88942 matches found
CVE-2026-14140
Insufficient validation of untrusted input in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14134
Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14128
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14102
Use after free in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14084
CVE-2026-14084 affects Chromoting in Google Chrome, with the vulnerability present in Chromium components prior to 150.0.7871.47. The issue is described as insufficient validation of untrusted input, allowing a remote attacker to potentially trigger heap corruption via malicious network traffic. ...
CVE-2026-14083
Insufficient validation of untrusted input in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14076
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14072
CVE-2026-14072 relates to an Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47, enabling UI spoofing via a crafted HTML page. The underlying issue is a SplitView implementation flaw; impact is UI spoofing with Low severity per the CVSS 3.1 metrics (AV:N/AC:L/PR:N/U...
CVE-2026-14039
Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14016
The CVE-2026-14016 entry concerns Google Chrome’s SVG handling. The vulnerability arises from an inappropriate implementation in Chrome’s SVG processing prior to 150.0.7871.47, which could allow a remote attacker to leak cross-origin data via a crafted HTML page. Affects Chrome components dealing...
CVE-2026-14014
CVE-2026-14014 corresponds to an insufficiently robust Paint implementation in Google Chrome that allows UI spoofing via a crafted HTML page. Affected product: Google Chrome (Paint component); root cause: inappropriate implementation in Paint prior to version 150.0.7871.47. Impact is UI spoofing ...
CVE-2026-14013
Inappropriate implementation in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13996
CVE-2026-13996 affects Google Chrome on desktop where an inappropriate implementation in the Permissions component allows a remote attacker to trigger UI spoofing via a crafted HTML page. The root cause is an improperPermissions implementation. The issue is mitigated by a Chrome update to version...
CVE-2026-13994
Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13991
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13988
Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13979
Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13980
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13977
Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13972
CVE-2026-13972 affects Google Chrome (Paint) prior to version 150.0.7871.47. Root cause: Inappropriate implementation in Paint allowing a remote attacker to trigger UI spoofing through a crafted HTML page. Impact is UI spoofing with no data disclosure or other impacts stated; impact categories in...