CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SUSE CVE•added 2026/04/30 2:28 a.m.•2 views

SUSE CVE-2026-7354

Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.4AI score0.00025EPSS

Exploits0References3

NVD•added 2026/04/28 11:16 p.m.•1 views

CVE-2026-7341

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00049EPSS

8.8CVSS6.2AI score0.00049EPSS

CVE-2026-7341

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

UbuntuCve•added 2026/04/28 11:16 p.m.•2 views

CVE-2026-7339

Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6AI score0.00044EPSS

7.5CVSS5.8AI score0.00033EPSS

CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00045EPSS

CVE-2026-7335

Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00009EPSS

CVE-2026-7338

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

Debian CVE•added 2026/04/28 10:36 p.m.•3 views

CVE-2026-7341

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00049EPSS

EUVD•added 2026/04/28 10:36 p.m.•1 views

EUVD-2026-26168

Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

6AI score0.00049EPSS

EUVD•added 2026/04/28 10:36 p.m.•0 views

EUVD-2026-26171

Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00036EPSS

Debian CVE•added 2026/04/28 10:36 p.m.•3 views

CVE-2026-7346

Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.4AI score0.00008EPSS

Vulnrichment•added 2026/04/28 10:35 p.m.•2 views

CVE-2026-7351

Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: High...

5.1AI score0.00026EPSS

CVE•added 2026/04/28 10:35 p.m.•113 views

CVE-2026-7351

CVE-2026-7351 describes a race in MHTML handling in Google Chrome prior to 147.0.7727.138. The vulnerability allows a user who is induced to install a crafted Chrome Extension to leak cross-origin data via MHTML processing. The root cause, per sources, is a race condition in MHTML handling; no ex...

3.1CVSS5.2AI score0.00026EPSS

Exploits0References2Affected Software1

Debian CVE•added 2026/04/28 10:35 p.m.•2 views

CVE-2026-7354

8.8CVSS5.4AI score0.00025EPSS

ATTACKERKB•added 2026/04/28 10:35 p.m.•1 views

CVE-2026-7353

Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.6AI score0.0005EPSS

Exploits0References3Affected Software1

AlpineLinux•added 2026/04/28 10:35 p.m.•0 views

CVE-2026-7363

Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00048EPSS

Tenable Nessus•added 2026/04/25 12:0 a.m.•21 views

Microsoft Edge (Chromium) < 147.0.3912.86 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 147.0.3912.86. It is, therefore, affected by multiple vulnerabilities as referenced in the April 24, 2026 advisory. - Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who ha...

9.6CVSS5.6AI score0.00128EPSS

Exploits0References5

EUVD•added 2026/04/23 6:33 p.m.•1 views

EUVD-2026-25253

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00028EPSS

Exploits0References3

UbuntuCve•added 2026/04/23 6:16 p.m.•1 views

CVE-2026-6919

Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.00128EPSS