62 matches found
CVE-2026-15193
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
CVE-2026-15193 AidanPark openclaw-android Android WebView Bridge JsBridge.kt os command injection
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
EUVD-2026-42626
A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only ...
CVE-2026-13964
CVE-2026-13964 affects WebView in Google Chrome on Android. The vulnerability is due to insufficient policy enforcement that allowed bypassing navigation restrictions via a crafted HTML page. Impact is a medium severity remote issue. The documented fix is Chrome version 150.0.7871.47 or later; up...
CVE-2026-13924
Insufficient validation of untrusted input in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13037
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13037
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.197 allowed a local attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-12448
CVE-2026-12448 affects WebView in Google Chrome on Android prior to 149.0.7827.155. The issue is an inappropriate implementation in WebView that allows a remote attacker to escalate privileges via a crafted HTML page. The vulnerability is tied to Chromium WebView behavior and is rated High severi...
CVE-2026-12438
The CVE-2026-12438 entry corresponds to an issue in WebView for Google Chrome on Android, where an attacker who compromised the renderer process could escape the browser sandbox via a crafted HTML page. Affected product/vector: Android WebView in Chrome; root cause: inappropriate implementation i...
CVE-2026-12438
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
PT-2026-50198
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.155 Description An inappropriate implementation in the WebView component allows a remote attacker to perform privilege escalation by using a crafted HTML page. Recommendations Update Google...
SUSE CVE-2026-11167
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-34756
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-34639
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-11072
Use after free in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: Medium...
CVE-2026-11295
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11290
Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. Chromium security severity: Low...
CVE-2026-11290
CVE-2026-11290 describes an integer overflow in Android WebView used by Google Chrome, affecting Chrome on Android up to version before 149.0.7827.53. The vulnerability allows a local attacker to trigger a denial of service by processing a malicious file. The available description states the issu...
CVE-2026-11290
Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. Chromium security severity: Low...
CVE-2026-11097
Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...