Lucene search
K

60 matches found

EUVD
EUVD
added 14 hours ago3 views

EUVD-2026-40829

Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score
Exploits0References3
EUVD
EUVD
added 2026/06/17 6:35 p.m.8 views

EUVD-2026-37542

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

4.2CVSS5.3AI score0.00136EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.16 views

PT-2026-50207

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site isolation is a...

9.6CVSS5.8AI score0.00601EPSS
Exploits0References40
Debian CVE
Debian CVE
added 2026/06/11 8:48 p.m.7 views

CVE-2026-12017

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

3.1CVSS5.3AI score0.00208EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.7 views

SUSE CVE-2026-11026

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00166EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.9 views

SUSE CVE-2026-11168

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00229EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/05 12:31 a.m.9 views

EUVD-2026-34361

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.8AI score0.0028EPSS
Exploits0References3
OSV
OSV
added 2026/06/04 11:17 p.m.4 views

DEBIAN-CVE-2026-11149

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS5.5AI score0.00221EPSS
Exploits0References1
CVE
CVE
added 2026/06/04 11:6 p.m.32 views

CVE-2026-11308

Summary : CVE-2026-11308 describes an insecure implementation in Google Chrome’s Extensions handling prior to version 149.0.7827.53. Affected software/area : Google Chrome — Extensions module. Root cause : Inappropriate implementation in Extensions, enabling privilege escalation. Impact : An atta...

6.3CVSS5.8AI score0.00099EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/04 11:5 p.m.22 views

CVE-2026-11239

CVE-2026-11239 affects Google Chrome extensions. Insecure or inappropriate implementation in Extensions prior to 149.0.7827.53 allows a remote attacker who has already compromised the renderer process to escalate privileges through a crafted HTML page. The CVSS score is 7.5 (HIGH) with impact to ...

7.5CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.28 views

CVE-2026-11230

Use after free in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...

0.00242EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.8 views

CVE-2026-11168

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00229EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/04 11:5 p.m.7 views

CVE-2026-11129

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.5AI score0.00176EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11048

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: Medium...

6.5CVSS5.4AI score0.00158EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.6 views

CVE-2026-11020

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted XML file. Chromium security severity: Medium...

5.5AI score0.00221EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.5 views

CVE-2026-11014

Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass site isolation via a crafted Chrome Extension. Chromium security severity: Medium...

5.4AI score0.00214EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/04 12:0 a.m.7 views

PT-2026-46766

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00221EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.12 views

PT-2026-46756

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Extensions allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that...

8.8CVSS6AI score0.00242EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.7 views

PT-2026-46656

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, b...

9.6CVSS5.8AI score0.00493EPSS
Exploits0References437
SUSE CVE
SUSE CVE
added 2026/03/12 2:4 p.m.2 views

SUSE CVE-2026-3919

Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References3
Rows per page
Query Builder