CVE Database

108856+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-11298
4.3 MEDIUM

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a …

Jun 5, 2026
CVE-2026-11297
7.7 HIGH

Insufficient validation of untrusted input in Reader Mode in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to bypass navigation restrictions via …

Jun 5, 2026
CVE-2026-11296
7.5 HIGH

Inappropriate implementation in ImageCapture in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via …

Jun 5, 2026
CVE-2026-11295
8.8 HIGH

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. …

Jun 5, 2026
CVE-2026-11294
4.3 MEDIUM

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security …

Jun 5, 2026
CVE-2026-11293
9.6 CRITICAL

Use after free in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML …

Jun 5, 2026
CVE-2026-11292
4.3 MEDIUM

Insufficient policy enforcement in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. …

Jun 5, 2026
CVE-2026-11291
4.3 MEDIUM

Inappropriate implementation in Android Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted …

Jun 5, 2026
CVE-2026-11290
5.0 MEDIUM

Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious …

Jun 5, 2026
CVE-2026-11289
6.5 MEDIUM

Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium …

Jun 5, 2026
CVE-2026-11288
6.5 MEDIUM

Insufficient policy enforcement in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium …

Jun 5, 2026
CVE-2026-11287
6.5 MEDIUM

Insufficient policy enforcement in Navigation in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass …

Jun 5, 2026
CVE-2026-11286
4.3 MEDIUM

Insufficient validation of untrusted input in Wallet in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform …

Jun 5, 2026
CVE-2026-11285
4.3 MEDIUM

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted …

Jun 5, 2026
CVE-2026-11284
6.5 MEDIUM

Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium …

Jun 5, 2026
CVE-2026-11283
6.5 MEDIUM

Insufficient validation of untrusted input in Shortcuts in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a …

Jun 5, 2026
CVE-2026-11282
9.6 CRITICAL

Insufficient policy enforcement in Sandbox in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a …

Jun 5, 2026
CVE-2026-11281
5.0 MEDIUM

Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via …

Jun 5, 2026
CVE-2026-11280
4.3 MEDIUM

Inappropriate implementation in Signin in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. …

Jun 5, 2026
CVE-2026-11279
8.8 HIGH

Out of bounds read in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a …

Jun 5, 2026
CVE-2026-11278
6.5 MEDIUM

Inappropriate implementation in CustomTabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to leak cross-origin data via a crafted HTML page. …

Jun 5, 2026
CVE-2026-11277
4.3 MEDIUM

Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via …

Jun 5, 2026
CVE-2026-11276
5.1 MEDIUM

Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious …

Jun 5, 2026
CVE-2026-11275
6.5 MEDIUM

Inappropriate implementation in Page Info in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass …

Jun 5, 2026
CVE-2026-11274
4.3 MEDIUM

Inappropriate implementation in DOM Distiller in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML …

Jun 5, 2026
CVE-2026-11273
6.1 MEDIUM

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific …

Jun 5, 2026
CVE-2026-11272
8.8 HIGH

Insufficient validation of untrusted input in Reading List in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to …

Jun 5, 2026
CVE-2026-11271
6.5 MEDIUM

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to …

Jun 5, 2026
CVE-2026-11270
6.5 MEDIUM

Inappropriate implementation in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. …

Jun 5, 2026
CVE-2026-11269
7.1 HIGH

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker in a privileged network position to execute arbitrary code inside a sandbox …

Jun 5, 2026
CVE-2026-11268
6.5 MEDIUM

Uninitialized Use in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. …

Jun 5, 2026
CVE-2026-11267
4.3 MEDIUM

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass …

Jun 5, 2026
CVE-2026-11266
4.3 MEDIUM

Inappropriate implementation in SafeBrowsing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass Safe Browsing via a malicious file. (Chromium security severity: …

Jun 5, 2026
CVE-2026-11265
7.5 HIGH

Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security …

Jun 5, 2026
CVE-2026-11264
4.3 MEDIUM

Policy bypass in Content Security Policy in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML …

Jun 5, 2026
CVE-2026-11263
6.5 MEDIUM

Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak …

Jun 5, 2026
CVE-2026-11262
8.8 HIGH

Use after free in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium …

Jun 5, 2026
CVE-2026-11261
4.3 MEDIUM

Inappropriate implementation in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via …

Jun 5, 2026
CVE-2026-11260
4.3 MEDIUM

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium …

Jun 5, 2026
CVE-2026-11259
4.3 MEDIUM

Insufficient validation of untrusted input in Cast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted …

Jun 5, 2026
CVE-2026-11258
6.5 MEDIUM

Inappropriate implementation in File System Access in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI …

Jun 5, 2026
CVE-2026-11257
4.3 MEDIUM

Inappropriate implementation in Browser in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security …

Jun 5, 2026
CVE-2026-11256
8.3 HIGH

Integer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox …

Jun 5, 2026
CVE-2026-11255
7.5 HIGH

Insufficient validation of untrusted input in Storage Access API in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process …

Jun 5, 2026
CVE-2026-11254
4.3 MEDIUM

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security …

Jun 5, 2026
CVE-2026-11253
4.3 MEDIUM

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security …

Jun 5, 2026
CVE-2026-11252
4.3 MEDIUM

Insufficient policy enforcement in Content Settings in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass discretionary access control via a crafted HTML …

Jun 5, 2026
CVE-2026-11251
3.1 LOW

Insufficient policy enforcement in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass discretionary …

Jun 5, 2026
CVE-2026-11250
9.6 CRITICAL

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information …

Jun 5, 2026
CVE-2026-11249
4.7 MEDIUM

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive …

Jun 5, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.