CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59010 matches found

CVE-2026-11043

Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00068EPSS

Exploits0References2

Vulnrichment•added 3 days ago•6 views

CVE-2026-11037

Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

5.5AI score0.00068EPSS

Exploits0References2

Debian CVE•added 3 days ago•5 views

CVE-2026-11037

Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

9.6CVSS5.5AI score0.00068EPSS

Exploits0

CVE•added 3 days ago•6 views

CVE-2026-11037

CVE-2026-11037 describes an out-of-bounds write in Chrome’s Codecs component, affecting Google Chrome before version 149.0.7827.53. The issue could allow a remote attacker to potentially achieve a sandbox escape via a crafted video file. Chromium/Chrome lists the vulnerability with a Chromium sec...

9.6CVSS5.8AI score0.00068EPSS

Exploits0References2Affected Software1

CVE•added 3 days ago•5 views

CVE-2026-10925

CVE-2026-10925 : Affected product is Google Chrome on macOS using Skia. The vulnerability is an out-of-bounds write in Skia prior to version 149.0.7827.53, which could let a remote attacker who has already compromised the renderer process perform a sandbox escape via a crafted HTML page. The issu...

8.3CVSS5.8AI score0.0008EPSS

Exploits0References2Affected Software1

Vulnrichment•added 3 days ago•3 views

CVE-2026-10925

Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

5.8AI score0.0008EPSS

Exploits0References2

Debian CVE•added 3 days ago•6 views

CVE-2026-10907

Out of bounds write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.0008EPSS

Exploits0

CVE•added 3 days ago•6 views

CVE-2026-10907

CVE-2026-10907 is an out-of-bounds write in ANGLE used by Google Chrome, affecting Chrome versions prior to 149.0.7827.53. The issue allows a remote attacker to potentially cause heap corruption via a crafted HTML page. The connected documents confirm ANGLE as the vulnerable component and Chrome ...

8.8CVSS5.8AI score0.0008EPSS

Exploits0References2Affected Software1

Vulnrichment•added 3 days ago•4 views

CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

5.5AI score0.0008EPSS

Exploits0References2

Debian CVE•added 3 days ago•3 views

CVE-2026-10892

9.6CVSS5.5AI score0.0008EPSS

Exploits0

CVE•added 3 days ago•6 views

CVE-2026-10892

CVE-2026-10892 is an out-of-bounds write in the GPU component of Google Chrome on Android, before version 149.0.7827.53, allowing a remote attacker to potentially escape the sandbox via a crafted HTML page. The issue affects Chrome for Android and is categorized as Critical. Public references sho...

9.6CVSS5.8AI score0.0008EPSS

Exploits0References2Affected Software1

CVE•added 3 days ago•16 views

CVE-2026-10881

The CVE-2026-10881 issue affects ANGLE in Google Chrome, with an out-of-bounds read/write that could enable a sandbox escape via a crafted HTML page. It is resolved in Chrome 149.0.7827.53 and later, per Chrome’s stability update notes. The vulnerability is identified across multiple sources (NVD...

9.6CVSS5.8AI score0.0008EPSS

Exploits0References2Affected Software1

NVD•added 3 days ago•6 views

CVE-2026-21404

NAVTOR NavBox through version 4.16.1.20 contains hard-coded credentials within its Windows Communication Foundation SOAP implementation. If the SOAP functionality is enabled, a local attacker can extract credentials to bypass the intended transfer workflow. Successful authentication against the...

6.3CVSS0.00017EPSS

Exploits0References2

Vulnrichment•added 3 days ago•6 views

CVE-2026-5589 Out-of-bounds write caused by an integer underflow in the Bluetooth Mesh subsystem.

An integer underflow in btmeshsolrecv in the Bluetooth Mesh solicitation handling subsys/bluetooth/mesh/solicitation.c leads to an out-of-bounds write. When CONFIGBTMESHODPRIVPROXYSRV is enabled, the function parses solicitation PDUs from raw BLE advertising payloads. The AD parsing loop reads an...

6AI score0.00063EPSS

Exploits0References1

ATTACKERKB•added 3 days ago•4 views

CVE-2026-5589

6.2AI score0.00063EPSS

Exploits0References2

Cvelist•added 3 days ago•27 views

CVE-2026-5589 Out-of-bounds write caused by an integer underflow in the Bluetooth Mesh subsystem.

0.00063EPSS

Exploits0References1

CVE•added 3 days ago•15 views

CVE-2026-21404

NAVTOR NavBox (versions up to 4.16.1.20) contains hard-coded credentials in its Windows Communication Foundation (SOAP) implementation. When SOAP is enabled, a local attacker can extract credentials and bypass the intended transfer workflow. Successful authentication to the SOAP interface grants ...

6.3CVSS5.8AI score0.00017EPSS

Exploits0References2