Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

30625 matches found

NVD
NVDadded 2026/05/28 11:16 p.m.4 views

CVE-2026-10001

Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00073EPSS
Exploits0References2
NVD
NVDadded 2026/05/28 11:16 p.m.6 views

CVE-2026-10000

Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00118EPSS
Exploits0References2
OSV
OSVadded 2026/05/28 11:16 p.m.4 views

UBUNTU-CVE-2026-9981

Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.0003EPSS
Exploits0References4
OSV
OSVadded 2026/05/28 11:16 p.m.6 views

UBUNTU-CVE-2026-9998

Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.9AI score0.00073EPSS
Exploits0References4
Snyk
Snykadded 2026/05/28 10:29 p.m.6 views

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the ProcessMergeDriver command. An attacker can execute arbitrary commands by crafting malicious file paths that are substituted into the merge driver command and executed with shell privileges when a victim merges...

7.5CVSS6AI score
Exploits0References2
Vulnrichment
Vulnrichmentadded 2026/05/28 10:25 p.m.7 views

CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00087EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/28 10:25 p.m.29 views

CVE-2026-10020

Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00087EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/28 10:25 p.m.33 views

CVE-2026-10017

Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00086EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/05/28 10:25 p.m.8 views

CVE-2026-10008

Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.8AI score0.00036EPSS
Exploits0
Cvelist
Cvelistadded 2026/05/28 10:25 p.m.26 views

CVE-2026-10000

Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00118EPSS
Exploits0References2
CVE
CVEadded 2026/05/28 10:25 p.m.22 views

CVE-2026-10000

CVE-2026-10000 is a use-after-free vulnerability in Google Chrome on Windows affecting the Passwords component. The underlying issue occurs when the renderer process is compromised, enabling a crafted HTML page to potentially escape the Chrome sandbox. Impact is described as high, with remote cod...

8.3CVSS5.8AI score0.00118EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/05/28 10:25 p.m.9 views

CVE-2026-9997

Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00118EPSS
Exploits0
CVE
CVEadded 2026/05/28 10:25 p.m.20 views

CVE-2026-9997

CVE-2026-9997 corresponds to a use-after-free in the Chrome Input component (Chromium-based) that affects Chrome versions prior to 148.0.7778.216. A renderer process compromise could enable a remote attacker to attempt a sandbox escape via a crafted HTML page. The issue is described across multip...

8.3CVSS5.8AI score0.00118EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/05/28 10:25 p.m.17 views

CVE-2026-9996

CVE-2026-9996 affects Google Chrome on macOS, with an out-of-bounds read in WebRTC that could allow a remote, crafted HTML page to read potentially sensitive data from the browser process memory. Affected component: WebRTC in Chromium-based Chrome; root cause is an out-of-bounds read. Version det...

6.5CVSS5.8AI score0.00028EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2026/05/28 10:25 p.m.9 views

CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

8.3CVSS5.8AI score0.00118EPSS
Exploits0
Debian CVE
Debian CVEadded 2026/05/28 10:25 p.m.8 views

CVE-2026-9994

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00118EPSS
Exploits0
Vulnrichment
Vulnrichmentadded 2026/05/28 10:25 p.m.6 views

CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

5.8AI score0.00118EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/05/28 10:25 p.m.6 views

CVE-2026-9993

Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. Chromium security severity: High...

5.8AI score0.00118EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/05/28 10:25 p.m.31 views

CVE-2026-9986

Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

0.00085EPSS
Exploits0References2
Cvelist
Cvelistadded 2026/05/28 10:25 p.m.28 views

CVE-2026-9985

Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

0.00043EPSS
Exploits0References2
Rows per page
Query Builder