Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.1 HIGH
CVE-2026-44249 — Netty has an IPv6 Subnet Filter Bypass via Incorrect Comparator Masking

Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules d…

netty | Remote | Misconfiguration
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
7.1 HIGH
CVE-2026-42653 — WordPress SliceWP plugin <= 1.2.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in iova.Mihai SliceWP allows Stored XSS. This issue affects SliceWP: from n/a through 1.2.6.

Remote | Cross-Site Scripting
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
9.3 CRITICAL
CVE-2026-42647 — WordPress JoomSport plugin <= 5.7.7 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7…

joomsport | Remote | Injection
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
9.3 CRITICAL
CVE-2026-39494 — WordPress Product Filter by WBW plugin <= 3.1.2 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WBW Plugins Product Filter by WBW allows Blind SQL Injection. This issue affects Product Filter …

Remote | Injection
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.8 HIGH
CVE-2026-12035 — Google Chrome Use-After-Free

Use after free in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

chrome chrome windows | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12034 — Google Chrome Linux Toolkit Sandbox Escape

Insufficient validation of untrusted input in Linux Toolkit Theming in Google Chrome on Linux prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially…

linux_kernel chrome chrome | Remote | Misconfiguration
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
5.3 MEDIUM
CVE-2026-12033 — Google Chrome Out-of-Bounds Read

Out of bounds read in VideoCapture in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the GPU process to obtain potentially sensitive information from process memo…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
3.1 LOW
CVE-2026-12032 — Google Chrome for Android: Insufficient Site Isolation Protection

Inappropriate implementation in Passwords in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted…

android chrome chrome | Remote | Misconfiguration
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12031 — Google Chrome Sandbox Escape

Inappropriate implementation in Views in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape vi…

chrome chrome windows | Remote | Misconfiguration
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12030 — Google Chrome GPU Out-of-Bounds Write Sandbox Escape

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted…

android chrome chrome | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12029 — Google Chrome Use-After-Free Sandbox Escape

Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…

chrome chrome windows | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12028 — Google Chrome GPU Use-After-Free Sandbox Escape

Use after free in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML…

android chrome chrome | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
9.6 CRITICAL
CVE-2026-12027 — Google Chrome Headless Sandbox Escape

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craf…

chrome chrome | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
0.0 NA
CVE-2026-12026 — Google Chrome Out-of-Bounds Read

Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from pr…

chrome chrome | Information Disclosure
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
5.3 MEDIUM
CVE-2026-12025 — Google Chrome Cross-Origin Data Leak

Insufficient validation of untrusted input in Network in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
6.5 MEDIUM
CVE-2026-12024 — Google Chrome DevTools Same Origin Policy Bypass

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

chrome chrome | Remote | Authorization
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12023 — Google Chrome GPU Use-After-Free Sandbox Escape

Use after free in GPU in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…

chrome macos chrome | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12022 — Google Chrome Race Condition Sandbox Escape

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. …

chrome chrome | Remote | Race Condition
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.8 HIGH
CVE-2026-12020 — Google Chrome Use-After-Free in Autofill

Use after free in Autofill in Google Chrome on Mac prior to 149.0.7827.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

chrome chrome | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
8.3 HIGH
CVE-2026-12019 — Google Chrome Codecs Heap Buffer Overflow Sandbox Escape

Heap buffer overflow in Codecs in Google Chrome on Linux and ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escap…

chrome chrome | Remote | Memory Corruption
Jun 11, 2026 Jun 12, 2026
Jun 11, 2026
Jun 12, 2026
Showing 20 of 6958 Results