523 matches found
CVE-2026-14126
CVE-2026-14126 describes an issue in Google Chrome on Android prior to 150.0.7871.47 where an incorrect security UI could allow a remote attacker to spoof the domain through a crafted HTML page. The vulnerability is associated with Chromium security (severity: Low) and is exploitable via network ...
CVE-2026-14106
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14088
Uninitialized Use in Canvas in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14064
Use after free in PageInfo in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14064
Use after free in PageInfo in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14064
CVE-2026-14064 is a use-after-free in PageInfo affecting Google Chrome on Android prior to version 150.0.7871.47. The vulnerability allows a remote attacker to trigger arbitrary code execution by convincing a user to perform specific UI gestures on a crafted HTML page. Root cause: use-after-free ...
CVE-2026-14046
CVE-2026-14046 affects Google Chrome on Android through the CustomTabs implementation. An inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability is characterized by a Chromium-based Low severity, with a network attack vect...
CVE-2026-14008
Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13997
Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13995
CVE-2026-13995 : Insufficient validation of untrusted input in Autofill for Google Chrome on Android allows a remote attacker to perform UI spoofing via a crafted HTML page. Affected are Chrome builds prior to 150.0.7871.47; remediation is to update to 150.0.7871.47 or a later version once releas...
CVE-2026-13995
Insufficient validation of untrusted input in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13969
CVE-2026-13969 affects Google Chrome on Android: an uninitialized UI state in the renderer allows reading potentially sensitive memory via a crafted HTML page when the renderer is compromised. Exploitation involves a network attack with user interaction required; impact is confidentiality (high)....
CVE-2026-13964
Insufficient policy enforcement in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13954
The CVE-2026-13954 entry concerns Google Chrome on Android with an XML policy enforcement flaw. The issue is described as insufficient policy enforcement in XML that could allow a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. Affected softw...
CVE-2026-13955
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-13955.
CVE-2026-13949
Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13949
Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13943
Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13941
CVE-2026-13941 affects Google Chrome on Android. The vulnerability arises from an inappropriate SiteSettings implementation that enables UI spoofing via a crafted HTML page. Affected version is Chrome for Android before 150.0.7871.47. Impact is UI spoofing (no confidentiality, no data loss per th...
CVE-2026-13939
Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...