Lucene search
K

4354 matches found

CVE
CVE
added 2 days ago7 views

CVE-2026-58522

CVE-2026-58522 pertains to Microsoft Edge for Android and describes a relative path traversal that could allow an unauthorized local disclosure of information. The NVD/CVE records label the flaw as a Relative path traversal in Edge for Android, enabling local information disclosure. The CVSS 3.1 ...

6.8CVSS5.8AI score0.0029EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-13997

Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00154EPSS
Exploits0References2
NVD
NVD
added 5 days ago5 views

CVE-2026-13927

Insufficient validation of untrusted input in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS0.0012EPSS
Exploits0References2
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-14114

Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Low...

7.5CVSS5.8AI score0.00158EPSS
Exploits0
Debian CVE
Debian CVE
added 5 days ago4 views

CVE-2026-13923

Uninitialized Use in GPU in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00326EPSS
Exploits0
Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00265EPSS
Exploits0
Positive Technologies
Positive Technologies
added 5 days ago7 views

PT-2026-54162

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description A use after free issue in Skia allows a remote attacker to execute arbitrary code within a sandbox by inducing the user to visit a specially crafted HTML page. Use after free...

8.8CVSS6.3AI score0.00379EPSS
Exploits0References4
EUVD
EUVD
added 6 days ago9 views

EUVD-2026-40011

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS5.4AI score0.00133EPSS
Exploits0References7
EUVD
EUVD
added 2026/06/26 12:32 a.m.8 views

EUVD-2026-39584

Use after free in Payments in Google Chrome on Android prior to 149.0.7827.201 allowed a local attacker to potentially exploit heap corruption via physical access to the device. Chromium security severity: High...

6.8CVSS5.9AI score0.00115EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to version 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page...

6.5CVSS7.3AI score0.04493EPSS
Exploits1References2
EUVD
EUVD
added 2026/06/15 9:30 p.m.6 views

EUVD-2025-210155

An issue was discovered in Rakuten Send Anywhere File Transfer for Android com.estmob.android.sendanywhere 23.2.9. The vulnerability allows untrusted applications with no permissions to force arbitrary file downloads into the app's scoped storage. The resulting files appear in the application's...

6AI score0.00284EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/15 12:31 a.m.13 views

EUVD-2026-36669

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment...

5.3CVSS5.4AI score0.00105EPSS
Exploits0References6
CVE
CVE
added 2026/06/15 12:0 a.m.15 views

CVE-2025-68713

Rakuten Send Anywhere for Android (com.estmob.android.sendanywhere, version 23.2.9) is affected. A vulnerability allows untrusted applications with no permissions to trigger arbitrary file downloads into the app’s scoped storage, with downloaded items appearing in the app’s trusted Received inter...

8CVSS6.1AI score0.00284EPSS
Exploits0References1
NVD
NVD
added 2026/06/14 11:16 p.m.10 views

CVE-2026-12190

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the component ai.mainfunc.genspark. The manipulation leads to improper authorization in handler for custom url scheme. The attack can only be performed from a local environment...

5.3CVSS0.00105EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/06/13 2:28 a.m.5 views

SUSE CVE-2026-12028

Use after free in GPU in Google Chrome on Android prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00229EPSS
Exploits0References3
CVE
CVE
added 2026/06/11 8:48 p.m.24 views

CVE-2026-12030

CVE-2026-12030: Out-of-bounds write in Chrome’s GPU code on Android (pre-149.0.7827.115) potentially enables a sandbox escape when a renderer process is compromised via a crafted HTML page. Affected: Google Chrome for Android; impact: high. Exploitation requires renderer access; remediation: Goog...

8.3CVSS5.5AI score0.00191EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/09 5:5 p.m.39 views

CVE-2026-42835

Microsoft Teams for Android contains a vulnerability described as improper neutralization of special elements in output used by a downstream component ('injection'), enabling an authorized attacker to disclose information over a network. Affected software: Microsoft Teams for Android. Root cause:...

8.1CVSS5.4AI score0.01259EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47803

Name of the Vulnerable Software and Affected Versions Zoom Workplace versions prior to 7.0.4 for Android Zoom Workplace versions prior to 7.0.3 for iOS Description Improper authorization in the handler for custom URL schemes allows an unauthenticated user to perform an escalation of privilege via...

8.1CVSS5.2AI score0.00211EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10932

Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.5AI score0.00301EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:46 a.m.8 views

SUSE CVE-2026-11080

Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS5.5AI score0.00234EPSS
Exploits0References2
Rows per page
Query Builder