CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 5 days ago•10 views

CVE-2026-11681

CVE-2026-11681 : Use-after-free in Chrome’s Ozone component on Linux prior to 149.0.7827.103 allows a remote attacker to potentially trigger heap corruption via a crafted HTML page. Impact is described as high; the vulnerability is within the Chromium-based Chrome stack and affects the Ozone laye...

8.8CVSS5.6AI score0.00068EPSS

Vulnrichment•added 5 days ago•4 views

CVE-2026-11681

Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.6AI score0.00068EPSS

ATTACKERKB•added 5 days ago•3 views

CVE-2026-11681

Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

5.6AI score0.00068EPSS

Cvelist•added 5 days ago•27 views

CVE-2026-11680

0.0008EPSS

Cvelist•added 5 days ago•27 views

CVE-2026-11681

Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00068EPSS

CVE•added 5 days ago•10 views

CVE-2026-11679

CVE-2026-11679 : Use-after-free in Codecs within Google Chrome on Windows, fixed in the 149.0.7827.103 (and later) update. The vulnerability could allow a remote attacker who has compromised the renderer process to perform a sandbox escape via a crafted HTML page. Affected product is Google Chrom...

8.3CVSS5.5AI score0.00068EPSS

Cvelist•added 5 days ago•34 views

CVE-2026-11679

Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00068EPSS

Debian CVE•added 5 days ago•3 views

CVE-2026-11677

Race in Network in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00061EPSS

Exploits0

ATTACKERKB•added 5 days ago•5 views

CVE-2026-11678

Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS5.5AI score0.00028EPSS

CVE•added 5 days ago•11 views

CVE-2026-11677

CVE-2026-11677 describes a race in the Chrome network process on macOS prior to 149.0.7827.103 that could enable a remote attacker who had network-process access to escape the browser sandbox via a crafted HTML page. The vulnerability affects Google Chrome for macOS; the underlying issue is descr...

8.3CVSS5.5AI score0.00061EPSS

Cvelist•added 5 days ago•27 views

CVE-2026-11677

0.00061EPSS

ATTACKERKB•added 5 days ago•5 views

CVE-2026-11677

5.5AI score0.00061EPSS

CVE•added 5 days ago•13 views

CVE-2026-11676

CVE-2026-11676 affects Google Chrome on Linux/ChromeOS (Dawn component) and is due to insufficient validation of untrusted input, allowing a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. The issue is observed prior to Chr...

8.3CVSS5.5AI score0.0009EPSS

Debian CVE•added 5 days ago•5 views

CVE-2026-11675

Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00033EPSS

Exploits0

Cvelist•added 5 days ago•29 views

CVE-2026-11676

Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.0009EPSS

ATTACKERKB•added 5 days ago•4 views

CVE-2026-11674

Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0008EPSS

Debian CVE•added 5 days ago•3 views

CVE-2026-11674

Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0008EPSS

Exploits0

Vulnrichment•added 5 days ago•4 views

CVE-2026-11674

Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6AI score0.0008EPSS

Vulnrichment•added 5 days ago•5 views

CVE-2026-11672

Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00062EPSS