CWE-472 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (106 CVEs found)

Export CSV

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2026-9966	2 Google, Microsoft	2 Chrome, Windows	2026-05-29	8.3 High
Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9998	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	8.3 High
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9882	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	4.3 Medium
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-9909	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	7.5 High
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9911	1 Google	1 Chrome	2026-05-29	4.3 Medium
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10018	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	6.5 Medium
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-10019	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	4.3 Medium
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-9968	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	8.8 High
Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9960	4 Apple, Google, Linux and 1 more	4 Macos, Chrome, Linux Kernel and 1 more	2026-05-29	7.5 High
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. (Chromium security severity: High)
CVE-2026-10009	1 Google	1 Chrome	2026-05-29	7.5 High
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10015	1 Google	1 Chrome	2026-05-29	8.8 High
Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8961	1 Mozilla	2 Firefox, Thunderbird	2026-05-20	6.5 Medium
Spoofing issue in the Form Autofill component. This vulnerability was fixed in Firefox 151, Firefox ESR 140.11, Thunderbird 151, and Thunderbird 140.11.
CVE-2026-7571	1 Redhat	1 Build Keycloak	2026-05-20	7.1 High
A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clients. By manipulating client data during a session restart, an attacker can obtain an access token that should not be available. This vulnerability can also lead to the exposure of these access tokens in server logs, proxy logs, and HTTP Referrer headers, resulting in sensitive information disclosure.
CVE-2026-8567	2 Google, Microsoft	2 Chrome, Windows	2026-05-19	4.3 Medium
Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8573	2 Google, Microsoft	2 Chrome, Windows	2026-05-19	8.3 High
Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
CVE-2026-8510	2 Google, Microsoft	2 Chrome, Windows	2026-05-19	7.5 High
Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8519	2 Google, Microsoft	2 Chrome, Windows	2026-05-19	8.8 High
Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8534	2 Google, Linux	3 Chrome, Chrome Os, Linux Kernel	2026-05-19	8.3 High
Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8577	1 Google	1 Chrome	2026-05-19	8.8 High
Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-8559	2 Google, Microsoft	2 Chrome, Windows	2026-05-19	4.3 Medium
Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Page 1 of 6. next last »