EUVD-2026-34371

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via malicious network traffic. Chromium security severity: High...

DEBIAN-CVE-2026-11238

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Low...

DEBIAN-CVE-2026-10922

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via malicious network traffic. Chromium security severity: High...

CVE-2026-11250

Inappropriate implementation in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

CVE-2026-11092

Summary of CVE-2026-11092 : Google Chrome’s DevTools policy enforcement is insufficient before version 149.0.7827.53. An attacker could persuade a user to install a crafted (malicious) Chrome Extension to execute privilege escalation. Affected software: Chrome with DevTools; trigger requires user...

CVE-2026-10980

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в firefox

The sourceMapURL feature in devtools lacked security checks, which would have prevented a webpage from attempting to include local files or other files that should be inaccessible. This vulnerability affects Firefox versions earlier than 99...

Astra Linux - уязвимость в chromium

Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...

Astra Linux - уязвимость в chromium

Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Inappropriate implementation in DevTools in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially perform a sandbox escape through a crafted Chrome Extension...

SUSE CVE-2026-7913

Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...

SUSE CVE-2026-7915

Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

CVE-2026-7915

Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: High...

CVE-2026-7913

Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: High...

PT-2026-38201

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in DevTools allows an attacker to perform UI spoofing via a crafted Chrome Extension, provided they can convince a user to install the malicious extensio...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.117 contained a resource management vulnerability. This vulnerability stemmed from the reusing of resources after they were released in DevTools, allowing remote attackers who had compromised the...

CVE-2026-5901

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. Chromium security severity: Low...

EUVD-2026-9487

Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

CVE-2026-3539

Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

CVE-2025-13632

CVE-2025-13632 affects Google Chrome/Chromium DevTools, where an inappropriate DevTools implementation allowed sandbox escape when a user installed a crafted malicious extension. The vulnerable component is DevTools in Chrome, with exploitation tied to extension installation. The issue stems from...