2207 matches found
DEBIAN-CVE-2026-14123
Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14101
Insufficient policy enforcement in Sandbox in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14078
Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-14076
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14051
Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-14009
Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-14006
Use after free in Navigation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13994
Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13833
Uninitialized Use in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-14139
The CVE affects Google Chrome’s TabStrip with an inappropriate implementation in versions before 150.0.7871.47. A remote attacker could entice a user to perform specific UI gestures via a crafted HTML page to achieve UI spoofing. The issue is tied to a TabStrip implementation flaw in Chromium, wi...
CVE-2026-14129
Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14088
CVE-2026-14088 concerns an uninitialized-use vulnerability in Canvas within Google Chrome on Android . The issue allows a remote attacker to potentially read sensitive information from the process memory through a crafted HTML page, with the impact described as confidential data exposure and the ...
CVE-2026-14042
CVE-2026-14042 concerns Google Chrome Isolated Web Apps. The issue is an inappropriate implementation that allows a remote attacker to perform UI spoofing via a crafted HTML page. It affects Chrome versions prior to 150.0.7871.47 and is described with a Chromium security severity of Low. The prac...
CVE-2026-14024
CVE-2026-14024 : A use-after-free in Ozone within Google Chrome on Linux versions before 150.0.7871.47 allows a remote attacker who entices a user to perform specific UI gestures to potentially trigger heap corruption via a crafted HTML page. Impact is described as high for confidentiality, integ...
CVE-2026-13997
Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13965
Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13871
Insufficient policy enforcement in GuestView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13867
Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13803
CVE-2026-13803 describes a Type Confusion in Chrome Tabs affecting Google Chrome prior to 150.0.7871.47. The root cause is a type-confusion vulnerability in the Chrome renderer that could allow a remote attacker who already compromised the renderer process to potentially escape the sandbox by pre...
CVE-2026-13782
Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...