Lucene search
K

91 matches found

NVD
NVD
added 2026/06/30 11:16 p.m.7 views

CVE-2026-13791

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

8.1CVSS0.00324EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13925

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

0.00354EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13925

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS6.2AI score0.00354EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.6 views

CVE-2026-13791

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...

8.1CVSS6.1AI score0.00324EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54068

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the Downloads component allows an attacker to execute arbitrary code. This occurs when a user is convinced to install a crafted malicious...

9.6CVSS6.2AI score0.00413EPSS
Exploits0References448
NVD
NVD
added 2026/06/05 12:17 a.m.9 views

CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.4CVSS0.00149EPSS
Exploits0References2
OSV
OSV
added 2026/06/05 12:17 a.m.5 views

DEBIAN-CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.5AI score0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.8 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

8.6CVSS0.00083EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.9 views

DEBIAN-CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00227EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.5AI score0.00149EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.9 views

CVE-2026-11243

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.5AI score0.00149EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.34 views

CVE-2026-11158

Insufficient validation of untrusted input in Downloads in Google Chrome on Mac prior to 149.0.7827.53 allowed a local attacker to potentially perform a sandbox escape via a crafted AppleScript command. Chromium security severity: Medium...

0.00083EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:4 p.m.21 views

CVE-2026-11107

Affected software: Google Chrome (Chromium-based) prior to version 149.0.7827.53. Issue: In the Downloads component, an inappropriate implementation allows a remote attacker to spoof UI via a crafted HTML page. Impact: UI spoofing; no other data confidentially affected per provided documents. Roo...

4.3CVSS5.8AI score0.00227EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:4 p.m.35 views

CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00227EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.10 views

CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.5AI score0.00227EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.9 views

Astra Linux – Vulnerability in Chromium

The incorrect security UI in Downloads in Google Chrome prior to version 119.0.6045.105 allowed a remote attacker to obfuscate the security UI through a crafted HTML page. Chromium security severity: Medium...

4.3CVSS6.3AI score0.00646EPSS
Exploits0References2
NVD
NVD
added 2026/05/14 8:17 p.m.7 views

CVE-2026-8527

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS0.00291EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 7:52 p.m.11 views

CVE-2026-8564

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.8AI score0.00163EPSS
Exploits0
EUVD
EUVD
added 2026/05/14 7:52 p.m.8 views

EUVD-2026-30463

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.10 views

CVE-2026-8551

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.0028EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder