Lucene search
K

192398 matches found

EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-40426

Capgo console.capgo.app/login before 12.128.2 accepts accesstoken and refreshtoken in URL query parameters, automatically authenticating users without confirmation. Attackers can craft malicious links to force victims into attacker-controlled sessions, exposing tokens in browser history and logs...

5.4CVSS5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-40798

Use after free in WebProtect in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Low...

6.1AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40819

Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-40817

Incorrect security UI in Omnibox in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40735

Use after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. Chromium security severity: Low...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40699

Out of bounds read in SurfaceCapture in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40703

Race in WebRTC in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40701

Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago2 views

EUVD-2026-40670

Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40675

Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago1 views

EUVD-2026-40504

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

5.8AI score
Exploits0References3
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40415

Invidious through 2.20260626.0, fixed in commit 77ad416, contains a broken object level authorization vulnerability that allows authenticated attackers to delete videos from other users' playlists by supplying an arbitrary global video index in the removevideo action of the playlist endpoint...

7.1CVSS5.9AI score
Exploits0References5
EUVD
EUVD
added 1 hour ago3 views

EUVD-2026-40420

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS5.8AI score
Exploits0References4
CVE
CVE
added yesterday3 views

CVE-2026-14147

CVE-2026-14147 : This vulnerability affects Google Chrome’s CSS handling prior to version 150.0.7871.47, where an inappropriate implementation could allow a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. The root cause is an implementation issue in CSS process...

6AI score
Exploits0References2
Cvelist
Cvelist
added yesterday2 views

CVE-2026-14144

Incorrect security UI in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Exploits0References2
CVE
CVE
added yesterday2 views

CVE-2026-14088

CVE-2026-14088 concerns an uninitialized use in Canvas on Google Chrome for Android. The issue allows a remote attacker to elicit potentially sensitive information from process memory via a crafted HTML page. The vulnerability affects Chrome on Android versions before 150.0.7871.47; the fix is ex...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14084

CVE-2026-14084 concerns Chromoting in Google Chrome with versions prior to 150.0.7871.47. The vulnerability stems from insufficient validation of untrusted input, enabling a remote attacker to potentially cause heap corruption through malicious network traffic. Affected component is Chromoting wi...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14072

Google Chrome contains an inappropriately implemented SplitView component that is vulnerable before version 150.0.7871.47, enabling a remote attacker to perform UI spoofing through a crafted HTML page. The vulnerability is classified with Chromium security severity: Low. Affected product/area: Ch...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday2 views

CVE-2026-14031

Summary: CVE-2026-14031 affects Google Chrome before 150.0.7871.47. The issue is an inappropriate implementation in the File Input component, enabling a remote attacker to execute a UI spoofing attack via a crafted HTML page. Impact (as described): UI spoofing from a crafted HTML page. Severity l...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14016

CVE-2026-14016 : In Google Chrome, an inappropriate implementation in SVG allowed a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Chrome (Chromium base). Vulnerability arises in SVG handling prior to version 150.0.7871.47 . Impact, as stated: potential cross...

5.8AI score
Exploits0References2
Rows per page
Query Builder