170 matches found
EUVD-2026-40725
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-14038
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14038
CVE-2026-14038 affects Google Chrome’s New Tab Page. The root cause is insufficient validation of untrusted input, allowing a remote attacker who has compromised the renderer to potentially escape the sandbox via a crafted HTML page. The vulnerability is addressed in Chrome version 150.0.7871.47 ...
CVE-2026-14038
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Before version 99.0.4844.74, using “After Free” in the New Tab page in Google Chrome allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption through specific user interactions...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in the New Tab Page of Google Chrome prior to 95.0.4638.69 allowed a remote attacker to inject arbitrary scripts or HTML into a new browser tab through a crafted HTML page...
Protection Mechanism Failure
Overview open-webui is an Open WebUI Affected versions of this package are vulnerable to Protection Mechanism Failure via the profileimageurl field in the model metadata process. An attacker can execute arbitrary JavaScript in the context of another user's session by storing a crafted SVG payload...
Chromium: CVE-2026-11691 Insufficient validation of untrusted input in New Tab Page
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
Chromium: CVE-2026-11660 Insufficient validation of untrusted input in New Tab Page
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-11691
An insufficient validation of untrusted input flaw was found in the New Tab Page component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=517585486...
CVE-2026-11660
An insufficient validation of untrusted input flaw was found in the New Tab Page component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=513731890...
SUSE CVE-2026-11660
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-11691
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
EUVD-2026-35217
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
EUVD-2026-35260
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11691
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-11691
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-11660
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-11660
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-11691
CVE-2026-11691 involves Google Chrome’s New Tab Page and is caused by insufficient validation of untrusted input. The vulnerability affects Chrome prior to version 149.0.7827.103, enabling a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page...