75304 matches found
CVE-2026-15130
Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-15128
Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...
CVE-2026-15130
CVE-2026-15130 affects Google Chrome navigation policy enforcement. The vulnerability arises from insufficient policy enforcement in Navigation, enabling a remote attacker to bypass site isolation via a crafted HTML page. A fix is available in the Stable channel: Windows/Mac 150.0.7871.114/115 an...
CVE-2026-15124
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-15126
Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15124
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-15126
Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15125
Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15125
Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15126
Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15124
CVE-2026-15124 affects Google Chrome; vulnerability in the Passwords component due to insufficient policy enforcement allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Impact is a cross-origin bypass as described in the public advisories. Remediation: update to Ch...
CVE-2026-15125
The CVE-2026-15125 entry refers to Google Chrome’s Forms handling with an inappropriate implementation, affecting Chrome versions prior to 150.0.7871.115. The root cause is in the Forms component, enabling a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. The...
CVE-2026-15126
CVE-2026-15126 affects Google Chrome: a use-after-free in the Forms component can allow a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected software: Google Chrome versions prior to 150.0.7871.115. Root cause: use-after-free in Forms. Impact: high seve...
CVE-2026-15122
Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-15121
Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15121
Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15123
Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-15121
Use after free in WebRTC in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-15122
Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-15123
Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...