CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/07 5:22 a.m.•12 views

CVE-2026-11288

A policy bypass flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502231588...

6.5CVSS5.4AI score0.00197EPSS

RedhatCVE•added 2026/06/07 5:8 a.m.•8 views

CVE-2026-11186

An inappropriate implementation flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502805170...

9.3CVSS5.4AI score0.00159EPSS

RedhatCVE•added 2026/06/07 5:7 a.m.•7 views

CVE-2026-11162

An insufficient policy enforcement flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502035074...

7.4CVSS5.4AI score0.00186EPSS

RedhatCVE•added 2026/06/07 5:3 a.m.•6 views

CVE-2026-11155

An insufficient policy enforcement flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501801823...

7.4CVSS5.4AI score0.00152EPSS

RedhatCVE•added 2026/06/07 4:53 a.m.•7 views

CVE-2026-11076

A type confusion flaw was found in the CSS component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499784386...

8.8CVSS5.4AI score0.00305EPSS

RedhatCVE•added 2026/06/05 7:32 p.m.•7 views

CVE-2026-6703

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticat...

4.3CVSS5.4AI score0.0023EPSS

Microsoft CVE•added 2026/06/05 2:0 p.m.•8 views

Chromium: CVE-2026-11186 Inappropriate implementation in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.1CVSS5.4AI score0.00159EPSS

Microsoft CVE•added 2026/06/05 2:0 p.m.•6 views

Chromium: CVE-2026-11156 Inappropriate implementation in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.4AI score0.00152EPSS

Microsoft CVE•added 2026/06/05 2:0 p.m.•7 views

Chromium: CVE-2026-11155 Insufficient policy enforcement in CSS

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.4AI score0.00152EPSS

Cvelist•added 2026/06/05 11:29 a.m.•41 views

CVE-2026-11345 Improper Authentication Bypass in linqi CDN File Access

An Improper Authentication vulnerability in the /api/Cdn/GetFile endpoint of linqi allows unauthenticated, remote attackers to bypass file access controls. The ValidateAnonFileAccess function incorrectly grants access if an 'AnonFile' query parameter containing exactly 256 characters is provided...

6.9CVSS0.00414EPSS

CVE•added 2026/06/05 11:29 a.m.•19 views

CVE-2026-11345

In CVE-2026-11345, the linqi web app exposes an improper authentication flaw in the /api/Cdn/GetFile endpoint. The ValidateAnonFileAccess check incorrectly grants access when an AnonFile query parameter is exactly 256 characters, allowing unauthenticated remote access to files. The exposed resour...

6.9CVSS5.6AI score0.00414EPSS

EUVD•added 2026/06/05 12:31 a.m.•7 views

EUVD-2026-34647

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6AI score0.00159EPSS

Exploits0References3

EUVD•added 2026/06/05 12:31 a.m.•8 views

EUVD-2026-34616

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00152EPSS

Exploits0References3

OSV•added 2026/06/05 12:17 a.m.•5 views

DEBIAN-CVE-2026-11288

Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00197EPSS

OSV•added 2026/06/04 11:17 p.m.•5 views

DEBIAN-CVE-2026-11076

Type Confusion in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00305EPSS

CVE•added 2026/06/04 11:5 p.m.•10 views

CVE-2026-11162

CVE-2026-11162 affects Google Chrome via an inappropriate CSS implementation in Chromium, enabling a remote attacker to leak cross-origin data through a crafted HTML page. Impact is described as Medium (CVSS 3.1: 4.3). Affected versions are Chrome prior to 149.0.7827.53; mitigation is to upgrade ...

4.3CVSS5.8AI score0.00186EPSS

Exploits0References2Affected Software1

CVE•added 2026/06/04 11:5 p.m.•15 views

CVE-2026-11156

CVE-2026-11156 affects Google Chrome before 149.0.7827.53 due to an inappropriate CSS implementation that allows a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability is rooted in how CSS handles cross-origin data, enabling data exposure without user interaction b...

4.3CVSS5.8AI score0.00152EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/06/04 11:5 p.m.•6 views

CVE-2026-11156

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00152EPSS