Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

20042 matches found

Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11205

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted QR code. Chromium security severity: Medium...

5.6AI score0.00147EPSS
Exploits0References2
CVE
CVEadded 2026/06/04 11:5 p.m.9 views

CVE-2026-11205

CVE-2026-11205 concerns Insufficient validation of untrusted input in Chrome for iOS (Google Chrome on iOS) up to build 149.0.7827.53, enabling a remote attacker to cause UXSS if a user performs specific UI gestures prompted by a crafted QR code. The advisory notes a Medium severity (CVSS 3.1: AV...

6.1CVSS6AI score0.00147EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11186

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00159EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11186

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.6AI score0.00159EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11186

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00159EPSS
Exploits0
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:5 p.m.4 views

CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

6AI score0.00211EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

8.1CVSS5.6AI score0.00211EPSS
Exploits0
CVE
CVEadded 2026/06/04 11:5 p.m.11 views

CVE-2026-11169

The CVE-2026-11169 issue affects Google Chrome (Chromium-based) and is described as an inappropriate XML implementation that enables UXSS via a crafted XML file. Affected software is Chrome prior to version 149.0.7827.53. The underlying cause is an improper XML handling path within Chrome/Chromiu...

8.1CVSS6AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2026/06/04 11:5 p.m.10 views

CVE-2026-11166

CVE-2026-11166 concerns an Inappropriate implementation in SVG in Google Chrome (Chromium) prior to 149.0.7827.53. The vulnerability allows a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. Affected software is Google Chrome’s SVG handling in the Chromium stack...

6.8CVSS6AI score0.00205EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:5 p.m.5 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00205EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.5 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.6AI score0.00205EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.6 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS5.6AI score0.00205EPSS
Exploits0
Cvelist
Cvelistadded 2026/06/04 11:5 p.m.25 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

0.00121EPSS
Exploits0References2
CVE
CVEadded 2026/06/04 11:5 p.m.9 views

CVE-2026-11157

Summary: CVE-2026-11157 is a UXSS vulnerability in Google Chrome’s Accessibility feature exploitable via a crafted Chrome Extension. The issue occurs in Chrome builds prior to 149.0.7827.53 and could allow an attacker, by convincing a user to install a malicious extension, to inject arbitrary scr...

5.4CVSS5.9AI score0.00121EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichmentadded 2026/06/04 11:5 p.m.4 views

CVE-2026-11157

Script injection in Accessibility in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...

5.5AI score0.00121EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 2026/06/04 11:5 p.m.4 views

CVE-2026-11150

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00159EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2026/06/04 11:5 p.m.26 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00159EPSS
Exploits0References2
Debian CVE
Debian CVEadded 2026/06/04 11:5 p.m.5 views

CVE-2026-11122

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00159EPSS
Exploits0
CVE
CVEadded 2026/06/04 11:4 p.m.10 views

CVE-2026-11062

CVE-2026-11062 affects Google Chrome extensions: insufficient policy enforcement in Extensions allows an attacker to inject scripts/HTML into a privileged page when a user installs a crafted malicious extension. Impact is partial integrity compromise of privileged pages; exploit not confirmed in ...

4.3CVSS5.8AI score0.00134EPSS
Exploits0References2Affected Software1
Cvelist
Cvelistadded 2026/06/04 11:4 p.m.26 views

CVE-2026-11062

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

0.00134EPSS
Exploits0References2
Rows per page
Query Builder