203 matches found
DEBIAN-CVE-2026-13910
Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13910
Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14132
Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14132
CVE-2026-14132 affects Google Chrome WebXR: an inappropriate WebXR implementation allows a remote attacker to spoof UI via a crafted HTML page. Affects Chrome versions prior to 150.0.7871.47; the issue is rated Low severity with user interaction required and network attack vector. The publicly do...
CVE-2026-14132
Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14073
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14073
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14073
CVE-2026-14073 affects Google Chrome WebXR prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in WebXR, which could let a remote attacker bypass navigation restrictions through a crafted HTML page. Affects Chrome components described across multiple sources (NVD, Debi...
CVE-2026-14034
Inappropriate implementation in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14034
CVE-2026-14034 describes an insecure WebXR implementation in Google Chrome on Android prior to version 150.0.7871.47 . A remote attacker could bypass navigation restrictions by presenting a crafted HTML page, due to an inappropriate handling in WebXR. The vulnerability has a low severity (per Chr...
CVE-2026-14034
Inappropriate implementation in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14020
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14020
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14020
CVE-2026-14020 affects Google Chrome WebXR prior to 150.0.7871.47. The root cause is insufficient validation of untrusted input in WebXR, allowing a remote attacker who has compromised the renderer process to perform UI spoofing via a crafted HTML page. Impact is UI spoofing with medium severity ...
CVE-2026-14008
Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14008
Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13910
Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13910
Summary: CVE-2026-13910 affects Google Chrome on Android, where WebXR policy enforcement is insufficient. The vulnerability could allow a remote attacker to leak cross-origin data through a crafted HTML page. The issue is tied to Chrome/Android WebXR, with the described impact as per multiple sou...
CVE-2026-13910
Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
PT-2026-54284
Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description An uninitialized use in WebXR allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update...