Lucene search
K

719 matches found

Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.9 views

PT-2026-54051

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists within the Extensions component. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. An...

9.8CVSS6.1AI score0.00413EPSS
Exploits0References450
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54328

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendations...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.6 views

PT-2026-54279

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in Extensions allows an attacker to leak cross-origin data. This occurs when a user is convinced to install a malicious extension, which can then be used...

9.8CVSS6AI score0.00413EPSS
Exploits0References447
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.5 views

PT-2026-54273

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 150.0.7871.47 Description Incorrect security UI in Extensions allows a remote attacker to perform UI spoofing via a crafted HTML page if a user is convinced to engage in specific UI gestures. UI...

9.8CVSS6AI score0.00413EPSS
Exploits0References446
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-54417

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page. UI spoofing is a...

9.8CVSS6AI score0.00413EPSS
Exploits0References448
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54165

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A use after free issue exists within the Extensions component. This flaw allows a remote attacker to execute arbitrary code inside a sandbox by inducing the user to visit a specially...

9.8CVSS6.3AI score0.00413EPSS
Exploits0References448
NVD
NVD
added 2026/06/24 10:16 p.m.14 views

CVE-2026-54069

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan Note's kernel HTTP server unconditionally trusts all chrome-extension:// origins, granting RoleAdministrator access to every installed browser extension without any authentication. Combined with the default empt...

9.2CVSS0.00607EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/06/18 2:0 a.m.10 views

SUSE CVE-2026-12445

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS5.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/06/18 1:59 a.m.10 views

SUSE CVE-2026-12467

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00222EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.12 views

EUVD-2026-37517

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.4AI score0.00222EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.10 views

EUVD-2026-37542

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.3AI score0.00136EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.11 views

EUVD-2026-37530

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS5.4AI score0.00158EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/06/17 1:51 p.m.19 views

Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats

Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins capable of exfiltrating artificial intelligence AI provider keys. "Every plugin poses as an AI coding assistant built on DeepSeek and other lar...

6.1AI score
Exploits0
NVD
NVD
added 2026/06/17 1:20 p.m.11 views

CVE-2026-12467

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00222EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 1:20 p.m.5 views

DEBIAN-CVE-2026-12467

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.3AI score0.00222EPSS
Exploits0References1
OSV
OSV
added 2026/06/17 1:20 p.m.6 views

DEBIAN-CVE-2026-12457

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.3AI score0.00136EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 1:19 p.m.9 views

CVE-2026-12445

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS0.00158EPSS
Exploits0References2
OSV
OSV
added 2026/06/17 1:19 p.m.7 views

DEBIAN-CVE-2026-12445

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

7.5CVSS5.4AI score0.00158EPSS
Exploits0References1
CVE
CVE
added 2026/06/17 1:38 a.m.33 views

CVE-2026-12467

CVE-2026-12467 corresponds to a use-after-free in Google Chrome Extensions, allowing a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected software: Google Chrome prior to version 149.0.7827.155 (Extensions component, render...

8.3CVSS5.4AI score0.00222EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/17 1:38 a.m.27 views

CVE-2026-12467

Use after free in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00222EPSS
Exploits0References2
Rows per page
Query Builder