CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/09 12:32 a.m.•0 views

EUVD-2026-20717

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted domain name. Chromium security severity: Low...

5.9AI score0.00158EPSS

EUVD•added 2026/04/09 12:32 a.m.•1 views

EUVD-2026-20709

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.9AI score0.00206EPSS

EUVD•added 2026/04/09 12:31 a.m.•3 views

EUVD-2026-20679

Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.9AI score0.00253EPSS

CNNVD•added 2026/04/09 12:0 a.m.•4 views

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad prior to 0.5.0b3.dev97 contained security vulnerabilities. These vulnerabilities stemmed from weak permissions for certain WebUI JSON endpoints, allowing low-privilege authenticated users to perform MODIFY operations...

5.4CVSS5.8AI score0.00219EPSS

Exploits1References2

NVD•added 2026/04/08 10:16 p.m.•2 views

CVE-2026-5903

Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00209EPSS

OSV•added 2026/04/08 10:16 p.m.•1 views

DEBIAN-CVE-2026-5906

Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00161EPSS

OSV•added 2026/04/08 10:16 p.m.•2 views

DEBIAN-CVE-2026-5896

Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. Chromium security severity: Low...

6.1CVSS8.4AI score0.00155EPSS

OSV•added 2026/04/08 10:16 p.m.•0 views

DEBIAN-CVE-2026-5897

Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00154EPSS

NVD•added 2026/04/08 10:16 p.m.•4 views

CVE-2026-5899

Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS0.00134EPSS

NVD•added 2026/04/08 10:16 p.m.•4 views

CVE-2026-5878

Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00191EPSS

NVD•added 2026/04/08 10:16 p.m.•4 views

CVE-2026-5880

Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00191EPSS

OSV•added 2026/04/08 10:16 p.m.•1 views

DEBIAN-CVE-2026-5882

Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS8.4AI score0.00191EPSS