51 matches found
EUVD-2026-42748
Zen is a firefox-based browser. Prior to 1.21.5b, Zen's glance and split-view context-menu actions, Open link in glance and Split link in new tab, load a page-controlled link URL with the System principal instead of the originating page's principal, allowing a malicious web page to place a link t...
PT-2026-57005
Name of the Vulnerable Software and Affected Versions Zen versions prior to 1.21.5b Description In the glance and split-view context-menu actions, specifically Open link in glance and Split link in new tab, the browser loads a page-controlled link URL using the System principal instead of the...
EUVD-2026-40641
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14072
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14026
Incorrect security UI in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-13953
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14072
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13953
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13953
Summary: CVE-2026-13953 affects Google Chrome’s SplitView implementation in Chromium. An insecure/incorrect SplitView behavior allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. This is rated Medium (CVSSv3.1 base score 6....
Astra Linux – Vulnerability in Chromium
The incorrect security UI in Split View in Google Chrome prior to version 144.0.7559.59 allowed a remote attacker to perform UI spoofing through a crafted HTML page. Chromium security severity: Low...
ROS-20260310-73-0014
A vulnerability in the Split View component of Google Chrome browser is related to information presentation errors in the user interface. Exploitation of the vulnerability could allow a remote attacker to conduct spoofing attacks...
Fedora 43 : cef (2026-c5295ae3b9)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c5295ae3b9 advisory. Update to cef-144.0.11+ge135be2 + chromium 144.0.7559.96 rhbz2432335 CVE-2026-1220: Race in V8 CVE-2026-0899: Out of bounds memory access in V8...
ROS-20260122-73-0017
A vulnerability in the Split View component of Google Chrome browser is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow a remote attacker to spoof the user interface using a specially crafted domain name...
CVE-2026-0907
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-0907
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-0907
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-0907
CVE-2026-0907 affects Google Chrome/Chromium Split View UI, allowing UI spoofing via a crafted HTML page before version 144.0.7559.59. Connected documents confirm related Chromium/CEF updates in the 144.0.7559.x series across Fedora and ChromeOS advisories, indicating a patched release beyond 144...
CVE-2026-0907
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-0907
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-0907
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...