CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. Chromium security severity: Low...

Access Control Bypass

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Access Control Bypass due to insufficient Content Security Policy enforcement in the Network.loadNetworkResource method of the DevTools protocol network handler. An attacker can exfiltrat...

Improper Neutralization

Overview chrome-devtools-frontend is a Chrome DevTools UI Affected versions of this package are vulnerable to Improper Neutralization due to insufficient sanitization of special whitespace characters in the escapeStringWin function. An attacker can execute arbitrary code by crafting malicious inp...

CVE-2025-12909

Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. Chromium security severity: Low...

CVE-2025-12909

CVE-2025-12909 affects Google Chrome via Devtools: Insufficient policy enforcement in Devtools allows a remote attacker to leak cross-origin data. The vulnerability is tied to Chrome versions before 140.0.7339.80. Affected component: Devtools policy enforcement in Chrome/Chromium. Impact per sour...

CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. Chromium security severity: Low...

CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. Chromium security severity: Low...

CVE-2025-12907

CVE-2025-12907 affects Google Chrome DevTools (in Chrome prior to 140.0.7339.80). The issue is insufficient validation of untrusted input in DevTools, enabling a remote attacker to achieve arbitrary code execution via user actions in DevTools. Connected sources confirm the vulnerability exists in...

CVE-2025-12907

Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. Chromium security severity: Low...

EUVD-2016-6137

Malware in sbrugna...

PT-2025-45518

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 140.0.7339.80 Description A flaw exists in Google Chrome's Devtools due to insufficient policy enforcement. This issue could allow a remote attacker to leak cross-origin data through the Devtools functionality...

Linux Distros Unpatched Vulnerability : CVE-2018-6111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An object lifetime issue in the developer tools network handler in Google Chrome prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via a...

Linux Distros Unpatched Vulnerability : CVE-2018-6178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Eliding from the wrong side in an infobar in DevTools in Google Chrome prior to 68.0.3440.75 allowed an attacker who convinced a user to install a malicious...

Linux Distros Unpatched Vulnerability : CVE-2018-6139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a...

Linux Distros Unpatched Vulnerability : CVE-2018-6045

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a...

Linux Distros Unpatched Vulnerability : CVE-2018-6039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a...

Linux Distros Unpatched Vulnerability : CVE-2018-6046

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a...

Linux Distros Unpatched Vulnerability : CVE-2018-6101

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A lack of host validation in DevTools in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page, if th...

Linux Distros Unpatched Vulnerability : CVE-2025-4050

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures...

Linux Distros Unpatched Vulnerability : CVE-2018-6035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a...