Lucene search
K

2593 matches found

CVE
CVE
added 2026/06/08 11:27 p.m.34 views

CVE-2026-11691

CVE-2026-11691 involves Google Chrome’s New Tab Page and is caused by insufficient validation of untrusted input. The vulnerability affects Chrome prior to version 149.0.7827.103, enabling a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page...

3.1CVSS5.5AI score0.00169EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/08 11:27 p.m.39 views

CVE-2026-11660

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00258EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.10 views

CVE-2026-11660

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00258EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/08 11:27 p.m.8 views

CVE-2026-11660

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00258EPSS
Exploits0References2
CVE
CVE
added 2026/06/08 11:27 p.m.32 views

CVE-2026-11660

CVE-2026-11660: Google Chrome’s New Tab Page suffered insufficient validation of untrusted input, enabling a renderer-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. Affected: Chrome before 149.0.7827.103. Impact: sandbox escape risk; attacker could leverage...

8.3CVSS5.5AI score0.00258EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/08 11:27 p.m.9 views

CVE-2026-11660

Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.5AI score0.00258EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/08 11:27 p.m.11 views

CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6AI score0.00264EPSS
Exploits0
CNNVD
CNNVD
added 2026/06/08 12:0 a.m.8 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. Google Chrome has a vulnerability related to input validation, which stems from insufficient validation of untrusted inputs by the New Tab Page...

3.1CVSS5.3AI score0.00169EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47486

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description Insufficient validation of untrusted input in the New Tab Page allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...

9.6CVSS6AI score0.01654EPSS
Exploits4References85
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.12 views

PT-2026-47572

AppleScript/JXA Code Injection via Unescaped URL in macOS Chrome Plugin | Field | Value | | ---------------- | ----- | | Repository | julien040/anyquery | | Affected version | 0.4.4 commit 0abd460 | | Vulnerability | CWE-94 — Improper Control of Generation of Code | | Severity | High | Summary Th...

9CVSS6AI score
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.10 views

PT-2026-47517

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description Insufficient validation of untrusted input in the New Tab Page allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted HTML page...

9.6CVSS5.9AI score0.01654EPSS
Exploits4References86
RedhatCVE
RedhatCVE
added 2026/06/07 5:13 a.m.11 views

CVE-2026-11227

An incorrect security ui flaw was found in the Tab Hover Cards component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=448421954...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/07 5:13 a.m.11 views

CVE-2026-11222

An incorrect security ui flaw was found in the Tab Strip component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=458442542...

6.5CVSS5.4AI score0.00171EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/07 4:48 a.m.10 views

CVE-2026-11034

An insufficient validation of untrusted input flaw was found in the Tab Group Sync component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497934980...

8.1CVSS5.4AI score0.00182EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.10 views

SUSE CVE-2026-11034

Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00182EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:41 a.m.10 views

SUSE CVE-2026-11222

Incorrect security UI in Tab Strip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.5AI score0.00171EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:41 a.m.10 views

SUSE CVE-2026-11227

Incorrect security UI in Tab Hover Cards in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform domain spoofing via a crafted domain name. Chromium security severity: Low...

6.5CVSS5.5AI score0.00158EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/05 11:28 p.m.72 views

CVE-2026-9290 WP User Manager <= 2.9.17 - Unauthenticated Path Traversal to Local File Inclusion via 'tab' Query Parameter

The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.17 via the profile template scope function. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files...

7.5CVSS0.02403EPSS
Exploits1References13
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.9 views

CVE-2026-6711

The Website LLMs.txt plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' parameter in all versions up to, and including, 8.2.6. This is due to the use of filterinput without a sanitization filter and insufficient output escaping. This makes it possible for...

6.1CVSS5.7AI score0.00215EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42321

GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payload in the asset locked tab. Upgrade to 10.0.25 or 11.0.7 to receive a patch...

8.4CVSS5.4AI score0.00343EPSS
Exploits0References1
Rows per page
Query Builder