CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/06/08 9:0 a.m.•4 views

CVE-2026-11500

A vulnerability was identified in Weaviate up to 1.37.7. This vulnerability affects the function validateConfig of the file usecases/auth/authentication/apikey/client.go of the component Static API Key Handler. The manipulation of the argument StaticApiKey leads to authorization bypass. It is...

5CVSS4.9AI score0.00442EPSS

Exploits0References8

SUSE CVE•added 2026/06/07 4:44 a.m.•4 views

SUSE CVE-2026-11132

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.0022EPSS

SUSE CVE•added 2026/06/07 4:44 a.m.•6 views

SUSE CVE-2026-11135

Insufficient policy enforcement in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS

SUSE CVE•added 2026/06/07 4:42 a.m.•4 views

SUSE CVE-2026-11193

Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00216EPSS

RedhatCVE•added 2026/06/06 12:44 a.m.•11 views

CVE-2026-11298

An insufficient policy enforcement flaw was found in the Chrome for iOS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502503860...

4.3CVSS5.4AI score0.00159EPSS

Exploits0References4

RedhatCVE•added 2026/06/05 7:47 p.m.•7 views

CVE-2026-9483

A vulnerability was found in SourceCodester Student Grades Management System 1.0. Affected is an unknown function of the file grades.php. Performing a manipulation of the argument studentid results in improper authorization. The attack may be initiated remotely. The exploit has been made public a...

6.5CVSS6.3AI score0.00261EPSS

RedhatCVE•added 2026/06/05 7:47 p.m.•6 views

CVE-2026-6612

A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function getagentexecution/updateagentexecution of the file superagi/controllers/agentexecution.py of the component Agent Execution Endpoint. Executing a manipulation of the argument agentexecutionid can...

6.5CVSS6.2AI score0.00314EPSS

RedhatCVE•added 2026/06/05 7:46 p.m.•6 views

CVE-2026-6583

A vulnerability has been found in TransformerOptimus SuperAGI up to 0.0.14. This affects the function deleteapikey/editapikey of the file superagi/controllers/apikey.py of the component API Key Management Endpoint. The manipulation leads to authorization bypass. The attack is possible to be carri...

5.5CVSS5.3AI score0.003EPSS

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34713

Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00175EPSS

EUVD•added 2026/06/05 12:31 a.m.•9 views

EUVD-2026-34665

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00201EPSS

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34654

5.8AI score0.00216EPSS

EUVD•added 2026/06/05 12:31 a.m.•7 views

EUVD-2026-34485

Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00165EPSS

EUVD•added 2026/06/05 12:31 a.m.•6 views

EUVD-2026-34445

Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00255EPSS

NVD•added 2026/06/05 12:17 a.m.•12 views

CVE-2026-11266

Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. Chromium security severity: Low...

4.3CVSS0.00168EPSS

OSV•added 2026/06/05 12:17 a.m.•6 views

DEBIAN-CVE-2026-11252

4.3CVSS5.5AI score0.00175EPSS

Redos•added 2026/06/05 12:0 a.m.•6 views

ROS-20260605-73-0096

The vulnerability in Firefox is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker to circumvent existing security restrictions remotely...

6.5CVSS5.4AI score0.00191EPSS

Exploits0

Tenable Nessus•added 2026/06/05 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2026-11258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific ...

6.5CVSS5.5AI score0.00201EPSS

Tenable Nessus•added 2026/06/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2026-11275

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process ...

6.5CVSS5.5AI score0.00201EPSS