20144 matches found
CVE-2026-13907
CVE-2026-13907 describes an inappropriate implementation in iOSWeb in Google Chrome on iOS (versions prior to 150.0.7871.47) that could allow UI spoofing when a user is guided to perform specific UI gestures on a crafted HTML page. Impact is described as Medium (CVSS 4.2); remediation or patch de...
CVE-2026-13905
Chrome for iOS on Google Chrome (iOS) is affected by a race in versions prior to 150.0.7871.47, allowing a local attacker with physical access to potentially read confidential data from process memory. The issue is documented across CVE-2026-13905 and EUVD-2026-40591. Remediation is to upgrade to...
CVE-2026-13904
Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13889
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13889
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13862
Insufficient policy enforcement in Web Authentication Passkeys & Security Keys in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13843
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13812
CVE-2026-13812 affects Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47. The issue is insufficient validation of untrusted input in a crafted HTML page, enabling UXSS if a user is induced to perform specific UI gestures. The vulnerability results in potential script/HTML injec...
CVE-2026-13807
Use after free in Import in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a malicious file. Chromium security severity: High...
CVE-2026-13807
CVE-2026-13807 describes a use-after-free in Import for Google Chrome on iOS, exploited by convincing a user to perform specific UI gestures to run arbitrary code via a malicious file. Affected product: Google Chrome for iOS (before 150.0.7871.47). Root cause: use-after-free in the Import path. I...
CVE-2026-13795
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...
CVE-2026-13795
CVE-2026-13795 affects Chrome for iOS (Google Chrome on iOS). The provided documents indicate insufficient policy enforcement in Chrome for iOS prior to version 150.0.7871.47, which could allow a remote attacker to bypass navigation restrictions via a crafted HTML page. The vulnerability is descr...
CVE-2026-13777
Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-13777
The CVE-2026-13777 issue affects Google Chrome for iOS (iOSWeb component). Description: Insufficient validation of untrusted input in iOSWeb could allow a remote attacker to exploit heap corruption via a crafted HTML page. Impact: heap corruption with high/critical severity; attacker would need r...
PT-2026-54256
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An inappropriate implementation in Chrome for iOS allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...
PT-2026-54259
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An inappropriate implementation in the browser allows a remote attacker to spoof the contents of the Omnibox the address bar where URLs are displayed by using a crafted HTML page...
PT-2026-54195
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker could potentially exploit heap corruption by inducing the browser to process a crafted HTML page. Use after free is a memory...
PT-2026-54374
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description A use after free issue exists where a remote attacker can potentially exploit heap corruption via a crafted HTML page. This occurs when a user is convinced to perform specific UI...
PT-2026-54072
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient policy enforcement allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update Google Chrome on iOS to version...
PT-2026-54054
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the iOSWeb component allows a remote attacker to potentially cause heap corruption, which occurs when memory in the heap area is...