CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

399 matches found

EUVD-2026-36449

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.4, NodeVM exposes some process-wide observability builtins when they are allowed through require.builtin. The diagnosticschannel, asynchooks, and perfhooks builtins are not blocked by the dangerous builtin denylist. These modules...

6.9CVSS5.2AI score

Exploits0References3

SUSE CVE•added 2 days ago•4 views

SUSE CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.05467EPSS

Exploits2References3

SUSE CVE•added 2 days ago•3 views

SUSE CVE-2026-11650

Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00128EPSS

Exploits0References3

SUSE CVE•added 2 days ago•3 views

SUSE CVE-2026-11688

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00084EPSS

Exploits0References3

EUVD•added 3 days ago•4 views

EUVD-2026-35274

Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0008EPSS

Exploits0References3

EUVD•added 3 days ago•6 views

EUVD-2026-35214

8.8CVSS6AI score0.00084EPSS

Exploits0References3

OSV•added 3 days ago•3 views

DEBIAN-CVE-2026-11683

Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00071EPSS

Exploits0References1

Tenable Nessus•added 3 days ago•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-11645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...

8.8CVSS6.5AI score0.05467EPSS

Exploits2References2

Cvelist•added 4 days ago•27 views

CVE-2026-11688

0.00084EPSS

Exploits0References2

CVE•added 4 days ago•12 views

CVE-2026-11688

CVE-2026-11688 describes an inappropriate SVG implementation in Google Chrome prior to 149.0.7827.103 that enables a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Impact is high (C/H/I/A = 8.8 CVSS v3.1) per Chromium, with network access, no privileges, use...

8.8CVSS6AI score0.00084EPSS

Exploits0References2Affected Software1

CVE•added 4 days ago•16 views

CVE-2026-11683

CVE-2026-11683 affects Google Chrome’s WebCodecs. The root cause is a use-after-free in WebCodecs that allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. The vulnerability is in Chrome versions prior to 149.0.7827.103 (Chromium-based). Impact is described...

8.8CVSS6AI score0.00071EPSS

Exploits0References2Affected Software1

Vulnrichment•added 4 days ago•4 views

CVE-2026-11670

Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

6AI score0.0008EPSS

Exploits0References2

VulnCheck KEV•added 4 days ago•4 views

VulnCheck KEV: CVE-2026-11645

8.8CVSS6.3AI score0.05467EPSS

In wildExploits2References4

Positive Technologies•added 4 days ago•6 views

PT-2026-47488

Type Confusion in Bindings in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6AI score0.00096EPSS

Exploits0References3

Positive Technologies•added 4 days ago•6 views

PT-2026-47500

Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.0008EPSS

Exploits0References3

SUSE CVE•added 5 days ago•5 views

SUSE CVE-2026-10904

Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00212EPSS

Exploits0References2

SUSE CVE•added 5 days ago•6 views

SUSE CVE-2026-10910

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00104EPSS

Exploits0References2

SUSE CVE•added 5 days ago•4 views

SUSE CVE-2026-10948

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00123EPSS

Exploits0References2

SUSE CVE•added 5 days ago•3 views

SUSE CVE-2026-10964

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00086EPSS

Exploits0References2

SUSE CVE•added 5 days ago•6 views

SUSE CVE-2026-11059

Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00086EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by