CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Github Security Blog•added 2 days ago•6 views

nebula-mesh: Web UI and API responses lack security headers (CSP, X-Frame-Options, HSTS, etc.)

None of the response paths in internal/web/ or internal/api/ set the standard browser-security headers. grep for Content-Security-Policy, X-Frame-Options, Strict-Transport-Security, X-Content-Type-Options, Referrer-Policy returns zero matches across the codebase. Impact The admin UI signs CA...

5.5AI score

Exploits0References4Affected Software1

OSV•added 2 days ago•4 views

USN-8404-1 transmission vulnerability

It was discovered that Transmission had a clickjacking weakness in the browser-facing WebUI and RPC response paths. An attacker could possibly use this issue to trick users into performing unintended actions...

5.3CVSS5.5AI score0.00038EPSS

Ubuntu•added 2 days ago•4 views

USN-8404-1: Transmission vulnerability

5.3CVSS5.5AI score0.00038EPSS

Exploits0

Positive Technologies•added 2 days ago•5 views

PT-2026-47527

Inappropriate implementation in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00047EPSS

Exploits0References3

Positive Technologies•added 2 days ago•6 views

PT-2026-47542

7CVSS5.3AI score

Exploits0References3

Positive Technologies•added 2 days ago•5 views

PT-2026-47492

Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...

5.5AI score0.00047EPSS

Exploits0References3

5.4CVSS5.4AI score0.00022EPSS

CVE-2026-11228

An incorrect security ui flaw was found in the File Input component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=454484864...

6.5CVSS5.4AI score0.00022EPSS

CVE-2026-11227

An incorrect security ui flaw was found in the Tab Hover Cards component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=448421954...

6.5CVSS5.4AI score0.0002EPSS

CVE-2026-11225

An incorrect security ui flaw was found in the WebUI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503346647...

8.8CVSS5.4AI score0.0007EPSS

CVE-2026-11175

An incorrect security ui flaw was found in the Messages component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502368088...

SUSE CVE•added 3 days ago•3 views

SUSE CVE-2026-11031

Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00034EPSS

SUSE CVE•added 3 days ago•4 views

SUSE CVE-2026-11100

Use after free in File Input in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00068EPSS

6.5CVSS5.4AI score0.00026EPSS

CVE-2026-11001

An incorrect security ui flaw was found in the Payments component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493691489...

SUSE CVE•added 3 days ago•5 views

SUSE CVE-2026-11192

4.3CVSS5.5AI score0.00025EPSS

SUSE CVE•added 3 days ago•4 views

SUSE CVE-2026-11228

Inappropriate implementation in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

SUSE CVE•added 3 days ago•3 views

SUSE CVE-2026-11286

Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

SUSE CVE•added 3 days ago•3 views

SUSE CVE-2026-11294

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.00022EPSS

SUSE CVE•added 3 days ago•5 views

SUSE CVE-2026-11300

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.5AI score0.0002EPSS

RedhatCVE•added 3 days ago•4 views

CVE-2026-10942

An insufficient validation of untrusted input flaw was found in the UI component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=504104263...

7.8CVSS5.4AI score0.00009EPSS