987 matches found
CVE-2026-58596 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
...
CVE-2026-58293
CVE-2026-58293 affects Microsoft Edge (Chromium-based). It describes external control of a file name or path that allows an unauthenticated attacker to execute code over the network. The CVSSv3.1 base score is 8.1 (High) with attack vector Network, attack complexity High, privileges required None...
CVE-2026-58284 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
...
EUVD-2026-40523
Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...
Google Chrome < 150.0.7871.46 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 150.0.7871.46. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0175352312 advisory. - Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed...
CVE-2026-14077
Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14023
Google Chrome (Chromium) SanitizerAPI in affected builds is vulnerable due to insufficient validation of untrusted input, allowing a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected version range is prior to 150.0.7871.47; vendor/chromium references indicate the ...
CVE-2026-13903
CVE-2026-13903 affects Google Chrome’s Bluetooth implementation. The connected records describe insufficient policy enforcement in Chrome prior to version 150.0.7871.47, enabling privilege escalation via a crafted HTML page. There is no explicit exploitation detail or confirmed in-the-wild use in...
CVE-2026-13027
An use after free flaw was found in the FileSystem component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=520543781...
CVE-2026-54092
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, unchecked passwords maximums allow for an arbitrarily large password to be passed into the login API. This spikes CPU and memory, and after...
CVE-2026-54097 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.6, a low-privileged authenticated user of filebrowser with create + delete permissions in their own isolated scope can silently destroy share-link...
Chromium: CVE-2026-12464 Use after free in Browser
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-12328
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.36, Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory...
CVE-2026-20178
A vulnerability in the browser-based version of Cisco Webex App could have allowed an unauthenticated, remote attacker to redirect users to a malicious webpage. Cisco has addressed this vulnerability in the Cisco Webex App, and no customer action is needed. This vulnerability existed due to...
DEBIAN-CVE-2026-12014
Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...
Chromium: CVE-2026-11172 Incorrect security UI in Contact Picker
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
DEBIAN-CVE-2026-11656
Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...
CVE-2026-11649
Use after free in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-11208
An use after free flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=506387278...
CVE-2026-11174
An insufficient policy enforcement flaw was found in the Site Isolation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=502348223...