628 matches found
CVE-2026-14115
Insufficient validation of untrusted input in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14115
Insufficient validation of untrusted input in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14113
The CVE-2026-14113 entry describes a use-after-free in Chrome’s Updater on Windows before 150.0.7871.47. A remote attacker who already compromised the renderer could potentially escape the sandbox via a crafted HTML page. The issue is tied to the Chromium-based Updater component; exact root cause...
CVE-2026-14109
Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14106
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14097
Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14096
Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14093
Use after free in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14089
Insufficient validation of untrusted input in PopupBlocker in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14087
Heap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14056
Consolidated details across CVE-2026-14056 entries indicate an issue in Google Chrome’s media handling: Insufficient validation of untrusted input in Media could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Vers...
CVE-2026-14056
Insufficient validation of untrusted input in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Low...
CVE-2026-14051
Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14049
CVE-2026-14049 affects Google Chrome versions with an inappropriate GPU implementation prior to 150.0.7871.47. A remote attacker who has compromised the renderer process can obtain potentially sensitive information from process memory via a crafted HTML page. Impact is described as Low severity; ...
CVE-2026-14045
CVE-2026-14045 affects Google Chrome (Chromium-based). The vulnerability is due to insufficient validation of untrusted input in the Network component, allowing a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page. Impact is cross-origin dat...
CVE-2026-14045
Insufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13985
Inappropriate implementation in MediaCapture in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13982
Concretely, CVE-2026-13982 affects Google Chrome (Chromium-based) Passwords UI, where incorrect security UI allowed a remote attacker who compromised the renderer process to perform UI spoofing via a crafted HTML page. The vulnerability is tied to rendering context abuse and is exploitable withou...
CVE-2026-13982
Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13939
Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...