Lucene search
K

90 matches found

NVD
NVD
added 3 days ago5 views

CVE-2026-13791

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

8.1CVSS0.00324EPSS
Exploits0References2
Debian CVE
Debian CVE
added 3 days ago5 views

CVE-2026-13925

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS6.2AI score0.00354EPSS
Exploits0
Cvelist
Cvelist
added 3 days ago21 views

CVE-2026-13925

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

0.00354EPSS
Exploits0References2
Debian CVE
Debian CVE
added 3 days ago3 views

CVE-2026-13791

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

8.1CVSS6.1AI score0.00324EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in Downloads in Google Chrome prior to version 119.0.6045.105 allowed a remote attacker to obfuscate the security UI through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.3AI score0.00646EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 12:17 a.m.7 views

CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.4CVSS0.00149EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 12:17 a.m.4 views

DEBIAN-CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.5AI score0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.6 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

8.6CVSS0.00083EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.7 views

DEBIAN-CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00227EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00149EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.5AI score0.00149EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.29 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

0.00083EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.20 views

CVE-2026-11107

Affected software: Google Chrome (Chromium-based) prior to version 149.0.7827.53. Issue: In the Downloads component, an inappropriate implementation allows a remote attacker to spoof UI via a crafted HTML page. Impact: UI spoofing; no other data confidentially affected per provided documents. Roo...

4.3CVSS5.8AI score0.00227EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.31 views

CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00227EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00227EPSS
Exploits0
NVD
NVD
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00291EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 7:52 p.m.10 views

CVE-2026-8564

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00163EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 7:52 p.m.7 views

EUVD-2026-30463

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.9 views

CVE-2026-8551

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/14 7:52 p.m.33 views

CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

0.00291EPSS
Exploits0References2
Rows per page
Query Builder