.3AI score0.00255EPSS
Exploits0References4
OSV
OSVadded 2026/05/28 11:16 p.m.8 views

UBUNTU-CVE-2026-9983

Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00255EPSS
Exploits0References4
OSV
OSVadded 2026/05/28 11:0 p.m.6 views

USN-8347-1 qtwebengine-opensource-src vulnerability

It was discovered that the vendored LibTIFF in QT WebEngine incorrectly handled memory when parsing malformed TIFF image metadata. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code...

8.8CVSS6AI score0.00739EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2026/05/28 11:0 p.m.14 views

USN-8347-1: QT WebEngine vulnerability

It was discovered that the vendored LibTIFF in QT WebEngine incorrectly handled memory when parsing malformed TIFF image metadata. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code...

8.8CVSS6.7AI score0.00739EPSS
Exploits0
Snyk
Snykadded 2026/05/28 10:45 p.m.8 views

Incorrect Default Permissions

Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...

9.4CVSS6AI score0.00452EPSS
Exploits0References2
Ubuntu
Ubuntuadded 2026/05/28 10:41 p.m.17 views

USN-8346-1: Texmaker vulnerabilities

It was discovered that the vendored LibTIFF in Texmaker incorrectly handled memory when parsing malformed TIFF image metadata. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code...

8.8CVSS6.7AI score0.00739EPSS
Exploits0
OSV
OSVadded 2026/05/28 10:29 p.m.8 views

GHSA-9277-MP7X-85JF Dulwich Vulnerable to Command Injection via Merge Driver Path

Summary Dulwich's ProcessMergeDriver substitutes the file path from the git tree, controllable by an attacker via a malicious branch into the merge driver command via the %P placeholder and executes it with subprocess.run..., shell=True. An attacker who can cause a victim to merge an untrusted...

7.7CVSS6.3AI score0.00555EPSS
Exploits0References5
Github Security Blog
Github Security Blogadded 2026/05/28 10:29 p.m.12 views

Dulwich Vulnerable to Command Injection via Merge Driver Path

Summary Dulwich's ProcessMergeDriver substitutes the file path from the git tree, controllable by an attacker via a malicious branch into the merge driver command via the %P placeholder and executes it with subprocess.run..., shell=True. An attacker who can cause a victim to merge an untrusted...

7.7CVSS6.3AI score0.00555EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2026/05/28 10:28 p.m.9 views

GHSA-897W-FCG9-F6XJ Dulwich has an arbitrary file write via NTFS-hostile tree entries on Windows

Impact Arbitrary file write leading to remote code execution when cloning or checking out a malicious Git repository on Windows. Dulwich's path-element validator accepted tree entries whose filenames contained bytes that Windows interprets as structural path syntax: - \ — the Windows path...

8.8CVSS6.6AI score0.00635EPSS
Exploits0References6
Rows per page
Query Builder