CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2 days ago•7 views

CVE-2026-12031

The following flaw was identified in the Chromium browser: Inappropriate implementation Views. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=518045638...

8.3CVSS5.8AI score0.00191EPSS

OSV•added 5 days ago•4 views

GHSA-P67V-3W7G-WJG7 Nokogiri: Possible Use-After-Free when directly using `NokogirI::XML::XPathContext` beyond document lifetime

Summary Nokogiri::XML::XPathContext did not keep its source document alive for garbage collection. If an XPathContext outlived its document and the document was collected, evaluating an XPath expression could read invalid memory and potentially segfault. This is only reachable when application co...

6.3CVSS5.9AI score

OSV•added 5 days ago•4 views

GHSA-WJV4-X9W8-WM3H Nokogiri: Possible Use-After-Free when setting `Document#root=` to an invalid node type

Summary Nokogiri::XML::Documentroot= validated only that the new root was a Nokogiri::XML::Node, allowing a DTD node to be set as the document root. The result is a heap use-after-free during garbage collection or finalization, leading to an invalid memory read or potentially a segfault. Nokogiri...

6.3CVSS5.9AI score

Microsoft CVE•added 5 days ago•5 views

Chromium: CVE-2026-12459 Inappropriate implementation in Serial

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS5.8AI score0.00181EPSS

RedhatCVE•added 5 days ago•8 views

CVE-2026-12018

The following flaw was identified in the Chromium browser: Inappropriate implementation Mojo. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516808201...

8.8CVSS5.8AI score0.0016EPSS

RedhatCVE•added 5 days ago•6 views

CVE-2026-12468

An inappropriate implementation flaw was found in the Updater component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=521485244...

8.3CVSS5.8AI score0.00143EPSS

RedhatCVE•added 5 days ago•6 views

CVE-2026-12450

An inappropriate implementation flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=514531776...

6.5CVSS5.8AI score0.00184EPSS

RedhatCVE•added 5 days ago•6 views

CVE-2026-12459

An inappropriate implementation flaw was found in the Serial component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517406035...

8.1CVSS5.8AI score0.00181EPSS

RedhatCVE•added 5 days ago•5 views

CVE-2026-12448

An inappropriate implementation flaw was found in the WebView component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513458233...

8.8CVSS5.8AI score0.00255EPSS

RedhatCVE•added 5 days ago•5 views

CVE-2026-12438

An inappropriate implementation flaw was found in the WebView component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516947912...

8.3CVSS5.8AI score0.00207EPSS

NVD•added 6 days ago•10 views

CVE-2026-45696

OpenEXR is the reference implementation and specification for the EXR image format, widely used in the motion picture industry. In versions 3.4.0 through 3.4.11, the HTJ2K High-Throughput JPEG 2000 decoder, htundoimpl in OpenEXRCore is vulnerable to a heap-buffer-overflow READ. The htundoimp...

8.3CVSS0.00271EPSS

EUVD•added last week•9 views

EUVD-2026-37548

Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

4.7CVSS5.6AI score0.00133EPSS

Exploits0References3

NVD•added last week•10 views

CVE-2026-12458

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS0.0019EPSS

Debian CVE•added last week•6 views

CVE-2026-12463

4.7CVSS5.6AI score0.00133EPSS

Tenable Nessus•added 2026/06/17 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2026-12463

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Views. CVE-2026-12463 Note that Nessus relies on the presence of the package as reported by the vendor. %NASLMINLEVEL 80900 C...

4.7CVSS5.9AI score0.00133EPSS

Positive Technologies•added 2026/06/17 12:0 a.m.•13 views

PT-2026-50213

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.155 Description An inappropriate implementation in Views allows a remote attacker who has compromised the renderer process to inject arbitrary scripts or HTML via a crafted HTML page. This...

9.6CVSS6AI score0.00537EPSS

Exploits0References41

Microsoft CVE•added 2026/06/16 2:15 a.m.•8 views

Chromium: CVE-2026-11695 Inappropriate implementation in Passwords

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.3CVSS5.2AI score0.00193EPSS

Microsoft CVE•added 2026/06/16 2:14 a.m.•10 views

Chromium: CVE-2026-11693 Inappropriate implementation in Plugins

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.1CVSS5.2AI score0.00214EPSS

Microsoft CVE•added 2026/06/15 2:0 p.m.•5 views

Chromium: CVE-2026-12018 Inappropriate implementation Mojo

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.2AI score0.0016EPSS