CVE search
363,959 resultsCVE-2026-13037HIGHUse after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a saEPSS 0.1%CVE-2026-13036HIGHUse after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a EPSS 0.2%CVE-2026-13035HIGHUse after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a maliciEPSS 0.2%CVE-2026-13034MEDIUMInappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the rendereEPSS 0.1%CVE-2026-13031HIGHUse after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a EPSS 0.2%CVE-2026-13030MEDIUMUninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive inforEPSS 0.2%CVE-2026-13029HIGHUse after free in Web Authentication in Google Chrome prior to 149.0.7827.197 allowed an attacker who convinced a user to install a maliciouEPSS 0.1%CVE-2026-13027HIGHUse after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via aEPSS 0.2%CVE-2026-13026HIGHUse after free in Digital Credentials in Google Chrome on Mac prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap EPSS 0.2%CVE-2026-13025HIGHRace in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially EPSS 0.2%CVE-2026-13024MEDIUMInsufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromiEPSS 0.1%CVE-2026-13023MEDIUMUninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtaEPSS 0.2%CVE-2026-13022LOWInappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the rendererEPSS 0.1%CVE-2026-13021MEDIUMInappropriate implementation in DeviceBoundSessionCredentials in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to bypass sEPSS 0.1%CVE-2026-13038HIGHUse after free in Autofill in Google Chrome on Windows prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a craEPSS 0.3%CVE-2026-13033HIGHOut of bounds read and write in Blink>InterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitraryEPSS 0.3%CVE-2026-13032CRITICALUse after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escapEPSS 0.2%CVE-2026-13028CRITICALUse after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escapEPSS 0.2%CVE-2026-49220MEDIUMJellyfin: Potential XSS in user managementEPSS 0.2%CVE-2026-48793HIGHJellyfin: Potential FFmpeg argument injection via unescaped subtitle file pathEPSS 0.4%