180 matches found
CVE-2026-14035
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14092
CVE-2026-14092 concerns Google Chrome: insufficient policy enforcement in Privacy could allow a user with a privileged network position to leak cross-origin data via malicious network traffic, affecting Chrome versions prior to 150.0.7871.47. The affected component is Chrome’s privacy/policy enfo...
CVE-2026-14086
CVE-2026-14086 involves an insufficient policy enforcement issue in Chrome’s HID handling prior to version 150.0.7871.47. The vulnerability allows a remote attacker to execute arbitrary code by presenting a crafted HTML page. Affected product: Google Chrome (Chromium-based). Root cause: inadequat...
CVE-2026-14050
The CVE-2026-14050 vulnerability affects Google Chrome Passwords, where insufficient policy enforcement allows a remote attacker to leak cross-origin data via a crafted HTML page. This issue is tied to Chrome/Chromium around version 150.0.7871.47; the fix is delivered in a subsequent update (as r...
CVE-2026-13954
Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13951
CVE-2026-13951 concerns Google Chrome’s USB policy enforcement. The flaw allows a remote attacker who has already compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page, indicating a vulnerability in the USB handling path. The affected product version is...
CVE-2026-13933
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13929
CVE-2026-13929 concerns Google Chrome on Android where DevTools enforcement is insufficient, allowing a local attacker to bypass navigation restrictions via a malicious file. The issue is tied to Chrome/Chromium on Android prior to version 150.0.7871.47. A patch is implied in the cited update to ...
CVE-2026-13913
CVE-2026-13913 affects Google Chrome on iOS prior to version 150.0.7871.47 . The root cause is insufficient policy enforcement in Autofill , enabling a remote attacker to leak cross-origin data via a crafted HTML page after convincing the user to perform specific UI gestures. The vulnerability co...
PT-2026-51042
Name of the Vulnerable Software and Affected Versions Capgo versions prior to 12.128.2 Description An authentication logic flaw exists where a user authorized to manage team or organization security settings can enforce mandatory two-factor authentication 2FA for all team members without having 2...
CVE-2026-56080
Capgo before 12.128.2 contains a flaw in the Enforce Password Policy feature: after a Super Admin enables the policy and successfully changes their password to a compliant one, the backend does not update the password-compliance state. As a result, the backend continues to treat the account as...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the Installer component of Google Chrome prior to version 92.0.4515.107 allowed a remote attacker to perform local privilege escalation through a crafted file...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in the WebView tag in Google Chrome prior to version 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. Chromium security severity: High...
PT-2026-49774
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.3 Description A policy enforcement issue exists where Zalo contacts with mutable display metadata can match allowFrom policy entries by changing their display names. This allows attackers with mutable display...
EUVD-2026-36619
OpenClaw before 2026.5.18 contains a policy enforcement vulnerability in system.run safe-bin allowlist validation that allows shell expansion to modify command interpretation on POSIX nodes. Authenticated operators can exploit shell metacharacters in approved commands to read unintended node-loca...
DEBIAN-CVE-2026-12024
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
CVE-2026-12024
Insufficient policy enforcement in DevTools in Google Chrome prior to 149.0.7827.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-11689
Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-11689
Insufficient policy enforcement in Passwords in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-11684
Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...