11 matches found
EUVD-2026-40808
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: Low...
EUVD-2026-40813
Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40737
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40738
Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40693
Use after free in Omnibox in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40516
Use after free in Chromoting in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: High...
CVE-2026-14099
CVE-2026-14099 is a use-after-free vulnerability in Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47 . The issue could allow a remote attacker to potentially trigger heap corruption when a user is convinced to perform specific UI gestures on a crafted HTML page. The Chromium s...
CVE-2026-14074
CVE-2026-14074 affects Google Chrome on iOS prior to 150.0.7871.47, where a side-channel in WebAuthentication could leak cross-origin data via a crafted HTML page. The description confirms a remote attacker could exfiltrate data; no exploit details or in‑the‑wild status are provided. Affected com...
CVE-2026-13848
CVE-2026-13848 describes a use-after-free in the Forms component of Google Chrome prior to version 150.0.7871.47 , allowing a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected product: Google Chrome (Chromium-based). Root cause: use-after-free in Forms...
CVE-2026-13845
The CVE-2026-13845 entry concerns Google Chrome with a use-after-free in the DOM that allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Affected product/version pattern is Chrome prior to 150.0.7871.47, with the severity labeled as High. The vu...
CVE-2026-13822
The CVE describes an inappropriate implementation in Google Chrome extensions on Android prior to version 150.0.7871.47, where a user-supplied malicious extension could bypass the same-origin policy via a crafted extension. Affected product: Chrome for Android; root cause: faulty extension handli...