CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

111 matches found

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00047EPSS

Exploits0References1

RedhatCVE•added 6 hours ago•5 views

CVE-2026-11204

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00016EPSS

Exploits0References1

EUVD•added yesterday•4 views

EUVD-2026-34741

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00047EPSS

Exploits0References3

EUVD•added yesterday•4 views

EUVD-2026-34665

5.8AI score0.00016EPSS

Exploits0References3

OSV•added yesterday•2 views

DEBIAN-CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00047EPSS

Exploits0References1

NVD•added yesterday•8 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00047EPSS

Exploits0References2

NVD•added 2 days ago•3 views

CVE-2026-11204

6.5CVSS0.00016EPSS

Exploits0References2

Vulnrichment•added 2 days ago•3 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00047EPSS

Exploits0References2

CVE•added 2 days ago•10 views

CVE-2026-11280

The vulnerability CVE-2026-11280 affects Google Chrome on iOS (pre-149.0.7827.53). It arises from an inappropriate implementation in Sign-in, allowing a remote attacker to perform UI spoofing through a crafted HTML page. The issue is described with Chromium security severity: Low. The available c...

4.3CVSS5.8AI score0.00047EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•2 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00047EPSS

Exploits0References3Affected Software1

Cvelist•added 2 days ago•14 views

CVE-2026-11280

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00047EPSS

Exploits0References2

Vulnrichment•added 2 days ago•3 views

CVE-2026-11204

5.5AI score0.00016EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•4 views

CVE-2026-11204

5.8AI score0.00016EPSS

Exploits0References3Affected Software1

CVE•added 2 days ago•5 views

CVE-2026-11204

CVE-2026-11204 describes an inappropriate implementation in the Signin flow of Google Chrome on iOS before 149.0.7827.53 that allows a remote attacker to bypass navigation restrictions via a crafted HTML page. The vulnerability is in the Chromium-based iOS Signin function, with a Network attack v...

6.5CVSS5.8AI score0.00016EPSS

Exploits0References2Affected Software1

Debian CVE•added 2 days ago•2 views

CVE-2026-11204

6.5CVSS5.5AI score0.00016EPSS

Exploits0

Cvelist•added 2 days ago•22 views

CVE-2026-11204

0.00016EPSS

Exploits0References2

ATTACKERKB•added 2026/05/05 11:25 a.m.•4 views

CVE-2026-43572

OpenClaw versions 2026.4.10 before 2026.4.14 contain a missing authorization vulnerability in the Microsoft Teams SSO invoke handler that fails to apply sender allowlist checks. Attackers can bypass sender authorization by sending SSO invoke requests that are processed without proper validation,...

6.3CVSS5.8AI score0.00039EPSS

Exploits0References4Affected Software1

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в chromium

In the Sign-In Flow of Google Chrome, before version 104.0.5112.101 was released, remote attackers could potentially exploit heap corruption through specific UI interactions...

8.8CVSS7.3AI score0.01136EPSS

Exploits0References2

vulnersOsv•added 2026/03/27 6:21 p.m.•3 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +8 more potentially affected by CVE-2026-33939 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =1.31.0, =1.37.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33939 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15807043...

7.5CVSS7AI score0.00076EPSS

Exploits1

vulnersOsv•added 2026/03/27 6:20 p.m.•5 views

org.webjars.npm:directory-encoder (=0.9.2), org.webjars.npm:engine-handlebars (=0.8.2) +8 more potentially affected by CVE-2026-33938 via org.webjars.npm:handlebars (>=4.0.14 <=4.7.8)

org.webjars.npm:handlebars MAVEN version =4.0.14, =1.5.0, =1.31.0, =1.37.0, =2.0.0, =2.0.0, =2.1.0, =2.1.1 Source cves: CVE-2026-33938 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-15803083...

8.1CVSS6.3AI score0.00048EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by