Lucene search
K

203 matches found

OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.5 views

CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00299EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14132

Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.42 views

CVE-2026-14132

CVE-2026-14132 affects Google Chrome WebXR: an inappropriate WebXR implementation allows a remote attacker to spoof UI via a crafted HTML page. Affects Chrome versions prior to 150.0.7871.47; the issue is rated Low severity with user interaction required and network attack vector. The publicly do...

5.4CVSS5.8AI score0.0018EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.4 views

CVE-2026-14132

Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.8AI score0.0018EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14073

Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

0.00182EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.5 views

CVE-2026-14073

Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00182EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.66 views

CVE-2026-14073

CVE-2026-14073 affects Google Chrome WebXR prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in WebXR, which could let a remote attacker bypass navigation restrictions through a crafted HTML page. Affects Chrome components described across multiple sources (NVD, Debi...

4.3CVSS5.8AI score0.00182EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.26 views

CVE-2026-14034

Inappropriate implementation in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

0.00234EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14034

CVE-2026-14034 describes an insecure WebXR implementation in Google Chrome on Android prior to version 150.0.7871.47 . A remote attacker could bypass navigation restrictions by presenting a crafted HTML page, due to an inappropriate handling in WebXR. The vulnerability has a low severity (per Chr...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14034

Inappropriate implementation in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00234EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-14020

Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.0019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.4 views

CVE-2026-14020

Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0019EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.166 views

CVE-2026-14020

CVE-2026-14020 affects Google Chrome WebXR prior to 150.0.7871.47. The root cause is insufficient validation of untrusted input in WebXR, allowing a remote attacker who has compromised the renderer process to perform UI spoofing via a crafted HTML page. Impact is UI spoofing with medium severity ...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-14008

Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.0025EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-14008

Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.0025EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.23 views

CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.00299EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.13 views

CVE-2026-13910

Summary: CVE-2026-13910 affects Google Chrome on Android, where WebXR policy enforcement is insufficient. The vulnerability could allow a remote attacker to leak cross-origin data through a crafted HTML page. The issue is tied to Chrome/Android WebXR, with the described impact as per multiple sou...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00299EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54284

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An uninitialized use in WebXR allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Rows per page
Query Builder