108 matches found
EUVD-2026-40761
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-14074
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a...
CVE-2026-14074
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13889
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13889
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13889
Consolidated analysis for CVE-2026-13889: A side-channel information leakage in WebAuthentication on Google Chrome for iOS (Chromium-based) affects the WebAuthentication component. The vulnerability allows a remote attacker to leak cross-origin data through a crafted HTML page. Affected product/a...
PT-2026-54349
Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Side-channel information leakage in WebAuthentication allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update Google...
Chromium: CVE-2026-11263 Insufficient policy enforcement in WebAuthentication
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-11263
An insufficient policy enforcement flaw was found in the WebAuthentication component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500044225...
CVE-2026-10906
An use after free flaw was found in the WebAuthentication component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503420438...
EUVD-2026-34724
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-34705
Insufficient validation of untrusted input in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-11263
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-10906
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to...
CVE-2026-10906
Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-10906
Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-11263
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11263
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11263
Insufficient policy enforcement in WebAuthentication in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-11244
The CVE-2026-11244 entry concerns Google Chrome’s WebAuthentication input validation. Affected component: WebAuthentication in Chrome (prior to 149.0.7827.53). Root cause: insufficient validation of untrusted input, enabling a remote attacker who compromised a renderer process to bypass the same-...