4373 matches found
CVE-2026-13024
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13023
Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39046
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13034
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13034
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13025
Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39040
Race in DevTools in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13024
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39038
Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39039
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13024
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13022
The CVE-2026-13022 entry describes an issue in Google Chrome's Autofill where an attacker who compromised the renderer process could leak cross-origin data via a crafted HTML page. Affected software is Chrome, with the vulnerability present in versions prior to 149.0.7827.197. Impact is stated as...
EUVD-2026-39037
Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
EUVD-2026-38802
A Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the Form Dashboard headline renderer...
EUVD-2026-38799
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...
CVE-2026-50703
A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...
CVE-2026-50705
A Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the Form Dashboard headline renderer...
CVE-2026-50705 Frappe Framework 17.0.0-dev - Stored XSS in Form Dashboard headline rendering
A Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the Form Dashboard headline renderer...
GHSA-5WRP-CWCJ-Q835 vulnerabilities
Vulnerabilities for packages: argo-cd, fleet-server-fips, gitlab-rails-ce-fips, cadvisor-fips, kgateway-fips, docker-compose-fips, beats, argo-workflows-fips, kubescape-operator, tw, grafana-image-renderer, boring-registry-fips, crossplane-provider-aws-mediapackage-fips, gitlab-operator-fips,...
Astra Linux – Vulnerability in Chromium
Before version 94.0.4606.61, using "use after free" in Portals within Google Chrome allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page...