聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。
指派機構(CNA / 來源):[email protected] 移除此篩選
| CVE | 描述 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|
| CVE-2025-34092 | Rejected reason: Neither filed by Chrome nor a valid security vulnerability. | 無 | 0.00% | 2025-07-02 | 2025-07-24 |
| CVE-2025-34090 | Rejected reason: Neither filed by Chrome nor a valid security vulnerability. | 無 | 0.00% | 2025-07-02 | 2025-07-24 |
| CVE-2025-34091 | Rejected reason: Neither filed by Chrome nor a valid security vulnerability. | 無 | 0.00% | 2025-07-02 | 2025-07-24 |
| CVE-2022-1480 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | 無 | 0.04% | 2022-10-03 | 2023-11-06 |
| CVE-2026-8003 | Insufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low) | 5.4 | 0.05% | 2026-05-06 | 2026-06-17 |
| CVE-2024-13983 | Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofing via a crafted QR code. (Chromium security severity: Low) | 6.3 | 0.05% | 2025-11-13 | 2026-06-17 |
| CVE-2025-12906 | Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | 5.4 | 0.05% | 2025-11-07 | 2026-06-17 |
| CVE-2026-8584 | Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) | 4.2 | 0.06% | 2026-05-14 | 2026-06-17 |
| CVE-2026-11232 | Inappropriate implementation in TabGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Low) | 5.4 | 0.06% | 2026-06-04 | 2026-06-17 |
| CVE-2025-12446 | Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted domain name. (Chromium security severity: Low) | 4.2 | 0.06% | 2025-11-10 | 2026-06-17 |
| CVE-2026-11677 | Race in Network in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | 8.3 | 0.06% | 2026-06-08 | 2026-06-17 |
| CVE-2026-11290 | Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low) | 5.0 | 0.06% | 2026-06-04 | 2026-06-17 |
| CVE-2025-9864 | Rejected reason: This CVE ID was assigned in error to a vulnerability that was both introduced and fixed before the code landed in the Stable channel of Chrome, and has been withdrawn. | 無 | 0.07% | 2025-09-03 | 2025-11-13 |
| CVE-2026-9986 | Insufficient validation of untrusted input in OptimizationGuide in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) | 4.2 | 0.07% | 2026-05-28 | 2026-06-17 |
| CVE-2025-12439 | Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security severity: Medium) | 5.5 | 0.07% | 2025-11-10 | 2026-06-17 |
| CVE-2025-0998 | Rejected reason: Not exploitable | 無 | 0.08% | 2025-02-14 | 2025-04-04 |
| CVE-2026-11115 | Use after free in Updater in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium) | 7.3 | 0.08% | 2026-06-04 | 2026-06-17 |
| CVE-2026-11035 | Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a crafted XML file. (Chromium security severity: Medium) | 7.3 | 0.08% | 2026-06-04 | 2026-06-17 |
| CVE-2026-7997 | Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low) | 7.8 | 0.08% | 2026-05-06 | 2026-06-17 |
| CVE-2026-11276 | Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Chromium security severity: Low) | 5.1 | 0.08% | 2026-06-04 | 2026-06-17 |