Lucene search
K

18213 matches found

CVE
CVE
added last week15 views

CVE-2026-13890

CVE-2026-13890 describes an out-of-bounds read in Chromecast within Google Chrome before version 150.0.7871.47. An attacker who already compromised the renderer process could exploit a crafted HTML page to read potentially sensitive information from process memory. The impact is data leakage of m...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References2Affected Software1
CVE
CVE
added last week12 views

CVE-2026-13889

Consolidated analysis for CVE-2026-13889: A side-channel information leakage in WebAuthentication on Google Chrome for iOS (Chromium-based) affects the WebAuthentication component. The vulnerability allows a remote attacker to leak cross-origin data through a crafted HTML page. Affected product/a...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week21 views

CVE-2026-13888

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00351EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week3 views

CVE-2026-13890

Out of bounds read in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.00264EPSS
Exploits0
CVE
CVE
added last week14 views

CVE-2026-13887

The CVE-2026-13887 entry relates to Google Chrome for Android, where an inappropriate NFC implementation before version 150.0.7871.47 allowed a remote attacker who had already compromised the renderer process to leak cross-origin data via a crafted HTML page. This is triggered by a renderer compr...

6.5CVSS5.8AI score0.0017EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week22 views

CVE-2026-13887

Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added last week23 views

CVE-2026-13886

Insufficient policy enforcement in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

0.00242EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week5 views

CVE-2026-13886

Insufficient policy enforcement in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00242EPSS
Exploits0
Debian CVE
Debian CVE
added last week5 views

CVE-2026-13883

Type Confusion in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00306EPSS
Exploits0
Cvelist
Cvelist
added last week21 views

CVE-2026-13885

Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

0.00379EPSS
Exploits0References2
CVE
CVE
added last week13 views

CVE-2026-13882

CVE-2026-13882 describes a race in USB handling in Google Chrome before 150.0.7871.47 that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue is documented across NVD, Debian, EUVD, and other feeds with a consistent desc...

9.6CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added last week3 views

CVE-2026-13881

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.8AI score0.00211EPSS
Exploits0
CVE
CVE
added last week12 views

CVE-2026-13880

Google Chrome for macOS prior to 150.0.7871.47 is affected by CVE-2026-13880 due to a use-after-free in USB handling that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue affects Chrome on Mac, with the mitigation bein...

9.6CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week22 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.00224EPSS
Exploits0References2
Cvelist
Cvelist
added last week21 views

CVE-2026-13881

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

0.00211EPSS
Exploits0References2
Cvelist
Cvelist
added last week22 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

0.0028EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week5 views

CVE-2026-13880

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.0028EPSS
Exploits0
Debian CVE
Debian CVE
added last week4 views

CVE-2026-13882

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.00224EPSS
Exploits0
CVE
CVE
added last week11 views

CVE-2026-13878

CVE-2026-13878: A use-after-free in Bluetooth in Google Chrome on macOS (before 150.0.7871.47) could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected product: Google Chrome on macOS; root cause: use-after-free in ...

9.6CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added last week4 views

CVE-2026-13878

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS5.8AI score0.0028EPSS
Exploits0
Rows per page
Query Builder