Lucene search
+L

722 matches found

Cvelist
Cvelist
added 2026/06/30 10:38 p.m.30 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00319EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.9 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.7AI score0.00319EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13919

CVE-2026-13919 describes an insufficent policy enforcement in Chrome’s Extensions on Chromium-based builds, where a crafted HTML page could enable a remote attacker with renderer access to bypass site isolation. Affected software/component: Google Chrome (Extensions/Chromium core). Root cause: po...

6.5CVSS5.7AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13891

Vulnerability summary (CVE-2026-13891): Insufficient validation of untrusted input in the Extensions component of Google Chrome up to version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to escalate privileges by loading a crafted HTML page. The issue is...

7.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.6 views

CVE-2026-13891

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.8AI score0.00302EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.29 views

CVE-2026-13891

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

0.00302EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:38 p.m.7 views

CVE-2026-13888

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS6.2AI score0.00351EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13888

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00351EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13888

The CVE-2026-13888 entry concerns a use-after-free in Chrome’s Extensions component affecting Chrome builds prior to 150.0.7871.47. The vulnerability allows a remote attacker to execute arbitrary code inside the Chrome sandbox via a crafted HTML page. Affected software: Google Chrome (Extensions ...

8.8CVSS6.2AI score0.00351EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:37 p.m.22 views

CVE-2026-13824

CVE-2026-13824 concerns Google Chrome extensions policy enforcement. The issue is described as insufficient policy enforcement in Chrome’s Extensions, allowing a remote attacker who has compromised the renderer process to escalate privileges via a crafted HTML page. The public notes specify the v...

7.5CVSS5.8AI score0.00277EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.29 views

CVE-2026-13824

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

0.00277EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.8 views

CVE-2026-13824

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

7.5CVSS5.8AI score0.00277EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/30 10:37 p.m.7 views

CVE-2026-13774

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

8.1CVSS6.1AI score0.00303EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:37 p.m.43 views

CVE-2026-13774

CVE-2026-13774: Use-after-free in Chrome Extensions allows arbitrary code execution when a user installs a malicious extension. Affected: Google Chrome (Extensions). Root cause: use-after-free in Extensions. Impact: potential arbitrary code execution. Mitigation: update to Chrome 150.0.7871.47 or...

8.1CVSS6.1AI score0.00303EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:37 p.m.28 views

CVE-2026-13774

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Critical...

0.00303EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54275

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient validation of untrusted input within the Extensions component allows an attacker to perform UI spoofing. This occurs when a user is convinced to install a specially crafted...

9.6CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54233

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Incorrect security UI in Extensions allows an attacker to inject arbitrary scripts or HTML via a crafted HTML page. This occurs when a user is convinced to install a malicious extension...

9.6CVSS6.2AI score0.00413EPSS
Exploits0References449
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54165

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists within the Extensions component. This flaw allows a remote attacker to execute arbitrary code inside a sandbox by inducing the user to visit a specially...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54417

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page. UI spoofing is a...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54051

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists within the Extensions component. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. An...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References450
Rows per page
Query Builder