20146 matches found
DEBIAN-CVE-2026-13862
Insufficient policy enforcement in Web Authentication Passkeys & Security Keys in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13850
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...
DEBIAN-CVE-2026-13777
Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-13777
Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-14137
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14137
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14128
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14075
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14074
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14074
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14067
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14068
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14028
Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13991
CVE-2026-13991 describes insufficient validation of untrusted input in Chrome for iOS / Google Chrome on iOS prior to version 150.0.7871.47 , enabling a remote attacker to perform UI spoofing via a crafted HTML page. The root cause is input validation weaknesses in the iOS Chrome rendering path. ...
CVE-2026-13987
Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13987
CVE-2026-13987 affects Google Chrome for Android (Mobile UI) prior to 150.0.7871.47, where an incorrect security UI could allow a remote attacker to perform UI spoofing via a crafted HTML page. The issue is described with a Medium severity and is tied to Chromium components. The available connect...
CVE-2026-13981
CVE-2026-13981: In Chrome for iOS, Google Chrome on iOS contains an inappropriate implementation that enables UI spoofing via a crafted HTML page. Affected product is Chrome for iOS; root cause is an implementation flaw in the iOS build. Impact stated: remote attacker could perform UI spoofing. R...
CVE-2026-13980
CVE-2026-13980 affects Chrome for iOS (Google Chrome on iOS). The vulnerability stems from an inappropriate implementation in Chrome for iOS prior to version 150.0.7871.47, enabling a remote attacker to perform UI spoofing via a crafted HTML page. Documents consistently describe the issue as a UI...
CVE-2026-13946
Inappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13916
Chrome for iOS prior to 150.0.7871.47 allows UI spoofing via a crafted HTML page due to an inappropriate implementation in Chrome for iOS. Affected: Google Chrome on iOS (Chromium-based). Impact: UI spoofing risk; Severity: Medium (CVSS v3.1 base 4.3). Root cause: inappropriate implementation as ...