CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

9.6CVSS5.9AI score0.01636EPSS

PT-2026-46453

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in Chromecast allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a crafte...

9.6CVSS6.4AI score0.01636EPSS

PT-2026-46760

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Compositing allows a remote attacker who has compromised the renderer process to execute arbitrary code inside a sandbox by using a crafted HTML page...

PT-2026-46749

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a securi...

9.6CVSS5.9AI score0.01636EPSS

PT-2026-46509

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in DevTools allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism...

PT-2026-46676

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Extensions allows a remote attacker who has compromised the renderer process to perform privilege escalation via a crafted HTML page...

PT-2026-46632

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the WebUI allows a remote attacker who has compromised the renderer process to leak cross-origin data through the use of a crafted HTML pag...

Positive Technologies•added 4 days ago•6 views

PT-2026-46647

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Enterprise Reporting allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafte...

PT-2026-46591

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in WebNN allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

PT-2026-46695

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using ...

Positive Technologies•added 4 days ago•6 views

PT-2026-46581

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in the GPU component on Windows. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by...

RedHat Linux•added 5 days ago•7 views

kernel: Linux kernel: Denial of Service in ice driver due to race condition during VSI rebuild

A flaw was found in the Linux kernel's ice network driver. A local attacker could exploit a race condition during the Virtual Station Interface VSI rebuild process. This flaw occurs when the Precision Time Protocol PTP periodic work attempts to access uninitialized memory, leading to a NULL point...

4.7CVSS5.8AI score0.00022EPSS

Exploits0References5

NVD•added 5 days ago•9 views

CVE-2026-0095

In l2cfcrclonebuf of l2cfcr.cc, there is a possible way to trigger controlled heap corruption within the privileged Bluetooth process due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

8CVSS0.0001EPSS

NVD•added 5 days ago•6 views

CVE-2026-0074

In getPreferredSize of LauncherProcessImageListener.kt, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

5.5CVSS0.00005EPSS

Vulnrichment•added 5 days ago•5 views

CVE-2026-24088 Missing Authentication for Critical Function in Boot

Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader...

8.2CVSS5.8AI score0.00008EPSS

Snyk•added 5 days ago•5 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management via improper handling of user roles in the api process. An attacker can gain unauthorized administrative privileges by sending crafted requests after authenticating as a regular user. Remediation Upgrade...

8.8CVSS5.8AI score0.00051EPSS

Exploits0References3

CVE•added 5 days ago•9 views

CVE-2026-0095

The provided CVE-2026-0095 entries describe a vulnerability in the Bluetooth stack, specifically in the function l2c_fcr_clone_buf in l2c_fcr.cc. The issue is an integer overflow that can trigger controlled heap corruption within the privileged Bluetooth process, leading to local escalation of pr...

8CVSS6AI score0.0001EPSS

Exploits0References1Affected Software1

Vulnrichment•added 5 days ago•7 views

CVE-2026-0095

6AI score0.0001EPSS