Lucene search
K

719 matches found

Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.7 views

CVE-2026-14142

Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.4CVSS5.8AI score0.00173EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14142

Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.00173EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:39 p.m.37 views

CVE-2026-14053

CVE-2026-14053 affects Google Chrome where extensions enforcement is insufficient. A remote attacker who has already compromised the renderer process could leak cross-origin data via a crafted HTML page, due to policy enforcement gaps in Extensions before version 150.0.7871.47. The vulnerability ...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.3 views

CVE-2026-14053

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00164EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.27 views

CVE-2026-14053

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

0.00164EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.6 views

CVE-2026-14047

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS5.8AI score0.00175EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14047

CVE-2026-14047 affects Google Chrome before version 150.0.7871.47 due to insufficient policy enforcement in Extensions, enabling an attacker who persuades a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. The vulnerability’s impact is descri...

4.3CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-14003

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00148EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.29 views

CVE-2026-14003

Affected software/scope: Google Chrome extensions mechanism. Vulnerability: Insufficient policy enforcement in Chrome Extensions prior to 150.0.7871.47 allows a user-assisted attacker to leak cross-origin data when a malicious extension is installed. Underlying issue: policy enforcement weakness ...

4.3CVSS5.8AI score0.00148EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13999

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS5.8AI score0.00176EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13999

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.24 views

CVE-2026-13997

Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

0.00154EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.15 views

CVE-2026-13999

CVE-2026-13999 affects Google Chrome where insufficient validation of untrusted input in Extensions can enable UI spoofing via a crafted Chrome Extension. The vulnerability is triggered when a user is convinced to install a malicious extension, allowing spoofed UI elements as described in multipl...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.28 views

CVE-2026-13957

Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00148EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13957

Chrome extensions UXSS issue (CVE-2026-13957): Incorrect security UI in Extensions allowed a user-assisted attacker to inject arbitrary scripts/HTML via a crafted HTML page in Chrome before version 150.0.7871.47. Impact is partial and requires user interaction; update to Chrome 150.0.7871.47 or n...

4.2CVSS5.9AI score0.00148EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13948

CVE-2026-13948 : Concrete details in connected records show an insufficient policy enforcement in Google Chrome extensions prior to 150.0.7871.47, enabling a user-assisted UI spoofing attack if a user is convinced to install a malicious Chrome Extension. Root cause: policy enforcement weakness in...

3.1CVSS5.8AI score0.00156EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13948

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS5.8AI score0.00156EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.28 views

CVE-2026-13948

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

0.00156EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.5 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.7AI score0.00319EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13919

CVE-2026-13919 describes an insufficent policy enforcement in Chrome’s Extensions on Chromium-based builds, where a crafted HTML page could enable a remote attacker with renderer access to bypass site isolation. Affected software/component: Google Chrome (Extensions/Chromium core). Root cause: po...

6.5CVSS5.7AI score0.00319EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder