CVE & CISA-KEV Catalog

362,600 CVEs1,630 actively exploited (KEV)AboutAPI
Active:
  • CVSS 6.5 v3·EPSS -·No fix yet

    Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

    Published 2026-06-30

  • CVSS -·EPSS -·No fix yet

    Integer overflow in Safe Browsing in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a malicious file. (Chromium security severity: Medium)

    Published 2026-06-30

  • CVSS -·EPSS -·No fix yet

    Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)

    Published 2026-06-30

  • CVSS 8.3 v3·EPSS -·No fix yet

    Integer overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

    Published 2026-06-30

  • CVSS 8.3 v3·EPSS -·No fix yet

    Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

    Published 2026-06-30

  • CVSS -·EPSS -·No fix yet

    Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

    Published 2026-06-30

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    Integer overflow in Mojo in Google Chrome prior to 149.0.7827.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

    Published 2026-06-25

  • CVSS 5.9 v3·EPSS 0.2%·No fix yet

    Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP <= 4.6.19 versions.

    Published 2026-06-15

  • CVSS 5.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-15

  • CVSS 5.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-15

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-15

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-15

  • CVSS 1.2 v4·EPSS 0.3%·No fix yet

    QTS, QuTS hero, QuTScloud are not affected. We have already fixed the vulnerability in the following version:

    Published 2026-06-10

  • CVSS 5.0 v3·EPSS 0.1%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-09

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 9.6 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.3 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.3 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.4%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.4%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.4%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 5.0 v3·EPSS 0.1%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 7.5 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 6.5 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 8.8 v3·EPSS 0.4%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-06-05

  • CVSS 4.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-31

  • CVSS 8.8 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 6.5 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 7.5 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 7.5 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 7.5 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 6.5 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-29

  • CVSS 7.1 v3·EPSS 0.3%·Fix available

    A flaw was found in Keycloak. A low-privilege user, with knowledge of user credentials and client ID, can bypass a security control intended to disable the implicit flow in OpenID Connect (OIDC) clients. By manipulating client data during a session restart, an attacker can obtain an access token that should not be available. This vulnerability can also lead to the exposure of these access tokens in server logs, proxy logs, and HTTP Referrer headers, resulting in sensitive information disclosure.

    Published 2026-05-19

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 4.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 4.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 8.3 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 8.8 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 7.5 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information

    Published 2026-05-15

  • CVSS 4.2 v3·EPSS 0.2%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-11

  • CVSS 8.8 v3·EPSS 0.3%·Fix available

    This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.

    Published 2026-05-07

Uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog.