Lucene search
+L

90559 matches found

NVD
NVD
added 5 days ago6 views

CVE-2026-15778

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00263EPSS
Exploits0References2
OSV
OSV
added 5 days ago5 views

DEBIAN-CVE-2026-15771

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

5.3CVSS6.1AI score0.00274EPSS
Exploits0References1
OSV
OSV
added 5 days ago8 views

DEBIAN-CVE-2026-15766

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 5 days ago8 views

DEBIAN-CVE-2026-15770

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References1
OSV
OSV
added 5 days ago7 views

DEBIAN-CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS6.1AI score0.00208EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-15768

Insufficient policy enforcement in HTML-in-Canvas in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS0.00208EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-15772

Use after free in GPU in Google Chrome on Android prior to 150.0.7871.125 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS0.00221EPSS
Exploits0References2
OSV
OSV
added 5 days ago6 views

DEBIAN-CVE-2026-15764

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS6.1AI score0.00268EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-15764

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

7.5CVSS0.00268EPSS
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-48253

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00168EPSS
Exploits0References1
NVD
NVD
added 5 days ago5 views

CVE-2026-48254

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00168EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-48260

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00168EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-48261

Adobe Experience Manager is affected by a DOM-based Cross-Site Scripting XSS vulnerability. An attacker could exploit this issue by manipulating the DOM environment to execute malicious JavaScript within the context of the victim's browser. Exploitation of this issue requires user interaction in...

5.4CVSS0.00168EPSS
Exploits0References1
CVE
CVE
added 5 days ago13 views

CVE-2026-15777

CVE-2026-15777 – Use-after-free in the Chrome UI on Linux prior to 150.0.7871.125 can allow a remote attacker to induce heap corruption by tricking a user into performing specific UI gestures on a crafted HTML page. Affected product: Google Chrome (Linux UI subsystem). Root cause: use-after-free ...

7.5CVSS6.1AI score0.0026EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago13 views

CVE-2026-15778

CVE-2026-15778 affects Google Chrome navigation logic prior to version 150.0.7871.125, due to insufficient validation of untrusted input in Navigation. An attacker who compromises the renderer could bypass navigation restrictions via a crafted HTML page. The issue is addressed in Chrome 150.0.787...

6.5CVSS6.1AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago15 views

CVE-2026-15774

CVE-2026-15774 is a Use-after-free in Skia affecting Google Chrome prior to 150.0.7871.125. The issue could allow a remote attacker (with renderer access) to escape the Chrome sandbox via a crafted HTML page. Public references show a Chrome security update (Stable Channel) and list this CVE among...

8.3CVSS6.1AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago9 views

CVE-2026-15775

CVE-2026-15775 affects Google Chrome's V8 under a pre-150.0.7871.125 build. The issue is an inappropriate implementation that allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. Impact is described as high in Chromium notes, with exploitation requiring user interac...

6.5CVSS6.1AI score0.00208EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 5 days ago33 views

CVE-2026-15775

Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.125 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

0.00208EPSS
Exploits0References2
CVE
CVE
added 5 days ago12 views

CVE-2026-15770

CVE-2026-15770 affects Google Chrome (V8) prior to 150.0.7871.125. The issue is an uninitialized use in V8 that can allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. Impact is confined to information disclosure; no exploit details or in-the-wi...

6.5CVSS6.1AI score0.00315EPSS
Exploits0References2Affected Software1
CVE
CVE
added 5 days ago7 views

CVE-2026-48260

Adobe Experience Manager is affected by a DOM-based XSS vulnerability (CVE-2026-48260). The issue allows an attacker to manipulate the DOM to execute malicious JavaScript in the victim’s browser. Exploitation requires user interaction (victim visits a crafted page). CVSS v3.1: AV:N/AC:L/PR:L/UI:R...

5.4CVSS6.1AI score0.00168EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder