Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19966 matches found

RedhatCVE
RedhatCVEadded 3 days ago7 views

CVE-2026-8143

The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hbcountryiso', 'hbusastateiso', and 'hbcanadaprovinceiso' parameters in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS5.7AI score0.00073EPSS
Exploits0References1
Microsoft CVE
Microsoft CVEadded 3 days ago6 views

Chromium: CVE-2026-10928 Script injection in Headless

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.4AI score0.001EPSS
Exploits0
Microsoft CVE
Microsoft CVEadded 3 days ago4 views

Chromium: CVE-2026-11157 Script injection in Accessibility

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.4CVSS5.4AI score0.00013EPSS
Exploits0
EUVD
EUVDadded 3 days ago6 views

EUVD-2026-34734

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6AI score0.00025EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago7 views

EUVD-2026-34666

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted QR code. Chromium security severity: Medium...

6AI score0.00033EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago6 views

EUVD-2026-34647

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00026EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago4 views

EUVD-2026-34611

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00026EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago6 views

EUVD-2026-34627

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00029EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago6 views

EUVD-2026-34583

Inappropriate implementation in Keyboard in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00055EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago4 views

EUVD-2026-34510

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00017EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago3 views

EUVD-2026-34483

Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

6AI score0.00024EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago6 views

EUVD-2026-34377

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.001EPSS
Exploits0References3
EUVD
EUVDadded 3 days ago5 views

EUVD-2026-34365

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6AI score0.00038EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 3 days ago7 views

Linux Distros Unpatched Vulnerability : CVE-2026-10928

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

8.8CVSS5.9AI score0.001EPSS
Exploits0References2
EUVD
EUVDadded 3 days ago5 views

EUVD-2026-34845

Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliativelte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptidkey parameter lines 26, 42 in...

5.7AI score0.00077EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 3 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-11062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension ...

4.3CVSS5.5AI score0.00017EPSS
Exploits0References2
ATTACKERKB
ATTACKERKBadded 3 days ago5 views

CVE-2026-38579

Multiple reflected Cross-Site Scripting XSS vulnerabilities in damasac thaipalliativelte through version 3.0 allow remote attackers to inject arbitrary web script or HTML via the idFormMain parameter line 24, the id parameter lines 25, 75, and the ptidkey parameter lines 26, 42 in...

5.6AI score0.00077EPSS
Exploits1References3
Tenable Nessus
Tenable Nessusadded 3 days ago5 views

Linux Distros Unpatched Vulnerability : CVE-2026-10916

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer proces...

6.1CVSS5.7AI score0.00038EPSS
Exploits0References2
NVD
NVDadded 4 days ago6 views

CVE-2026-11205

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted QR code. Chromium security severity: Medium...

6.1CVSS0.00033EPSS
Exploits0References2
OSV
OSVadded 4 days ago4 views

DEBIAN-CVE-2026-11205

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted QR code. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00033EPSS
Exploits0References1
Rows per page
Query Builder