CVEs classified under CWE-474, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2026-11102 — CVSS 8.8 (high): Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary…
CVE-2026-0902 — CVSS 8.8 (high): Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory…
CVE-2024-5836 — CVSS 8.8 (high): Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a…
CVE-2024-1694 — CVSS 7.8 (high): Inappropriate implementation in Google Updator prior to 1.3.36.351 in Google Chrome allowed a local attacker to bypass discretionary access…
CVE-2026-11097 — CVSS 6.5 (medium): Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin…
CVE-2024-5839 — CVSS 6.5 (medium): Inappropriate Implementation in Memory Allocator in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit…
CVE-2024-1672 — CVSS 5.4 (medium): Inappropriate implementation in Content Security Policy in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to bypass content…
CVE-2021-0294 — CVSS 5.3 (medium): A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on…
CVE-2024-7001 — CVSS 4.3 (medium): Inappropriate implementation in HTML in Google Chrome prior to 127.0.6533.72 allowed a remote attacker who convinced a user to engage in…
CVE-2024-2628 — CVSS 4.3 (medium): Inappropriate implementation in Downloads in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a…
CVE-2026-39894 — CVSS 2.9 (low): Cacti is an open source performance and fault management framework. In versions 1.2.30 and below, the locale-dependent decimal formatting…