Lucene search
K

4394 matches found

NVD
NVD
added last week5 views

CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS0.00302EPSS
Exploits0References2
CVE
CVE
added last week13 views

CVE-2026-14033

CVE-2026-14033: Google Chrome on Windows has insufficient policy enforcement in Media, enabling a remote bypass of site isolation through a crafted HTML page. Affects Chrome versions prior to 150.0.7871.47; the issue is mitigated by upgrading to 150.0.7871.47 or later. Exploitation details are no...

6.5CVSS5.7AI score0.00263EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week22 views

CVE-2026-14033

Insufficient policy enforcement in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

0.00263EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week3 views

CVE-2026-14033

Insufficient policy enforcement in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

6.5CVSS5.7AI score0.00263EPSS
Exploits0
CVE
CVE
added last week14 views

CVE-2026-13919

CVE-2026-13919 describes an insufficent policy enforcement in Chrome’s Extensions on Chromium-based builds, where a crafted HTML page could enable a remote attacker with renderer access to bypass site isolation. Affected software/component: Google Chrome (Extensions/Chromium core). Root cause: po...

6.5CVSS5.7AI score0.00319EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week23 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00319EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week4 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.7AI score0.00319EPSS
Exploits0
CVE
CVE
added last week12 views

CVE-2026-13871

CVE-2026-13871 affects Google Chrome (GuestView) with insufficient policy enforcement prior to 150.0.7871.47. A remote attacker who has compromised the renderer process could bypass site isolation via a crafted HTML page. The technical impact is a bypass of isolation mechanisms within Chrome’s Gu...

6.5CVSS5.7AI score0.00272EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week21 views

CVE-2026-13871

Insufficient policy enforcement in GuestView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00272EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week3 views

CVE-2026-13871

Insufficient policy enforcement in GuestView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.7AI score0.00272EPSS
Exploits0
CVE
CVE
added last week10 views

CVE-2026-13868

Technical details (affected components, root cause, fixes) are not publicly available in the provided documents; monitor for updates from official advisories.

6.5CVSS5.7AI score0.00186EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week21 views

CVE-2026-13868

Inappropriate implementation in Network in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00186EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week5 views

CVE-2026-13868

Inappropriate implementation in Network in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.7AI score0.00186EPSS
Exploits0
Debian CVE
Debian CVE
added last week3 views

CVE-2026-13866

Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS5.7AI score0.00282EPSS
Exploits0
CVE
CVE
added last week9 views

CVE-2026-13866

CVE-2026-13866 affects Google Chrome on Android prior to 150.0.7871.47. The issue is an inappropriate implementation in Input that lets a remote attacker with renderer access bypass site isolation via a crafted HTML page. Impact is a site-isolation bypass with potential access to other origins; n...

6.5CVSS5.7AI score0.00282EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week22 views

CVE-2026-13866

Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

0.00282EPSS
Exploits0References2
Cvelist
Cvelist
added last week24 views

CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

0.00302EPSS
Exploits0References2
Debian CVE
Debian CVE
added last week5 views

CVE-2026-13806

Insufficient validation of untrusted input in Accessibility in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.7AI score0.00302EPSS
Exploits0
CVE
CVE
added last week11 views

CVE-2026-13806

CVE-2026-13806 affects Google Chrome on desktop. The vulnerability arises from insufficient validation of untrusted input in Accessibility, allowing a renderer process compromise to bypass site isolation via a crafted HTML page. Affected versions are prior to 150.0.7871.47. The Chrome stable chan...

8.1CVSS5.7AI score0.00302EPSS
Exploits0References2Affected Software1
NVD
NVD
added last week10 views

CVE-2026-58174

Hermes WebUI before 0.51.521 validates the workspace of an imported session under the active named profile but constructs the Session object without setting its profile in the /api/session/import handler, so the imported session is persisted with a null profile. Because a null profile is treated ...

6.5CVSS0.00265EPSS
Exploits0References5
Rows per page
Query Builder