VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
epss	0.75147	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75147	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75147	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75147	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75147	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75147	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75496	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
epss	0.75496	https://api.first.org/data/v1/epss?cve=CVE-2020-16040
archlinux	High	https://security.archlinux.org/AVG-1323

System

Score

Found at

epss

0.75147

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75147

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75147

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75147

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75147

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75147

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75496

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

epss

0.75496

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

archlinux

High

https://security.archlinux.org/AVG-1323

Reference id

Reference type

URL

https://api.first.org/data/v1/epss?cve=CVE-2020-16040

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15959

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15960

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15961

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15962

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15963

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15964

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15965

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15966

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15967

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15968

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15969

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15970

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15971

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15972

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15973

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15974

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15975

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15976

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15977

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15978

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15979

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15980

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15981

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15982

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15983

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15984

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15985

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15986

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15987

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15988

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15989

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15990

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15991

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15992

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15999

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16000

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16001

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16002

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16003

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16004

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16005

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16006

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16008

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16009

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16011

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16012

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16013

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16014

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16015

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16016

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16017

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16018

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16019

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16020

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16021

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16022

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16023

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16024

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16025

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16026

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16027

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16028

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16029

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16030

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16031

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16032

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16033

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16034

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16035

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16036

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16037

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16038

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16039

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16040

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16041

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16042

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36765

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6510

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6511

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6512

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6513

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6514

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6515

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6516

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6517

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6518

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6519

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6520

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6521

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6522

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6523

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6524

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6525

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6526

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6527

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6528

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6529

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6530

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6531

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6532

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6533

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6534

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6535

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6536

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6537

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6538

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6539

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6540

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6541

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6542

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6543

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6544

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6545

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6547

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6548

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6549

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6550

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6551

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6552

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6553

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6554

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6555

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6556

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6557

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6559

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6560

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6561

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6562

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6563

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6564

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6565

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6566

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6567

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6568

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6569

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6570

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6571

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6573

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6575

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-6576

ASA-202012-14

https://security.archlinux.org/ASA-202012-14

AVG-1323

https://security.archlinux.org/AVG-1323

CVE-2020-16040

Exploit

https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/49745.js

GLSA-202012-05

https://security.gentoo.org/glsa/202012-05

Data source	Exploit-DB
Date added	April 6, 2021
Description	Google Chrome 86.0.4240 V8 - Remote Code Execution
Ransomware campaign use	Unknown
Source publication date	April 6, 2021
Exploit type	remote
Platform	multiple
Source update date	April 7, 2021

Exploit-DB

April 6, 2021

Google Chrome 86.0.4240 V8 - Remote Code Execution

Unknown

April 6, 2021

remote

multiple

April 7, 2021

Data source	Metasploit
Description	This module exploits an issue in Google Chrome versions before 87.0.4280.88 (64 bit). The exploit makes use of an integer overflow in the SimplifiedLowering phase in turbofan. It is used along with a type hardening bypass using ArrayPrototypeShift to create a JSArray with a length of -1. This is abused to gain arbitrary read/write into the isolate region. Then an ArrayBuffer can be used to achieve absolute arbitrary read/write. The exploit then uses WebAssembly in order to allocate a region of RWX memory, which is then replaced with the payload shellcode. The payload is executed within the sandboxed renderer process, the browser must be run with the --no-sandbox option for the payload to work correctly.
Note	Reliability: - repeatable-session SideEffects: - ioc-in-logs Stability: - crash-service-restarts
Ransomware campaign use	Unknown
Source publication date	Nov. 19, 2020
Platform	Linux,OSX,Windows
Source URL	https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/chrome_simplifiedlowering_overflow.rb

Metasploit

This module exploits an issue in Google Chrome versions before 87.0.4280.88 (64 bit). The exploit makes use of an integer overflow in the SimplifiedLowering phase in turbofan. It is used along with a type hardening bypass using ArrayPrototypeShift to create a JSArray with a length of -1. This is abused to gain arbitrary read/write into the isolate region. Then an ArrayBuffer can be used to achieve absolute arbitrary read/write. The exploit then uses WebAssembly in order to allocate a region of RWX memory, which is then replaced with the payload shellcode. The payload is executed within the sandboxed renderer process, the browser must be run with the --no-sandbox option for the payload to work correctly.

Reliability:
  - repeatable-session
SideEffects:
  - ioc-in-logs
Stability:
  - crash-service-restarts

Unknown

Nov. 19, 2020

Linux,OSX,Windows

https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/browser/chrome_simplifiedlowering_overflow.rb

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:14:30.299298+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/202012-05	38.0.0

2026-04-01T13:14:30.299298+00:00

Gentoo Importer

Import

https://security.gentoo.org/glsa/202012-05

38.0.0

Vulnerability ID	VCID-bubn-bugv-cyhw
Aliases	CVE-2020-16040
Summary	Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code.
Status	Published
Exploitability	2.0
Weighted Severity	8.0
Risk	10.0
Affected and Fixed Packages	Package Details

Percentile	0.9887
EPSS Score	0.75147
Published At	April 4, 2026, 12:55 p.m.