Lucene search
+L

40 matches found

nvd
nvd
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13948

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS0.00156EPSS
Exploits0References2
nvd
nvd
added 2026/06/30 11:17 p.m.9 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
debiancve
debiancve
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14047

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00175EPSS
Exploits0
cve
cve
added 2026/06/30 10:37 p.m.22 views

CVE-2026-13824

CVE-2026-13824 concerns Google Chrome extensions policy enforcement. The issue is described as insufficient policy enforcement in Chrome’s Extensions, allowing a remote attacker who has compromised the renderer process to escalate privileges via a crafted HTML page. The public notes specify the v...

7.5CVSS5.8AI score0.00277EPSS
Exploits0References2Affected Software1
ptsecurity
ptsecurity
added 2026/06/30 12:0 a.m.11 views

PT-2026-54221

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows an attacker to perform UI spoofing through a crafted Chrome Extension, provided they can convince a user to install the...

9.8CVSS6AI score0.00413EPSS
Exploits0References449
mscve
mscve
added 2026/06/05 2:0 p.m.12 views

Chromium: CVE-2026-11190 Insufficient policy enforcement in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00165EPSS
Exploits0
mscve
mscve
added 2026/06/05 2:0 p.m.9 views

Chromium: CVE-2026-11014 Insufficient policy enforcement in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00214EPSS
Exploits0
mscve
mscve
added 2026/06/05 2:0 p.m.12 views

Chromium: CVE-2026-11168 Insufficient policy enforcement in Extensions

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

6.5CVSS5.4AI score0.00229EPSS
Exploits0
euvd
euvd
added 2026/06/05 12:31 a.m.15 views

EUVD-2026-34728

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00139EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/04 11:6 p.m.9 views

CVE-2026-11267

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

5.4AI score0.00139EPSS
Exploits0References2
cve
cve
added 2026/06/04 11:4 p.m.25 views

CVE-2026-11062

CVE-2026-11062 affects Google Chrome extensions: insufficient policy enforcement in Extensions allows an attacker to inject scripts/HTML into a privileged page when a user installs a crafted malicious extension. Impact is partial integrity compromise of privileged pages; exploit not confirmed in ...

4.3CVSS5.8AI score0.00135EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2026/06/04 11:4 p.m.10 views

CVE-2026-11014

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.3AI score0.00214EPSS
Exploits0
cnnvd
cnnvd
added 2026/06/02 12:0 a.m.9 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 149.0.7827.53 had a security vulnerability. This vulnerability stemmed from insufficient policy execution in the Extensions component, allowing attackers who persuade users to install...

6.5CVSS5.5AI score0.00214EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/06 6:12 p.m.37 views

CVE-2026-7952

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...

0.00172EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/05 12:0 a.m.13 views

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient execution of the Extensions policy, which could allow remote attackers to bypass autonomous access control...

4.2CVSS5.9AI score0.00172EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2026/03/25 12:0 a.m.14 views

PT-2026-38145

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient policy enforcement in Extensions allows a remote attacker who has compromised the renderer process to bypass discretionary access control a type of access control where the...

9.6CVSS5.8AI score0.00338EPSS
Exploits0References140
osv
osv
added 2026/03/17 10:11 a.m.2 views

OPENSUSE-SU-2026:20372-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.80: CVE-2026-3909: Out of bounds write in Skia boo1259659 - Chromium 146.0.7680.75 released 2026-03-12 boo1259648 CVE-2026-3910: Inappropriate implementation in V8. - Chromium 146.0.7680.71 released...

9.6CVSS6AI score0.02EPSS
Exploits1References34
susecve
susecve
added 2026/03/12 2:4 p.m.7 views

SUSE CVE-2026-3928

Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00123EPSS
Exploits0References3
nvd
nvd
added 2026/03/11 10:16 p.m.6 views

CVE-2026-3928

Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS0.00123EPSS
Exploits0References2
freebsd
freebsd
added 2026/03/10 12:0 a.m.7 views

chromium -- security fixes

Chrome Releases reports: This update includes 29 security fixes: 483445078 Critical CVE-2026-3913: Heap buffer overflow in WebML. Reported by Tobias Wienand on 2026-02-10 481776048 High CVE-2026-3914: Integer overflow in WebML. Reported by cinzinga on 2026-02-04 483971526 High CVE-2026-3915: Heap...

9.6CVSS6AI score0.00417EPSS
Exploits0References1
Rows per page
Query Builder