CVE Database

108042+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.

Filter: All CRITICAL HIGH MEDIUM LOW CISA KEV
Sort: Newest CVSS EPSS
CVE-2026-13979
4.3 MEDIUM

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security …

Jun 30, 2026
CVE-2026-13978
4.3 MEDIUM

Insufficient policy enforcement in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium …

Jun 30, 2026
CVE-2026-13977
5.4 MEDIUM

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML …

Jun 30, 2026
CVE-2026-13976
5.8 MEDIUM

Insufficient data validation in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a …

Jun 30, 2026
CVE-2026-13975
5.3 MEDIUM

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to …

Jun 30, 2026
CVE-2026-13974
8.1 HIGH

Integer overflow in Safe Browsing in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a malicious file. …

Jun 30, 2026
CVE-2026-13973
4.2 MEDIUM

Inappropriate implementation in UI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to …

Jun 30, 2026
CVE-2026-13972
4.3 MEDIUM

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security …

Jun 30, 2026
CVE-2026-13971
5.3 MEDIUM

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information …

Jun 30, 2026
CVE-2026-13970
5.3 MEDIUM

Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information …

Jun 30, 2026
CVE-2026-13969
5.3 MEDIUM

Uninitialized Use in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially …

Jun 30, 2026
CVE-2026-13968
7.5 HIGH

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific …

Jun 30, 2026
CVE-2026-13967
8.8 HIGH

Heap buffer overflow in V8 in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted …

Jun 30, 2026
CVE-2026-13966
4.3 MEDIUM

Inappropriate implementation in History in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security …

Jun 30, 2026
CVE-2026-13965
8.8 HIGH

Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted …

Jun 30, 2026
CVE-2026-13964
6.5 MEDIUM

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML …

Jun 30, 2026
CVE-2026-13963
3.1 LOW

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to …

Jun 30, 2026
CVE-2026-13962
6.5 MEDIUM

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions …

Jun 30, 2026
CVE-2026-13961
5.3 MEDIUM

Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage …

Jun 30, 2026
CVE-2026-13960
4.3 MEDIUM

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security …

Jun 30, 2026
CVE-2026-13959
4.3 MEDIUM

Insufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted …

Jun 30, 2026
CVE-2026-13958
6.5 MEDIUM

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via …

Jun 30, 2026
CVE-2026-13957
4.2 MEDIUM

Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject …

Jun 30, 2026
CVE-2026-13956
4.2 MEDIUM

Incorrect security UI in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures …

Jun 30, 2026
CVE-2026-13955
3.3 LOW

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a …

Jun 30, 2026
CVE-2026-13954
6.5 MEDIUM

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory …

Jun 30, 2026
CVE-2026-13953
6.5 MEDIUM

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via …

Jun 30, 2026
CVE-2026-13952
4.3 MEDIUM

Inappropriate implementation in PerformanceAPIs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security …

Jun 30, 2026
CVE-2026-13951
8.3 HIGH

Insufficient policy enforcement in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a …

Jun 30, 2026
CVE-2026-13950
5.3 MEDIUM

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information …

Jun 30, 2026
CVE-2026-13949
6.5 MEDIUM

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory …

Jun 30, 2026
CVE-2026-13948
3.1 LOW

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform …

Jun 30, 2026
CVE-2026-13947
5.3 MEDIUM

Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information …

Jun 30, 2026
CVE-2026-13946
4.3 MEDIUM

Inappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. …

Jun 30, 2026
CVE-2026-13945
3.1 LOW

Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension …

Jun 30, 2026
CVE-2026-13944
3.1 LOW

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI …

Jun 30, 2026
CVE-2026-13943
6.5 MEDIUM

Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via …

Jun 30, 2026
CVE-2026-13942
3.3 LOW

Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a crafted HTML …

Jun 30, 2026
CVE-2026-13941
4.3 MEDIUM

Inappropriate implementation in SiteSettings in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. …

Jun 30, 2026
CVE-2026-13940
6.5 MEDIUM

Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process …

Jun 30, 2026
CVE-2026-13939
3.1 LOW

Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process …

Jun 30, 2026
CVE-2026-13938
8.8 HIGH

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted …

Jun 30, 2026
CVE-2026-13937
6.5 MEDIUM

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data …

Jun 30, 2026
CVE-2026-13936
6.5 MEDIUM

Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via …

Jun 30, 2026
CVE-2026-13935
6.5 MEDIUM

Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium …

Jun 30, 2026
CVE-2026-13934
9.6 CRITICAL

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process …

Jun 30, 2026
CVE-2026-13933
5.3 MEDIUM

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive …

Jun 30, 2026
CVE-2026-13932
6.5 MEDIUM

Inappropriate implementation in Sharing in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin …

Jun 30, 2026
CVE-2026-13931
6.5 MEDIUM

Inappropriate implementation in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI …

Jun 30, 2026
CVE-2026-13930
6.5 MEDIUM

Insufficient policy enforcement in Actor in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium …

Jun 30, 2026

Scan your infrastructure for known CVEs

Free website and port scanning — find vulnerabilities before attackers do.