Total CVEs

141,292

Critical Severity

3,799

High Severity

13,738

Last 7 Days

1,848
Quick preset (or use dates below)
Clear Filters
๐Ÿ“… Showing Year: 2026 (January 1 - December 31, 2026) View All Years โ†’
Showing 7,221 - 7,240 of 37,697 CVEs
CVE-2026-10898 HIGH - 8.3

Stack buffer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10897 HIGH - 8.8

Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10896 HIGH - 8.8

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10895 HIGH - 8.8

Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10894 HIGH - 8.3

Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10893 HIGH - 8.8

Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10892 CRITICAL - 9.6

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10891 HIGH - 8.8

Use after free in GFX in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10890 HIGH - 8.8

Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10889 HIGH - 8.3

Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10888 HIGH - 8.8

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10887 HIGH - 8.1

Use after free in Chromoting in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10886 CRITICAL - 9.6

Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10885 HIGH - 8.8

Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10884 HIGH - 8.3

Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10883 HIGH - 8.8

Type Confusion in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10882 HIGH - 8.8

Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10881 CRITICAL - 9.6

Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Vendor: Google
Product: Chrome
Published: Jun 04, 2026
Source: NVD
CVE-2026-10875 MEDIUM - 6.3

A security flaw has been discovered in projectworlds Online Art Gallery Shop Project 1.0. The impacted element is an unknown function of the file /admin/adminHome.ph. The manipulation of the argument social_twitter results in sql injection. The attack may be launched remotely. The exploit has been r...

Vendor: projectworlds
Product: Online Art Gallery Shop Project
Published: Jun 04, 2026
Source: NVD
CVE-2026-10874 MEDIUM - 6.3

A vulnerability was identified in projectworlds Online Art Gallery Shop Project 1.0. The affected element is an unknown function of the file /admin/adminHome.php. The manipulation of the argument social_insta leads to sql injection. The attack may be initiated remotely. The exploit is publicly avail...

Vendor: projectworlds
Product: Online Art Gallery Shop Project
Published: Jun 04, 2026
Source: NVD