CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

3.1CVSS5.8AI score0.00161EPSS

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from corrupted Compositing component objects, which could allow remote attackers with compromised rendering processes to exploit...

3.1CVSS6AI score0.00158EPSS

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reuse of resources after their release, which could allow remote attackers who have breached...

3.1CVSS5.9AI score0.00174EPSS

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in the AI component, which could allow remote attackers who have breached the rendering proce...

8.3CVSS5.9AI score0.00207EPSS

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with reuse after release in the Mojo component, which could allow remote attackers who have breached t...

CNNVD•added 2026/05/12 12:0 a.m.•8 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability, which stemmed from a reuse issue in the Accessibility component. This vulnerability could allow remote attackers who have breached the rendering...

7.5CVSS5.9AI score0.00207EPSS

CNNVD•added 2026/05/12 12:0 a.m.•7 views

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the reuse of resources after they were released in the Network component. It could allow remote...

8.3CVSS5.9AI score0.00267EPSS

CNNVD•added 2026/05/12 12:0 a.m.•11 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the ReadingMode component, which could allow a remote attacker with...

3.1CVSS5.8AI score0.00186EPSS

OSV•added 2026/05/11 11:43 p.m.•7 views

MAL-2026-3467 Malicious code in @tanstack/react-router-ssr-query (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6c8db33bfb3bf19b736238a7e0895ecfd856e38c6e86d83f6eee8df6f5c13730 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score

Exploits0References6

Cvelist•added 2026/05/11 9:42 p.m.•40 views

CVE-2026-43900 DeepChat: Persistent DOM XSS via HTML Entity Encoding in `<antArtifact>` SVG Rendering (Bypass of `svgSanitizer.ts`)

DeepChat is an open-source artificial intelligence agent platform that unifies models, tools, and agents. Prior to v1.0.4-beta.1, a Cross-Site Scripting XSS vulnerability exists due to a discrepancy between the backend validation layer and the frontend browser rendering engine. The SVGSanitizer...

9.3CVSS0.00306EPSS

EUVD•added 2026/05/11 9:42 p.m.•10 views

EUVD-2026-29337

9.3CVSS6AI score0.00306EPSS

CVE•added 2026/05/11 9:42 p.m.•10 views

CVE-2026-43900

DeepChat vuln CVE-2026-43900 affects the SvgArtifact rendering path. The sanitizer in src/main/lib/svgSanitizer.ts scrubs javascript: protocols with plain-text regex but fails to account for HTML entity decoding before Vue’s v-html insertion in SvgArtifact.vue. Crafting an SVG artifact with obfus...

9.3CVSS6AI score0.00306EPSS

vulnersOsv•added 2026/05/11 9:0 p.m.•12 views

birdclaw (>=0.1.0 <=0.6.0), livemark (>=0.0.0-dev <=0.23.0) potentially affected by CVE-2026-45321 via @tanstack/react-router-ssr-query (>=1.166.10 <=1.166.12)

@tanstack/react-router-ssr-query NPM version =1.166.10, =0.1.0, =0.0.0-dev, =0.23.0 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTROUTERSSRQUERY-16640207...

9.6CVSS8AI score0.02342EPSS

Exploits3

GithubExploit•added 2026/05/11 8:39 p.m.•80 views

Exploit for Basic XSS in Espocrm

CVE-2026-33657 - EspoCRM 9.3.3 Stored HTML Injection in Email...

5.4CVSS5.9AI score0.00176EPSS

Exploits2

RedhatCVE•added 2026/05/11 8:27 p.m.•8 views

CVE-2026-8193

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS6.2AI score0.00206EPSS