1878 matches found
EUVD-2026-40815
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40817
Incorrect security UI in Omnibox in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40755
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40764
Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40693
Use after free in Omnibox in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-40717
Inappropriate implementation in SplitView in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40594
Insufficient validation of untrusted input in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via malicious network traffic. Chromium security severity: Medium...
EUVD-2026-40528
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: High...
CVE-2026-14030
Inappropriate implementation in SplitView in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13983
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14130
CVE-2026-14130 affects Google Chrome’s Omnibox security UI. A crafted HTML page can trigger UI spoofing due to an incorrect security UI implementation in Chrome before version 150.0.7871.47 (Chromium security severity: Low). Affected: Chrome Omnibox UI; Root cause: improper UI isolation in Omnibo...
CVE-2026-14128
The CVE-2026-14128 entry concerns Chrome on iOS where an inappropriate implementation allowed a remote attacker to spoof the Omnibox (URL bar) via a crafted HTML page. Affected software is Google Chrome on iOS, with versions prior to 150.0.7871.47. The underlying root cause is the improper handli...
CVE-2026-14123
Chrome for iOS (Google Chrome) is affected by an incorrect security UI vulnerability that allowed a remote attacker to spoof the Omnibox (URL bar) through a crafted HTML page. The flaw exists in Chrome on iOS prior to version 150.0.7871.47 and concerns the UI security of the Chromium-based browse...
CVE-2026-14077
The CVE-2026-14077 affects Google Chrome on macOS, where an Inappropriate implementation in Select allows spoofing the Omnibox (URL bar) via a crafted HTML page. Affected version set is prior to 150.0.7871.47 (Chromium baseline), with the Chromium/Chrome update referenced in the public advisories...
CVE-2026-14030
Inappropriate implementation in SplitView in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14030
Summary: CVE-2026-14030 affects Google Chrome on Linux prior to 150.0.7871.47. The issue is an improper implementation in SplitView that allowed a remote attacker who enticed a user to perform specific UI gestures to spoof the Omnibox (URL bar) via a crafted HTML page. Impact (as described): Spoo...
CVE-2026-14005
CVE-2026-14005 : In Google Chrome for Android, a use-after-free in the Omnibox can allow a remote attacker who tricks a user into specific UI gestures to potentially trigger heap corruption via a crafted HTML page. Affected: Chrome on Android, Omnibox component; vulnerable in versions prior to 15...
CVE-2026-13983
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13983
CVE-2026-13983 affects Chrome for iOS prior to 150.0.7871.47. Affected component: Chrome on iOS/webview rendering Omnibox UI. Root cause: inappropriate implementation allowed a remote attacker to spoof the Omnibox contents via a crafted HTML page when a user is tricked into performing specific UI...
CVE-2026-13908
CVE-2026-13908 concerns Google Chrome on iOS, where the Omnibox component failed to validate untrusted input. The issue could allow a remote attacker, by convincing a user to perform specific UI gestures, to bypass navigation restrictions via malicious network traffic. Affected software is Chrome...