Lucene search
K

30 matches found

NVD
NVD
added yesterday4 views

CVE-2026-13988

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
NVD
NVD
added yesterday3 views

CVE-2026-13979

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
NVD
NVD
added yesterday2 views

CVE-2026-13922

Side-channel information leakage in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-14014

CVE-2026-14014 concerns Google Chrome’s Paint UI, where an inappropriate implementation allows a remote attacker to perform UI spoofing through a crafted HTML page. The vulnerability is described as affecting Chrome builds prior to version 150.0.7871.47 . This implies a patch public in or after 1...

5.8AI score
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.6 views

SUSE CVE-2026-11132

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.7 views

SUSE CVE-2026-11133

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.6 views

SUSE CVE-2026-11139

Inappropriate implementation in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:44 a.m.7 views

SUSE CVE-2026-11142

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.13 views

EUVD-2026-34593

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00202EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34594

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.8AI score0.00202EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 12:17 a.m.9 views

CVE-2026-11289

Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

6.5CVSS0.00197EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-11133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page...

6.5CVSS5.5AI score0.00202EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2026-11289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

6.5CVSS5.4AI score0.00197EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.7 views

CVE-2026-11142

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00201EPSS
Exploits0References2
OSV
OSV
added 2026/06/04 11:17 p.m.5 views

DEBIAN-CVE-2026-11142

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/06/04 11:17 p.m.6 views

CVE-2026-11133

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00202EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:6 p.m.23 views

CVE-2026-11289

Affected software: Google Chrome (Chromium); component: Paint. Vulnerable until Chrome version 149.0.7827.53. Issue: side-channel information leakage allowing a remote attacker to exfiltrate cross-origin data via a crafted HTML page. Root cause details are not explicitly stated in the provided do...

6.5CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/04 11:5 p.m.6 views

CVE-2026-11142

Insufficient policy enforcement in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00201EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.17 views

CVE-2026-11142

CVE-2026-11142 affects Google Chrome (Chromium-based) via insufficient policy enforcement in Paint, allowing a remote attacker to bypass the same-origin policy through a crafted HTML page. The issue originates in Chromium/Paint handling and is associated with a fix in Chrome’s 149.0.7827.53 timef...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder