CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/04 11:5 p.m.•17 views

CVE-2026-11239

CVE-2026-11239 affects Google Chrome extensions. Insecure or inappropriate implementation in Extensions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escalate privileges through a crafted HTML page. The CVSS score is 7.5 (HIGH) with impact to ...

7.5CVSS5.8AI score0.00221EPSS

CVE•added 2026/06/04 11:5 p.m.•20 views

CVE-2026-11238

CVE-2026-11238 concerns the Google Chrome DevTools implementation. The connected documents state that an insecure DevTools path in Chrome prior to version 149.0.7827.53 allows a user-assisted attack: if a user installs a malicious extension, memory contents from affected processes may be exposed....

5.9CVSS5.8AI score0.0017EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•5 views

CVE-2026-11232

Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Low...

5.8AI score0.00146EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11232

Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Low...

5.5AI score0.00146EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•3 views

CVE-2026-11214

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00161EPSS

CVE•added 2026/06/04 11:5 p.m.•14 views

CVE-2026-11194

CVE-2026-11194 concerns Google Chrome’s network stack: an inappropriate implementation enables a remote attacker to leak cross-origin data via a crafted HTML page. Affected software is Chrome prior to 149.0.7827.53. The vulnerability stems from the Network component/root cause described in the co...

6.5CVSS5.8AI score0.00183EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11187

Inappropriate implementation in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00152EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•8 views

CVE-2026-11179

Inappropriate implementation in ORB in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

5.4AI score0.00227EPSS

CVE•added 2026/06/04 11:5 p.m.•12 views

CVE-2026-11176

CVE-2026-11176 describes an inappropriate media implementation in Google Chrome before 149.0.7827.53 that could allow a remote attacker to leak cross-origin data through a crafted HTML page. The vulnerability affects Chrome’s media handling and is rated Medium severity by Chromium, with network a...

6.5CVSS5.8AI score0.00176EPSS

ATTACKERKB•added 2026/06/04 11:5 p.m.•4 views

CVE-2026-11176

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00176EPSS

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11176

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS

Exploits0

Vulnrichment•added 2026/06/04 11:5 p.m.•7 views

CVE-2026-11162

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00187EPSS

Cvelist•added 2026/06/04 11:5 p.m.•27 views

CVE-2026-11148

Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00137EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•9 views

CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00176EPSS

CVE•added 2026/06/04 11:5 p.m.•17 views

CVE-2026-11129

This CVE concerns Google Chrome Extensions with an inappropriate implementation in Chrome prior to 149.0.7827.53. The issue allows a remote attacker to leak cross-origin data through a crafted HTML page, as described (Chromium security severity: Medium). Affected product: Chrome (Extensions compo...

6.5CVSS5.8AI score0.00176EPSS

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00159EPSS

Exploits0

Cvelist•added 2026/06/04 11:5 p.m.•26 views

CVE-2026-11119

Inappropriate implementation in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00234EPSS

Vulnrichment•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11119

5.5AI score0.00234EPSS