Lucene search
K

451 matches found

CVE
CVE
added 5 days ago13 views

CVE-2026-14429

CVE-2026-14429 affects Google Chrome and its Skia rendering library. Insufficient validation of untrusted input in Skia before Chrome 150.0.7871.46 can allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Impact is described a...

8.3CVSS5.8AI score0.00228EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 5 days ago6 views

EUVD-2026-40793

Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
OSV
OSV
added 6 days ago2 views

DEBIAN-CVE-2026-13941

Inappropriate implementation in SiteSettings in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 6 days ago7 views

CVE-2026-13851

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...

9.1CVSS0.00289EPSS
Exploits0References2
CVE
CVE
added 6 days ago12 views

CVE-2026-14009

The vulnerability CVE-2026-14009 affects Google Chrome (Passwords component) due to an inappropriate implementation, enabling remote exploitation to potentially cause heap corruption via a crafted HTML page. Affected builds are prior to 150.0.7871.47; the issue is described with a Chromium severi...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 6 days ago6 views

CVE-2026-13947

Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS5.8AI score0.0029EPSS
Exploits0
CVE
CVE
added 6 days ago10 views

CVE-2026-13924

CVE-2026-13924 affects WebView in Google Chrome on Android, prior to version 150.0.7871.47. The issue is insufficient validation of untrusted input in WebView, allowing a remote attacker who already compromised the renderer process to bypass the same-origin policy via a crafted HTML page. The vul...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 6 days ago3 views

CVE-2026-13853

Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

9.6CVSS5.8AI score0.0028EPSS
Exploits0
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-13848

Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.00351EPSS
Exploits0
CVE
CVE
added 6 days ago12 views

CVE-2026-13813

Summary: CVE-2026-13813 concerns Chrome for iOS where insufficient policy enforcement in the renderer allowed a sandbox escape via a crafted HTML page after renderer compromise. The issue affects Google Chrome on iOS before version 150.0.7871.47 (Chromium security severity: High). Root cause / vu...

8.3CVSS5.8AI score0.00277EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago7 views

PT-2026-54354

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Network component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...

9.6CVSS6AI score0.00413EPSS
Exploits0References438
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-13027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS5.9AI score0.00195EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 10:17 p.m.2 views

DEBIAN-CVE-2026-13283

Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

7.5CVSS6.2AI score0.00229EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/06/24 6:43 p.m.5 views

CVE-2026-13032

Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.9AI score0.00217EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

Insufficient data validation in Blink Editing in Google Chrome prior to 101.0.4951.41 allowed a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page...

6.1CVSS6.8AI score0.00685EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in Blink in Google Chrome prior to version 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

8.8CVSS8.1AI score0.06506EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Chromium

Inappropriate implementations of Skia in Google Chrome prior to version 88.0.4324.146 allowed a local attacker to spoof the contents of the Omnibox URL bar through a crafted HTML page...

4.3CVSS6.8AI score0.00845EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.10 views

Astra Linux – Vulnerability in Chromium

Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

8.8CVSS7.3AI score0.64701EPSS
Exploits1References2
OSV
OSV
added 2026/06/17 1:20 p.m.5 views

DEBIAN-CVE-2026-12447

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.3AI score0.00417EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 9:33 p.m.20 views

CVE-2026-45173

The CVE concerns Idira Identity Browser Extension for Chrome, Firefox, and Edge, with versions prior to 26.8.1. A flaw in origin validation within internal web-page verification routines could allow a remote attacker to trigger unauthorized application interaction or execution parameters within a...

8.4CVSS5.8AI score0.00161EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder