Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.5 HIGH
CVE-2026-8596 — Cleartext storage of HMAC signing key in Amazon SageMaker Python SDK ModelBuilder/Serve p…

Cleartext storage of sensitive information in the ModelBuilder/Serve component in Amazon SageMaker Python SDK before v2.257.2 and v3 before v3.8.0 might allow a remote authenticated actor to extract …

aws | Remote | Cryptography
May 14, 2026 May 15, 2026
May 14, 2026
May 15, 2026
8.8 HIGH
CVE-2026-8587 — Google Chrome Extensions Use After Free Vulnerability

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome E…

chrome macos edge_chromium | Remote | Memory Corruption
May 14, 2026 May 21, 2026
May 14, 2026
May 21, 2026
5.5 MEDIUM
CVE-2026-8586 — Google Chrome Chromoting File Path Traversal Vulnerability

Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a local attacker to bypass discretionary access control via a malicious file. (Chromium security severity: …

chrome edge_chromium | Authorization
May 14, 2026 May 18, 2026
May 14, 2026
May 18, 2026
7.5 HIGH
CVE-2026-8585 — Google Chrome iOS Media Out-of-Bounds Memory Read Vulnerability

Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a …

chrome iphone_os edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
4.2 MEDIUM
CVE-2026-8584 — Google Chrome iOS UI Spoofing Vulnerability

Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page…

chrome iphone_os edge_chromium | Remote | Misconfiguration
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
5.3 MEDIUM
CVE-2026-8583 — Google Chrome WebXR Information Disclosure

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informa…

android chrome edge_chromium | Remote | Information Disclosure
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
5.3 MEDIUM
CVE-2026-8582 — Google Chrome Dawn Information Leak

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium se…

chrome edge_chromium | Remote | Information Disclosure
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
8.8 HIGH
CVE-2026-8581 — Google Chrome GPU Use-After-Free Vulnerability

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

chrome edge_chromium | Remote | Memory Corruption
May 14, 2026 May 16, 2026
May 14, 2026
May 16, 2026
9.6 CRITICAL
CVE-2026-8580 — Google Chrome Mojo Use-After-Free Vulnerability

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

chrome edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
3.1 LOW
CVE-2026-8579 — Google Chrome Skia Out-of-Bounds Memory Write

Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write…

chrome edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
3.1 LOW
CVE-2026-8578 — Google Chrome Linux GPU Out-of-Bounds Read Vulnerability

Out of bounds read in GPU in Google Chrome on Linux prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chro…

linux_kernel chrome edge_chromium | Remote | Information Disclosure
May 14, 2026 May 21, 2026
May 14, 2026
May 21, 2026
8.8 HIGH
CVE-2026-8577 — Google Chrome Fonts Integer Overflow Vulnerability

Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

chrome edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
4.3 MEDIUM
CVE-2026-8576 — Google Chrome CORS Cross-Origin Data Leak

Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security sev…

linux_kernel chrome chrome_os edge_chromium | Remote | Misconfiguration
May 14, 2026 May 21, 2026
May 14, 2026
May 21, 2026
8.3 HIGH
CVE-2026-8575 — Google Chrome Use After Free in UI

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…

chrome edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
8.3 HIGH
CVE-2026-8574 — Google Chrome Use-After-Free Vulnerability

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…

chrome windows edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
8.3 HIGH
CVE-2026-8573 — Google Chrome Windows Integer Overflow Sandbox Escape

Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:…

chrome windows edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
3.1 LOW
CVE-2026-8572 — Google Chrome Android Cross-Origin Data Leakage

Insufficient policy enforcement in Network in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…

android chrome edge_chromium | Remote | Misconfiguration
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
8.3 HIGH
CVE-2026-8571 — Google Chrome Android GPU Policy Enforcement Bypass

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…

android chrome edge_chromium | Remote | Misconfiguration
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
6.5 MEDIUM
CVE-2026-8570 — Google Chrome V8 Type Confusion Information Disclosure

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security sev…

chrome edge_chromium | Remote | Memory Corruption
May 14, 2026 May 19, 2026
May 14, 2026
May 19, 2026
8.3 HIGH
CVE-2026-8569 — Google Chrome Codecs Out-of-Bounds Write Sandbox Escape Vulnerability

Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: …

chrome macos edge_chromium | Remote | Memory Corruption
May 14, 2026 May 21, 2026
May 14, 2026
May 21, 2026
Showing 20 of 7145 Results