4261 matches found
CVE-2026-14143
Incorrect security UI in Passwords in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14075
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14067
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14068
Vulnerability: CVE-2026-14068 affects Google Chrome on iOS, caused by an inappropriate implementation in the Omnibox. The issue enables UXSS via a crafted HTML page when a user is induced to perform specific UI gestures, using Chrome versions prior to 150.0.7871.47. Impact is described as low sev...
CVE-2026-14028
Affected software: Chrome for iOS. Vulnerability: UI spoofing due to incorrect security UI in Google Chrome on iOS prior to 150.0.7871.47. Exploitation requires that a user engages in specific UI gestures, via a crafted HTML page. Impact: potential UI spoofing with low severity per Chromium. Root...
CVE-2026-13991
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13918
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13918
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13915
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13913
Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13912
Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13908
CVE-2026-13908 : Insufficient validation of untrusted input in the Omnibox of Google Chrome on iOS (before 150.0.7871.47) could allow a remote attacker to bypass navigation restrictions when a user performs specific UI gestures, via malicious network traffic. The vulnerability is documented with ...
CVE-2026-13905
Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. Chromium security severity: Medium...
CVE-2026-13904
CVE-2026-13904 describes an Inappropriate implementation in Safe Browsing for Google Chrome on iOS, where navigation restrictions could be bypassed by a remote attacker via a crafted HTML page. Affected product: Google Chrome on iOS. The root cause is an improper Safe Browsing implementation prio...
CVE-2026-13904
Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13902
CVE-2026-13902 affects Chrome on iOS (Google Chrome on iOS) prior to version 150.0.7871.47 . The issue is described as an inappropriate implementation in Chrome for iOS that allows a remote attacker to perform UI spoofing via a crafted HTML page. The vulnerability is documented across multiple so...
CVE-2026-13892
CVE-2026-13892 concerns Chrome for iOS before version 150.0.7871.47, where an inappropriate implementation allowed a remote attacker who lured a user into specific UI gestures to leak cross-origin data via a crafted HTML page. The issue affects Chrome on iOS (Chromium-based) and has a Medium seve...
CVE-2026-13862
Insufficient policy enforcement in Web Authentication Passkeys & Security Keys in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13850
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...
CVE-2026-13843
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...