Search
CVE Explorer
Search the full tracked CVE corpus across every vendor — by keyword, vendor, severity, CVSS band and publication date. Server-rendered; each filtered view has its own URL.
01
Filters
Submit to refine — state is held in the URL.
02
Results
14,469 matching · page 80/290Each CVE id links to its NVD record.
| CVE | Severity | CVSS | Summary | Published |
|---|---|---|---|---|
| CVE-2026-9961(opens NVD record) | High | 8.8 | Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9960(opens NVD record) | High | 7.5 | Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9959(opens NVD record) | Low | 3.1 | Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9958(opens NVD record) | High | 8.8 | Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9957(opens NVD record) | High | 8.8 | Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9954(opens NVD record) | High | 7.5 | Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9953(opens NVD record) | Medium | 6.5 | Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9952(opens NVD record) | High | 8.8 | Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9951(opens NVD record) | High | 8.3 | Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9949(opens NVD record) | High | 8.3 | Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9947(opens NVD record) | High | 8.8 | Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9946(opens NVD record) | High | 8.3 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9945(opens NVD record) | High | 8.8 | Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9944(opens NVD record) | Low | 3.1 | Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9942(opens NVD record) | Medium | 5.0 | Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9940(opens NVD record) | High | 8.8 | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9939(opens NVD record) | High | 8.8 | Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9938(opens NVD record) | High | 8.8 | Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9937(opens NVD record) | High | 8.3 | Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9935(opens NVD record) | Medium | 4.3 | Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9933(opens NVD record) | High | 7.5 | Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9932(opens NVD record) | High | 8.3 | Use after free in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9931(opens NVD record) | High | 8.3 | Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9928(opens NVD record) | High | 8.8 | Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9927(opens NVD record) | High | 8.8 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9926(opens NVD record) | High | 8.3 | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9925(opens NVD record) | High | 8.3 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9924(opens NVD record) | High | 8.3 | Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9910(opens NVD record) | High | 8.8 | Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9909(opens NVD record) | High | 7.5 | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9907(opens NVD record) | Medium | 4.3 | Out of bounds read in Dawn in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9905(opens NVD record) | High | 8.3 | Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9901(opens NVD record) | High | 7.5 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9897(opens NVD record) | High | 8.8 | Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9896(opens NVD record) | High | 8.8 | Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | May 28, 2026 |
| CVE-2026-9891(opens NVD record) | Critical | 9.0 | Use after free in Extensions in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted Chrome Extension. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9890(opens NVD record) | High | 8.3 | Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9887(opens NVD record) | High | 8.8 | Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9883(opens NVD record) | High | 8.8 | Use after free in Base in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9882(opens NVD record) | Medium | 6.5 | Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9880(opens NVD record) | High | 8.3 | Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9879(opens NVD record) | High | 8.8 | Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9878(opens NVD record) | High | 8.8 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9877(opens NVD record) | High | 8.3 | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9874(opens NVD record) | Critical | 9.6 | Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-9873(opens NVD record) | High | 8.8 | Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical) | May 28, 2026 |
| CVE-2026-10022(opens NVD record) | High | 7.5 | Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium) | May 28, 2026 |
| CVE-2026-10021(opens NVD record) | High | 8.8 | Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium) | May 28, 2026 |
| CVE-2026-10019(opens NVD record) | High | 8.8 | Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) | May 28, 2026 |
| CVE-2026-10018(opens NVD record) | Medium | 6.5 | Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | May 28, 2026 |