CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 6 days ago•7 views

PT-2026-47025

Name of the Vulnerable Software and Affected Versions Markdown Preview Enhanced versions prior to 0.8.28 Description The software parses WaveDrom diagrams by evaluating untrusted markdown content using the eval function, which allows for arbitrary JavaScript execution. This issue affects all rend...

8.8CVSS6AI score0.00058EPSS

Exploits0References7

Positive Technologies•added 6 days ago•9 views

PT-2026-47085

Summary The shared form-view submit handler in NocoDB writes the form's redirect url to window.location.href after a same-host check that does not validate the URL scheme. A user with editor role or above on any base can plant a javascript: URL in the form's redirect url; when an authenticated...

8.4CVSS5.8AI score

Exploits0References4

Vulnrichment•added last week•5 views

CVE-2026-50589

In OpenStack Ironic 32 before 37.0.0, an unauthenticated malicious user could submit a crafted JSON string to some endpoints on the API or JSON-RPC service and effect a service crash...

5.3CVSS5.5AI score0.00048EPSS

OSV•added last week•3 views

DEBIAN-CVE-2026-11075

Out of bounds read in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.0003EPSS

8.8CVSS6AI score0.00086EPSS

DEBIAN-CVE-2026-11050

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

NVD•added last week•4 views

CVE-2026-11050

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00086EPSS

8.8CVSS5.5AI score0.00086EPSS

DEBIAN-CVE-2026-10989

Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00086EPSS

DEBIAN-CVE-2026-10987

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

NVD•added last week•4 views

CVE-2026-10963

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00086EPSS

8.8CVSS6AI score0.00088EPSS

DEBIAN-CVE-2026-10936

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

NVD•added last week•3 views

CVE-2026-10935

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00088EPSS

8.8CVSS6AI score0.00088EPSS

DEBIAN-CVE-2026-10935

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Vulnrichment•added last week•8 views

CVE-2026-11211

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00086EPSS

ATTACKERKB•added last week•4 views

CVE-2026-11211

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.3AI score0.00086EPSS

Exploits0References3Affected Software1

Debian CVE•added last week•5 views

CVE-2026-11185

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...

8.1CVSS5.9AI score0.00016EPSS

Exploits0

Vulnrichment•added last week•4 views

CVE-2026-11185

5.9AI score0.00016EPSS

Debian CVE•added last week•7 views

CVE-2026-11173

Out of bounds write in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00109EPSS

Exploits0

ATTACKERKB•added last week•5 views

CVE-2026-11173

8.8CVSS6.2AI score0.00109EPSS

Exploits0References3Affected Software1

Vulnrichment•added last week•4 views

CVE-2026-11050

Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

6.2AI score0.00086EPSS