Lucene search
K

180 matches found

NVD
NVD
added yesterday2 views

CVE-2026-14035

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...

6.5CVSS
Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-14092

CVE-2026-14092 concerns Google Chrome: insufficient policy enforcement in Privacy could allow a user with a privileged network position to leak cross-origin data via malicious network traffic, affecting Chrome versions prior to 150.0.7871.47. The affected component is Chrome’s privacy/policy enfo...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday4 views

CVE-2026-14086

CVE-2026-14086 involves an insufficient policy enforcement issue in Chrome’s HID handling prior to version 150.0.7871.47. The vulnerability allows a remote attacker to execute arbitrary code by presenting a crafted HTML page. Affected product: Google Chrome (Chromium-based). Root cause: inadequat...

6.2AI score
Exploits0References2
CVE
CVE
added yesterday2 views

CVE-2026-14050

The CVE-2026-14050 vulnerability affects Google Chrome Passwords, where insufficient policy enforcement allows a remote attacker to leak cross-origin data via a crafted HTML page. This issue is tied to Chrome/Chromium around version 150.0.7871.47; the fix is delivered in a subsequent update (as r...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added yesterday7 views

CVE-2026-13954

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-13951

CVE-2026-13951 concerns Google Chrome’s USB policy enforcement. The flaw allows a remote attacker who has already compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page, indicating a vulnerability in the USB handling path. The affected product version is...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added yesterday10 views

CVE-2026-13933

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

Exploits0References2
CVE
CVE
added yesterday5 views

CVE-2026-13929

CVE-2026-13929 concerns Google Chrome on Android where DevTools enforcement is insufficient, allowing a local attacker to bypass navigation restrictions via a malicious file. The issue is tied to Chrome/Chromium on Android prior to version 150.0.7871.47. A patch is implied in the cited update to ...

5.8AI score
Exploits0References2
CVE
CVE
added yesterday3 views

CVE-2026-13913

CVE-2026-13913 affects Google Chrome on iOS prior to version 150.0.7871.47 . The root cause is insufficient policy enforcement in Autofill , enabling a remote attacker to leak cross-origin data via a crafted HTML page after convincing the user to perform specific UI gestures. The vulnerability co...

5.8AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/20 12:0 a.m.13 views

PT-2026-51042

Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An authentication logic flaw exists where a user authorized to manage team or organization security settings can enforce mandatory two-factor authentication 2FA for all team members without having 2...

5.1CVSS5.9AI score0.00206EPSS
Exploits0References8
NVD
NVD
added 2026/06/19 10:16 p.m.17 views

CVE-2026-56080

Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state. As a result, the backend continues to treat the account as...

6.9CVSS0.00299EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the Installer component of Google Chrome prior to version 92.0.4515.107 allowed a remote attacker to perform local privilege escalation through a crafted file...

7.8CVSS6.7AI score0.00952EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in the WebView tag in Google Chrome prior to version 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...

8.8CVSS5.9AI score0.06545EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.12 views

PT-2026-49774

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.3 Description A policy enforcement issue exists where Zalo contacts with mutable display metadata can match allowFrom policy entries by changing their display names. This allows attackers with mutable display...

8.6CVSS5.2AI score0.00225EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/13 12:34 a.m.11 views

EUVD-2026-36619

OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-loca...

8.3CVSS5.3AI score0.00191EPSS
Exploits0References3
OSV
OSV
added 2026/06/11 10:16 p.m.6 views

DEBIAN-CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

6.5CVSS5.4AI score0.00158EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/11 8:48 p.m.8 views

CVE-2026-12024

Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...

5.3AI score0.00158EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/10 2:30 a.m.6 views

SUSE CVE-2026-11689

Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.4AI score0.00218EPSS
Exploits0References3
OSV
OSV
added 2026/06/09 12:16 a.m.5 views

DEBIAN-CVE-2026-11689

Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

8.1CVSS5.4AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 12:16 a.m.28 views

CVE-2026-11684

Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

3.1CVSS0.00171EPSS
Exploits0References2
Rows per page
Query Builder