Lucene search
K

690 matches found

CVE
CVE
added 2026/06/30 10:39 p.m.49 views

CVE-2026-14054

The CVE-2026-14054 entry concerns Google Chrome (Chromium base) with an issue in policy enforcement that allowed navigation restriction bypass via a crafted HTML page, affecting versions prior to 150.0.7871.47. The vulnerability is described as low severity (CVSS 4.3, MEDIUM by some scales) with ...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14043

The vulnerability CVE-2026-14043 affects Google Chrome components handling GetUserMedia. A use-after-free in GetUserMedia could allow a remote attacker with control of the renderer process to potentially escape the sandbox via a crafted HTML page. Affected software is Chrome before build 150.0.78...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.7 views

CVE-2026-14043

Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

9.6CVSS5.8AI score0.00253EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14042

Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.0019EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14041

Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

8.8CVSS5.8AI score0.00253EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13996

Inappropriate implementation in Permissions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00218EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.6 views

CVE-2026-13991

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00169EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-13979

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.0023EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.24 views

CVE-2026-13965

CVE-2026-13965: Use-after-free in Oilpan within Google Chrome (Chromium) before 150.0.7871.47 allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Impact: high (arbitrary code in sandbox); attack vector: network, user interaction required. Affected product:...

8.8CVSS6.2AI score0.00379EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.4 views

CVE-2026-13963

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00174EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-13913

Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00233EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.4 views

CVE-2026-13901

Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00345EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.27 views

CVE-2026-13897

Insufficient policy enforcement in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

0.00304EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00224EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/06/30 10:38 p.m.8 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.0028EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13876

Inappropriate implementation in Network in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to bypass content security policy via malicious network traffic. Chromium security severity: Medium...

0.00227EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-13872

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...

0.00272EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13867

CVE-2026-13867 affects Google Chrome’s Geolocation implementation. The vulnerability arises from an inappropriate Geolocation implementation, enabling a remote attacker to spoof UI via a crafted HTML page. Impact is UI spoofing with no confirmed exploitation details beyond the description; affect...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13852

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...

9.1CVSS5.8AI score0.00289EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.3 views

CVE-2026-13842

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...

4.3CVSS5.8AI score0.00227EPSS
Exploits0
Rows per page
Query Builder