CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1979 matches found

VS Code Extension Persistence

This module installs a malicious VS Code extension into the target's VS Code extensions directory. The extension executes the payload each time VS Code is launched, providing persistent code execution. Supports VS Code, VS Code Insiders, VSCodium, VS Code Server, and Cursor. Tested against 1.120....

5.7AI score

Exploits0

SUSE CVE•added 2 days ago•3 views

SUSE CVE-2026-11644

Use after free in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

7.5CVSS6AI score0.0003EPSS

Exploits0References3

SUSE CVE•added 2 days ago•4 views

SUSE CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

8.3CVSS5.4AI score0.00029EPSS

Exploits0References3

EUVD•added 3 days ago•3 views

EUVD-2026-35256

8.3CVSS5.4AI score0.00029EPSS

Exploits0References3

OSV•added 3 days ago•3 views

DEBIAN-CVE-2026-11656

8.3CVSS5.4AI score0.00029EPSS

Exploits0References1

OSV•added 3 days ago•3 views

DEBIAN-CVE-2026-11644

7.5CVSS6AI score0.0003EPSS

Exploits0References1

NVD•added 3 days ago•4 views

CVE-2026-11644

7.5CVSS0.0003EPSS

Exploits0References2

Debian CVE•added 4 days ago•3 views

CVE-2026-11656

8.3CVSS5.4AI score0.00029EPSS

Exploits0

CVE•added 4 days ago•12 views

CVE-2026-11656

CVE-2026-11656 affects Google Chrome via a Use-after-Free in the ServiceWorker component, enabling a sandbox escape when a user installs a crafted malicious extension. Public descriptions consistently state the vulnerability occurs in Chrome versions prior to 149.0.7827.103. The available sources...

8.3CVSS5.4AI score0.00029EPSS

Exploits0References2Affected Software1

Vulnrichment•added 4 days ago•4 views

CVE-2026-11656

5.4AI score0.00029EPSS

Exploits0References2

ATTACKERKB•added 4 days ago•4 views

CVE-2026-11656

8.3CVSS5.4AI score0.00029EPSS

Exploits0References3Affected Software1

Cvelist•added 4 days ago•32 views

CVE-2026-11656

0.00029EPSS

Exploits0References2

CVE•added 4 days ago•10 views

CVE-2026-11644

CVE-2026-11644 describes a use-after-free in the Views component of Google Chrome on Linux, allowing code execution via a crafted Chrome Extension when a user is convinced to install a malicious extension. Affected software: Google Chrome (Linux) with the vulnerable Views code path. Root cause: u...

7.5CVSS6AI score0.0003EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 4 days ago•3 views

CVE-2026-11644

7.5CVSS6AI score0.0003EPSS

Exploits0References3Affected Software1

Positive Technologies•added 4 days ago•5 views

PT-2026-47470

7.5CVSS6AI score0.0003EPSS

Exploits0References3

Positive Technologies•added 4 days ago•7 views

PT-2026-47482

5.4AI score0.00029EPSS

Exploits0References3

SUSE CVE•added 5 days ago•5 views

SUSE CVE-2026-10997

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00016EPSS

Exploits0References2

SUSE CVE•added 5 days ago•5 views

SUSE CVE-2026-11014

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00022EPSS

Exploits0References2

SUSE CVE•added 5 days ago•3 views

SUSE CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.4AI score0.00019EPSS

Exploits0References2

SUSE CVE•added 5 days ago•4 views

SUSE CVE-2026-11092

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to perform privilege escalation via a crafted Chrome Extension. Chromium security severity: Medium...

8.8CVSS5.4AI score0.00026EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by