Lucene search
+L

734 matches found

NVD
NVD
added 3 days ago4 views

CVE-2026-15778

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00263EPSS
Exploits0References2
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2026/07/08 12:0 a.m.9 views

Stable Channel Update for Desktop

The Stable channel has been updated to 150.0.7871.114/.115 for Windows and Mac and 150.0.7871.114 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

9.6CVSS5.9AI score0.00306EPSS
Exploits0Affected Software1
OSV
OSV
added 2026/06/30 11:17 p.m.4 views

DEBIAN-CVE-2026-14067

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.9 views

CVE-2026-13970

Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00271EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.7 views

CVE-2026-14089

Insufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.0019EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-13955

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Medium...

0.00111EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:37 p.m.24 views

CVE-2026-13848

CVE-2026-13848 : Use-after-free in Chrome Forms allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected software: Google Chrome versions prior to 150.0.7871.47 (Chromium-based). Root cause: use-after-free within Forms handling. Impact: high (remote ...

8.8CVSS6.2AI score0.00351EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54058

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Skia allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References454
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.11 views

PT-2026-54235

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in Blink allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script load...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.16 views

PT-2026-54149

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input in the WebAppInstalls component occurs when handling Web App install-related data. This trust boundary failure allows crafted file...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54214

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Passwords component allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted HTML page...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.12 views

PT-2026-54089

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input allows a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. This occurs when a user is convinced to...

9.8CVSS6.2AI score0.00413EPSS
Exploits0References447
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2026/06/16 12:0 a.m.13 views

Stable Channel Update for Desktop

The Stable channel has been updated to 149.0.7827.155/.156 for Windows and Mac and 149.0.7827.155 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

9.6CVSS5.6AI score0.00601EPSS
Exploits0Affected Software1
Cvelist
Cvelist
added 2026/06/11 8:48 p.m.39 views

CVE-2026-12014

Use after free in Cast in Google Chrome prior to 149.0.7827.115 allowed an attacker on the local network segment to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: High...

0.00174EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/08 11:27 p.m.10 views

CVE-2026-11688

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6AI score0.00256EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/06/08 11:27 p.m.41 views

CVE-2026-11667

Out of bounds read in WebRTC in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the GPU process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

0.00215EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.17 views

CVE-2026-11211

Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.0028EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:17 p.m.10 views

CVE-2026-11166

Inappropriate implementation in SVG in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.8CVSS0.00205EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:6 p.m.36 views

CVE-2026-11265

CVE-2026-11265 concerns Google Chrome’s Autofill. The issue is described as an inappropriate implementation that could allow a remote attacker to leak cross-origin data via a crafted HTML page. Affected software is Google Chrome (Chromium-based), with the fixed/patch version cited as 149.0.7827.5...

7.5CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11216

Incorrect security UI in File Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0015EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder