68 matches found
EUVD-2026-40823
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40716
Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40591
Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...
EUVD-2026-40481
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
EUVD-2026-40493
Use after free in Import in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a malicious file. Chromium security severity: High...
DEBIAN-CVE-2026-14137
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-13915
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13917
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13862
Insufficient policy enforcement in Web Authentication Passkeys & Security Keys in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14137
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13980
CVE-2026-13980 affects Chrome for iOS (Google Chrome on iOS). The vulnerability stems from an inappropriate implementation in Chrome for iOS prior to version 150.0.7871.47, enabling a remote attacker to perform UI spoofing via a crafted HTML page. Documents consistently describe the issue as a UI...
CVE-2026-13916
Chrome for iOS prior to 150.0.7871.47 allows UI spoofing via a crafted HTML page due to an inappropriate implementation in Chrome for iOS. Affected: Google Chrome on iOS (Chromium-based). Impact: UI spoofing risk; Severity: Medium (CVSS v3.1 base 4.3). Root cause: inappropriate implementation as ...
CVE-2026-13912
The CVE-2026-13912 affects Google Chrome on iOS prior to 150.0.7871.47, due to an Inappropriate implementation in Safe Browsing. This design issue enables a remote attacker to perform UI spoofing by presenting a crafted HTML page. The vulnerability description and connected records consistently i...
CVE-2026-13905
Chrome for iOS on Google Chrome (iOS) is affected by a race in versions prior to 150.0.7871.47, allowing a local attacker with physical access to potentially read confidential data from process memory. The issue is documented across CVE-2026-13905 and EUVD-2026-40591. Remediation is to upgrade to...
CVE-2026-13889
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13889
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13843
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13807
Use after free in Import in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a malicious file. Chromium security severity: High...
CVE-2026-13807
CVE-2026-13807 describes a use-after-free in Import for Google Chrome on iOS, exploited by convincing a user to perform specific UI gestures to run arbitrary code via a malicious file. Affected product: Google Chrome for iOS (before 150.0.7871.47). Root cause: use-after-free in the Import path. I...
CVE-2026-13795
CVE-2026-13795 affects Chrome for iOS (Google Chrome on iOS). The provided documents indicate insufficient policy enforcement in Chrome for iOS prior to version 150.0.7871.47, which could allow a remote attacker to bypass navigation restrictions via a crafted HTML page. The vulnerability is descr...