Lucene search
K

50 matches found

EUVD
EUVD
added 4 days ago4 views

EUVD-2026-40744

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00181EPSS
Exploits0References3
OSV
OSV
added 5 days ago3 views

DEBIAN-CVE-2026-14057

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 5 days ago4 views

CVE-2026-14057

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00181EPSS
Exploits0References2
Debian CVE
Debian CVE
added 5 days ago3 views

CVE-2026-14057

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00181EPSS
Exploits0
Cvelist
Cvelist
added 5 days ago19 views

CVE-2026-14057

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

0.00181EPSS
Exploits0References2
CVE
CVE
added 5 days ago53 views

CVE-2026-14057

CVE-2026-14057 affects Google Chrome where an inappropriate FedCM implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected versions are Chrome before 150.0.7871.47; the vulnerability stems from the FedCM component’s incorrect handling, enabling cr...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 5 days ago4 views

PT-2026-54332

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Federated Credential Management FedCM API allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts...

4.3CVSS6AI score0.00181EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

The use of “after free” in FedCM within Google Chrome before version 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.01251EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Before version 104.0.5112.101, using “after free” in FedCM via Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS7.3AI score0.02462EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Chromium

Using “after free” in FedCM in Google Chrome before version 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

8.8CVSS7.3AI score0.00639EPSS
Exploits0References2
Redos
Redos
added 2026/05/20 12:0 a.m.9 views

ROS-20260520-73-0039

A vulnerability in the FedCM component of Google Chrome browser is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...

8.8CVSS6.2AI score0.0042EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/05/07 2:0 p.m.12 views

Chromium: CVE-2026-8013 Insufficient validation of untrusted input in FedCM

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

4.3CVSS5.8AI score0.00163EPSS
Exploits0
EUVD
EUVD
added 2026/05/06 9:31 p.m.7 views

EUVD-2026-28129

Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References3
NVD
NVD
added 2026/05/06 7:16 p.m.7 views

CVE-2026-8013

Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00163EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2026/05/06 7:16 p.m.10 views

CVE-2026-8013

Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/06 6:13 p.m.7 views

CVE-2026-8013

Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00163EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 6:13 p.m.24 views

CVE-2026-8013

CVE-2026-8013 affects Google Chrome FedCM (Federated Credential Management) prior to 148.0.7778.96. The vulnerability is due to insufficient validation of untrusted input, enabling a remote attacker to leak cross-origin data via a crafted HTML page. Impact is described as cross-origin data leakag...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/05/06 6:13 p.m.4 views

CVE-2026-8013

Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00163EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/05 12:0 a.m.15 views

PT-2026-38206

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in FedCM Federated Credential Management, an API that allows users to sign into websites using credentials from a third-party identity provide...

9.6CVSS5.8AI score0.00344EPSS
Exploits0References138
CNNVD
CNNVD
added 2026/05/05 12:0 a.m.10 views

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation by FedCM, which could allow remote attackers to exploit the system by...

4.3CVSS5.8AI score0.00163EPSS
Exploits0References3
Rows per page
Query Builder