Lucene search
K

48 matches found

NVD
NVD
added 6 days ago14 views

CVE-2026-14418

Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

4.3CVSS0.00185EPSS
Exploits0References2
Debian CVE
Debian CVE
added 6 days ago4 views

CVE-2026-14410

Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.0019EPSS
Exploits0
CVE
CVE
added 2026/06/30 10:39 p.m.12 views

CVE-2026-14147

CVE-2026-14147 concerns Google Chrome prior to 150.0.7871.47, where an inappropriate implementation in CSS enables UXSS by a crafted HTML page. The vulnerability permits a remote attacker to inject arbitrary scripts or HTML, potentially affecting user sessions and page content (impacting confiden...

6.1CVSS6AI score0.00145EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14147

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

0.00145EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/30 10:39 p.m.3 views

CVE-2026-14039

Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00155EPSS
Exploits0
Cvelist
Cvelist
added 2026/06/30 10:38 p.m.24 views

CVE-2026-14003

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...

0.00148EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 10:38 p.m.10 views

CVE-2026-13916

Chrome for iOS prior to 150.0.7871.47 allows UI spoofing via a crafted HTML page due to an inappropriate implementation in Chrome for iOS. Affected: Google Chrome on iOS (Chromium-based). Impact: UI spoofing risk; Severity: Medium (CVSS v3.1 base 4.3). Root cause: inappropriate implementation as ...

4.3CVSS5.8AI score0.00204EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.7 views

PT-2026-54256

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 150.0.7871.47 Description An inappropriate implementation in Chrome for iOS allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, by...

9.6CVSS6AI score0.00413EPSS
Exploits0References440
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47468

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue in Web Apps allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use after fre...

9.6CVSS6.1AI score0.01654EPSS
Exploits4References82
NVD
NVD
added 2026/06/04 11:16 p.m.10 views

CVE-2026-10912

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.0028EPSS
Exploits0References2
NVD
NVD
added 2026/06/04 11:16 p.m.10 views

CVE-2026-10888

Use after free in Cast Streaming in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. Chromium security severity: Critical...

8.8CVSS0.00187EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.33 views

CVE-2026-11140

Out of bounds read in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

0.00229EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/04 11:4 p.m.9 views

CVE-2026-11107

Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

5.5AI score0.00227EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/05/14 7:52 p.m.8 views

CVE-2026-8522

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6.2AI score0.0028EPSS
Exploits0
NVD
NVD
added 2026/05/06 7:16 p.m.8 views

CVE-2026-7999

Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

4.3CVSS0.00163EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 6:13 p.m.36 views

CVE-2026-8004

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Low...

0.00125EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 6:12 p.m.6 views

CVE-2026-7921

Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

6.2AI score0.00267EPSS
Exploits0References2
OSV
OSV
added 2026/04/08 10:16 p.m.2 views

DEBIAN-CVE-2026-5892

Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. Chromium security severity: Medium...

6.6CVSS8.4AI score0.0017EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/04/08 9:20 p.m.4 views

CVE-2026-5898

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS8.4AI score0.00154EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/08 12:0 a.m.5 views

PT-2026-31496

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.55 Description A flaw exists in Blink, a component of Google Chrome, that could allow a remote attacker to perform UI spoofing through a specially crafted HTML page. This issue is related to an...

9.6CVSS5.8AI score0.00608EPSS
Exploits0References65
Rows per page
Query Builder