Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2025-34092 | Rejected reason: Neither filed by Chrome nor a valid security vulnerability. | N/A | 0.00% | 2025-07-02 | 2025-07-24 |
| CVE-2025-34090 | Rejected reason: Neither filed by Chrome nor a valid security vulnerability. | N/A | 0.00% | 2025-07-02 | 2025-07-24 |
| CVE-2025-34091 | Rejected reason: Neither filed by Chrome nor a valid security vulnerability. | N/A | 0.00% | 2025-07-02 | 2025-07-24 |
| CVE-2022-1480 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | N/A | 0.04% | 2022-10-03 | 2023-11-06 |
| CVE-2026-8003 | Insufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low) | 5.4 | 0.05% | 2026-05-06 | 2026-06-17 |
| CVE-2024-13983 | Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR code. (Chromium security severity: Low) | 6.3 | 0.05% | 2025-11-13 | 2026-06-17 |
| CVE-2025-12906 | Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | 5.4 | 0.05% | 2025-11-07 | 2026-06-17 |
| CVE-2026-8584 | Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | 4.2 | 0.06% | 2026-05-14 | 2026-06-17 |
| CVE-2026-11232 | Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low) | 5.4 | 0.06% | 2026-06-04 | 2026-06-17 |
| CVE-2025-12446 | Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low) | 4.2 | 0.06% | 2025-11-10 | 2026-06-17 |
| CVE-2026-11677 | Race in Network in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | 8.3 | 0.06% | 2026-06-08 | 2026-06-17 |
| CVE-2026-11290 | Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low) | 5.0 | 0.06% | 2026-06-04 | 2026-06-17 |
| CVE-2025-9864 | Rejected reason: This CVE ID was assigned in error to a vulnerability that was both introduced and fixed before the code landed in the Stable channel of Chrome, and has been withdrawn. | N/A | 0.07% | 2025-09-03 | 2025-11-13 |
| CVE-2026-9986 | Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) | 4.2 | 0.07% | 2026-05-28 | 2026-06-17 |
| CVE-2025-12439 | Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium) | 5.5 | 0.07% | 2025-11-10 | 2026-06-17 |
| CVE-2025-0998 | Rejected reason: Not exploitable | N/A | 0.08% | 2025-02-14 | 2025-04-04 |
| CVE-2026-11115 | Use after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium) | 7.3 | 0.08% | 2026-06-04 | 2026-06-17 |
| CVE-2026-11035 | Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. (Chromium security severity: Medium) | 7.3 | 0.08% | 2026-06-04 | 2026-06-17 |
| CVE-2026-7997 | Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low) | 7.8 | 0.08% | 2026-05-06 | 2026-06-17 |
| CVE-2026-11276 | Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Chromium security severity: Low) | 5.1 | 0.08% | 2026-06-04 | 2026-06-17 |