CVEリスト - 高リスク・悪用確認済み脆弱性

NVD や CVE、ほか複数の脅威フィードを束ね、RCE など高リスクな事象を深く追える一覧です。CVSS と EPSS を組み合わせ、Exploit 参照や PoC の有無から悪用しやすさを追跡します。ベンダー修正や緩和策の文脈とあわせて優先度を決め、対応サイクルを短く保ちつつ重要資産を守る支援をします。

Assigner(CNA/発行元):[email protected] この条件を外す

EPSS スコア
≥ 1% ≥ 5% ≥ 10% ≥ 30% ≥ 50%
CVSS スコア
≥ 6 ≥ 7 ≥ 8 ≥ 9
さらに表示
表示中 101120 / 4804
«« 先頭 « 前へ 6 / 241 次へ »
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-11684 Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) 3.1 0.17% 2026-06-08 2026-06-17
CVE-2026-11683 Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) 8.8 0.30% 2026-06-08 2026-06-17
CVE-2026-11682 Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.18% 2026-06-08 2026-06-17
CVE-2026-11681 Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 8.8 0.19% 2026-06-08 2026-06-17
CVE-2026-11680 Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) 8.8 0.23% 2026-06-08 2026-06-17
CVE-2026-11679 Use after free in Codecs in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.17% 2026-06-08 2026-06-17
CVE-2026-11678 Integer overflow in libyuv in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) 5.3 0.17% 2026-06-08 2026-06-17
CVE-2026-11677 Race in Network in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.06% 2026-06-08 2026-06-17
CVE-2026-11676 Insufficient validation of untrusted input in Dawn in Google Chrome on Linux and ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.22% 2026-06-08 2026-06-17
CVE-2026-11675 Out of bounds read in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) 3.1 0.18% 2026-06-08 2026-06-17
CVE-2026-11674 Use after free in Guest View in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) 8.8 0.23% 2026-06-08 2026-06-17
CVE-2026-11673 Use after free in InterestGroups in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) 8.8 0.23% 2026-06-08 2026-06-17
CVE-2026-11672 Heap buffer overflow in GPU in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 8.3 0.23% 2026-06-08 2026-06-17
CVE-2026-11671 Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) 9.6 0.23% 2026-06-08 2026-06-17
CVE-2026-11670 Use after free in PDF in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High) 8.8 0.22% 2026-06-08 2026-06-17
CVE-2026-11669 Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) 5.3 0.21% 2026-06-08 2026-06-17
CVE-2026-11668 Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High) 4.3 0.17% 2026-06-08 2026-06-17
CVE-2026-11667 Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) 7.5 0.21% 2026-06-08 2026-06-17
CVE-2026-11666 Insufficient validation of untrusted input in Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) 5.4 0.19% 2026-06-08 2026-06-17
CVE-2026-11665 Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) 4.3 0.19% 2026-06-08 2026-06-17
«« 先頭 « 前へ 6 / 241 次へ »
cvelogic Threat Intelligence