Lucene search
K

703 matches found

EUVD
EUVD
added yesterday6 views

EUVD-2026-40690

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00174EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-40553

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00208EPSS
Exploits0References3
OSV
OSV
added 2 days ago3 views

DEBIAN-CVE-2026-14002

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00174EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-14002

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00174EPSS
Exploits0References2
OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-13867

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 2 days ago5 views

CVE-2026-13867

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00208EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-14002

CVE-2026-14002 affects Google Chrome Geolocation in Chromium, prior to 150.0.7871.47. Root cause is an inappropriate Geolocation implementation that lets a remote attacker who has compromised the renderer process perform UI spoofing via a crafted HTML page. Impact is UI spoofing with possible hig...

6.5CVSS5.8AI score0.00174EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2 days ago20 views

CVE-2026-14002

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00174EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-14002

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00174EPSS
Exploits0
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13867

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00208EPSS
Exploits0
Cvelist
Cvelist
added 2 days ago20 views

CVE-2026-13867

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00208EPSS
Exploits0References2
CVE
CVE
added 2 days ago5 views

CVE-2026-13867

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00208EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2026/06/20 4:17 p.m.10 views

CVE-2026-56218

Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers can download uploaded images and extract precise latitude and longitude coordinates revealing user physical location at capture time...

6.9CVSS0.00205EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/20 3:24 p.m.8 views

EUVD-2026-38114

Capgo before 12.128.2 fails to strip EXIF metadata including GPS geolocation data from uploaded images, allowing information disclosure. Attackers can download uploaded images and extract precise latitude and longitude coordinates revealing user physical location at capture time...

6.9CVSS5.8AI score0.00205EPSS
Exploits0References2
CVE
CVE
added 2026/06/20 3:24 p.m.19 views

CVE-2026-56218

Capgo prior to 12.128.2 does not strip EXIF metadata (including GPS coordinates) from uploaded images, enabling disclosure of users’ precise location. Attackers can download images and extract coordinates at capture time. Remediation: upgrade Capgo to version 12.128.2 or later.

6.9CVSS5.8AI score0.00205EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.12 views

PT-2026-51146

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description The software fails to strip EXIF metadata, which includes GPS geolocation data, from uploaded images. This leads to information disclosure, as attackers can download these images and extract precise...

6.9CVSS5.8AI score0.00205EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox, Thunderbird

By displaying a form validation message in the correct location at the same time as a permission prompt such as for geolocation, the validation message could potentially obscure the prompt, allowing the user to be tricked into granting the permission. This vulnerability affects Firefox 94,...

4.3CVSS6.1AI score0.01527EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in Firefox

When sharing geolocation during an active WebRTC share, Firefox may reset the WebRTC sharing state in the user interface, resulting in a loss of control over the currently granted permissions. This vulnerability affects Firefox versions earlier than 85...

4.3CVSS5.5AI score0.00657EPSS
Exploits0References1
OSV
OSV
added 2026/06/12 8:54 p.m.8 views

MAL-2026-5716 Malicious code in beamz (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c380f1f0fc3c5cf723cd7d92bf41c30f622aafaa633a32f0a78bf91a3a769d2a The package advertises itself as a credential-transfer CLI but implements transfer by reading the user's Anthropic Claude Code credentials...

5.5AI score
Exploits0References6
Microsoft CVE
Microsoft CVE
added 2026/06/09 2:0 p.m.9 views

Chromium: CVE-2026-11145 Race in Geolocation

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

5.3CVSS5.4AI score0.00164EPSS
Exploits0
Rows per page
Query Builder