50 matches found
EUVD-2026-40744
Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-14057
Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14057
Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14057
Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14057
Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14057
CVE-2026-14057 affects Google Chrome where an inappropriate FedCM implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected versions are Chrome before 150.0.7871.47; the vulnerability stems from the FedCM component’s incorrect handling, enabling cr...
PT-2026-54332
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in the Federated Credential Management FedCM API allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts...
Astra Linux – Vulnerability in Chromium
The use of “after free” in FedCM within Google Chrome before version 122.0.6261.111 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Before version 104.0.5112.101, using “after free” in FedCM via Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
Using “after free” in FedCM in Google Chrome before version 120.0.6099.109 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...
ROS-20260520-73-0039
A vulnerability in the FedCM component of Google Chrome browser is related to post-release memory usage. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...
Chromium: CVE-2026-8013 Insufficient validation of untrusted input in FedCM
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-28129
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-8013
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-8013
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-8013
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-8013
CVE-2026-8013 affects Google Chrome FedCM (Federated Credential Management) prior to 148.0.7778.96. The vulnerability is due to insufficient validation of untrusted input, enabling a remote attacker to leak cross-origin data via a crafted HTML page. Impact is described as cross-origin data leakag...
CVE-2026-8013
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
PT-2026-38206
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in FedCM Federated Credential Management, an API that allows users to sign into websites using credentials from a third-party identity provide...
Google Chrome 输入验证错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 had a vulnerability related to input validation. This vulnerability stemmed from insufficient trust-based input validation by FedCM, which could allow remote attackers to exploit the system by...