CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2 days ago•10 views

CVE-2026-12020

The CVE-2026-12020 entry concerns Google Chrome on macOS, where an Autofill use-after-free leads to possible heap corruption from a crafted HTML page. Affected product/version: Chrome on Mac prior to 149.0.7827.115. Root cause: use-after-free in Autofill (Chromium component) as described in the c...

8.8CVSS5.6AI score0.00068EPSS

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

0.00007EPSS

CVE-2026-12015

Use after free in Autofill in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

0.00028EPSS

Vulnrichment•added 2 days ago•4 views

CVE-2026-12015

5.5AI score0.00028EPSS

CVE•added 2 days ago•7 views

CVE-2026-12015

The CVE-2026-12015 entry describes a use-after-free in Chrome’s Autofill component handled in the renderer process. A remote attacker who can compromise the renderer could leverage a crafted HTML page to read potentially sensitive data from process memory. Affected software is Google Chrome (Auto...

5.3CVSS5.5AI score0.00028EPSS

CVE-2026-12013

Use after free in Media in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00068EPSS

8.8CVSS5.5AI score0.00068EPSS

CVE-2026-12013

Vulnrichment•added 2 days ago•5 views

CVE-2026-12014

5.5AI score0.00007EPSS

Debian CVE•added 2 days ago•4 views

CVE-2026-12014

8.3CVSS5.3AI score0.00007EPSS

5.3CVSS5.3AI score0.00028EPSS

CVE-2026-12015

CVE•added 2 days ago•12 views

CVE-2026-12013

CVE-2026-12013 is a use-after-free in Chrome’s Media component on Windows, leading to possible heap corruption via a crafted HTML page. Affected product: Google Chrome for Windows (prior to 149.0.7827.115). Root cause: use-after-free in media handling. Impact: remote code execution potential thro...

8.8CVSS5.6AI score0.00068EPSS

CVE•added 2 days ago•8 views

CVE-2026-12014

CVE-2026-12014 affects Google Chrome’s Cast component. The issue is a use-after-free in Cast that, on devices on the local network, could enable a sandbox escape via crafted network traffic. Chrome mitigations rely on updating to the patched build (149.0.7827.115; Windows/Mac 149.0.7827.114/115; ...

8.3CVSS5.5AI score0.00007EPSS

Vulnrichment•added 2 days ago•4 views

CVE-2026-12012

Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

5.5AI score0.00019EPSS

CVE•added 2 days ago•9 views

CVE-2026-12012

CVE-2026-12012 affects Google Chrome’s Network component. It is a Use-After-Free vulnerability that could allow heap corruption via malicious network traffic, with the impact described as High. A fixed build is Chrome 149.0.7827.115 (Windows/macOS; Linux fixed earlier in 149.0.7827.114/114). The ...

8.1CVSS5.5AI score0.00019EPSS

CVE-2026-12011

Use after free in WebMIDI in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00062EPSS

CVE-2026-12012

0.00019EPSS

8.3CVSS5.4AI score0.00062EPSS

CVE-2026-12011

Vulnrichment•added 2 days ago•5 views

CVE-2026-12011

5.5AI score0.00062EPSS

8.8CVSS6AI score0.0008EPSS

CVE-2026-12007

Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...