Lucene search
K

2102 matches found

EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42482

Use after free in Extensions in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: High...

6AI score0.00154EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added last week7 views

CVE-2026-15108

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

6AI score0.00125EPSS
Exploits0References3Affected Software1
Debian CVE
Debian CVE
added last week5 views

CVE-2026-15108

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

4.3CVSS6AI score0.00125EPSS
Exploits0
CVE
CVE
added last week66 views

CVE-2026-15108

CVE-2026-15108: In Google Chrome, an Integer overflow in the Extensions API prior to 150.0.7871.115 allows an attacker to trigger an out-of-bounds memory read by convincing a user to install a crafted extension. Affected product: Google Chrome (Extensions API). Root cause: integer overflow in the...

4.3CVSS6AI score0.00125EPSS
Exploits0References2Affected Software1
CVE
CVE
added last week48 views

CVE-2026-15110

The CVE-2026-15110 entry concerns Google Chrome: a use-after-free in the Extensions component that can lead to heap corruption. Affected software is Chrome prior to version 150.0.7871.115; the underlying cause is use-after-free within the Extensions handling, exploitable when a user is convinced ...

8.8CVSS6AI score0.00154EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added last week33 views

CVE-2026-15108

Integer overflow in Extensions API in Google Chrome prior to 150.0.7871.115 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted Chrome Extension. Chromium security severity: High...

0.00125EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56629

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.115 Description A use after free issue exists within the Extensions component. This occurs when a program continues to use a pointer after it has been freed, which can lead to heap corruption. An...

9.6CVSS5.9AI score0.00306EPSS
Exploits0References35
EUVD
EUVD
added 2026/07/02 12:31 a.m.6 views

EUVD-2026-41182

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00189EPSS
Exploits0References3
OSV
OSV
added 2026/07/01 11:16 p.m.5 views

DEBIAN-CVE-2026-14406

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.9CVSS5.8AI score0.00189EPSS
Exploits0References1
NVD
NVD
added 2026/07/01 11:16 p.m.7 views

CVE-2026-14406

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.9CVSS0.00189EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.26 views

CVE-2026-14406

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

0.00189EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14406

Out of bounds read in V8 in Google Chrome prior to 150.0.7871.46 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Medium...

5.9CVSS5.8AI score0.00189EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2026/07/01 11:28 a.m.3 views

CVE-2026-13323

In Open VSX Registry before 1.0.2, the /vscode/unpkg/ endpoint serves user-supplied HTML files with Content-Type: text/html and without a Content-Security-Policy or Content-Disposition: attachment response header. An unauthenticated attacker can register a publisher account, upload a VSIX...

4.1CVSS6AI score0.0019EPSS
Exploits1References4
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40841

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00129EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40768

Insufficient policy enforcement in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.8 views

EUVD-2026-40749

Inappropriate implementation in Views in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information from process memory via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.0024EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.10 views

EUVD-2026-40727

Use after free in BrowserTag in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.0021EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.7 views

EUVD-2026-40734

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. Chromium security severity: Low...

5.8AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40687

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00176EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40691

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

5.8AI score0.00148EPSS
Exploits0References3
Rows per page
Query Builder