CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Debian CVE•added 3 days ago•6 views

CVE-2026-12469

Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.4AI score0.00225EPSS

Debian CVE•added 3 days ago•4 views

CVE-2026-12452

Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00249EPSS

EUVD•added 2026/06/12 12:31 a.m.•6 views

EUVD-2026-36341

Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.00224EPSS

NVD•added 2026/06/11 10:16 p.m.•7 views

CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00158EPSS

Cvelist•added 2026/06/11 8:48 p.m.•25 views

CVE-2026-12012

Use after free in Network in Google Chrome prior to 149.0.7827.115 allowed an attacker in a privileged network position to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

0.00195EPSS

SUSE CVE•added 2026/06/10 2:30 a.m.•5 views

SUSE CVE-2026-11691

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.5AI score0.00151EPSS

NVD•added 2026/06/09 12:16 a.m.•16 views

CVE-2026-11669

Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS0.00205EPSS

OSV•added 2026/06/09 12:16 a.m.•4 views

DEBIAN-CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00207EPSS

Exploits0References1

Tenable Nessus•added 2026/06/09 12:0 a.m.•8 views

MiracleLinux 8 : ruby:3.3 (AXSA:2026-769:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-769:01 advisory. erb: ERB: Arbitrary code execution via deserialization bypass CVE-2026-41316 Tenable has extracted the preceding description block directly from the...

8.1CVSS6AI score0.00508EPSS

Debian CVE•added 2026/06/08 11:27 p.m.•4 views

CVE-2026-11685

Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.5AI score0.00158EPSS

Debian CVE•added 2026/06/08 11:27 p.m.•7 views

CVE-2026-11667

7.5CVSS5.5AI score0.00207EPSS

Positive Technologies•added 2026/06/08 12:0 a.m.•7 views

PT-2026-47521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data by using a crafted HTML page. Recommendations Update to version...

9.6CVSS5.9AI score0.00713EPSS

Exploits4References86

SUSE CVE•added 2026/06/07 4:51 a.m.•5 views

SUSE CVE-2026-10906

Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00317EPSS

EUVD•added 2026/06/05 12:31 a.m.•6 views

EUVD-2026-34392

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00479EPSS

EUVD•added 2026/06/05 12:31 a.m.•6 views

EUVD-2026-34387

Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

5.8AI score0.00341EPSS

OSV•added 2026/06/04 11:16 p.m.•4 views

DEBIAN-CVE-2026-10966

Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: High...

9.6CVSS5.5AI score0.00292EPSS

Exploits0References1

NVD•added 2026/06/04 11:16 p.m.•4 views

CVE-2026-10956

Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00379EPSS

OSV•added 2026/06/04 11:16 p.m.•3 views

DEBIAN-CVE-2026-10951

Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.6AI score0.00316EPSS

Exploits0References1

Debian CVE•added 2026/06/04 11:4 p.m.•7 views

CVE-2026-10969

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.5AI score0.00277EPSS