4 matches found
CVE-2026-14023
Google Chrome is affected by CVE-2026-14023 due to insufficient validation of untrusted input in SanitizerAPI. Versions prior to 150.0.7871.47 are vulnerable to a remote attacker bypassing the same-origin policy via a crafted HTML page. The issue is documented for Chrome/Chromium with a Medium se...
CVE-2026-8539
CVE-2026-8539 describes a script injection (UXSS) in Chrome on Android via the SanitizerAPI, exploitable through a crafted HTML page. Affected software: Google Chrome for Android (Chromium-based). Vulnerable component: SanitizerAPI. Root cause: insufficient input handling in SanitizerAPI leading ...
Linux Distros Unpatched Vulnerability : CVE-2026-7939
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a...
EUVD-2026-27981
Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...