Lucene search
K

5051 matches found

CVE
CVE
added 2026/07/01 10:21 p.m.17 views

CVE-2026-14428

The CVE-2026-14428 entry covers Google Chrome on Android (Dawn) with insufficient validation of untrusted input, allowing a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Affected software is Chrome on Android, spe...

8.3CVSS5.8AI score0.00259EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.24 views

CVE-2026-14428

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00259EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.24 views

CVE-2026-14412

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

0.00237EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 10:21 p.m.18 views

CVE-2026-14412

The CVE-2026-14412 entry concerns ANGLE in Google Chrome with insufficient validation of untrusted input. Attack vector involves a remote attacker who has already compromised the renderer process and could potentially escape the sandbox through a crafted HTML page. Affected product context is Goo...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.7 views

CVE-2026-14428

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00259EPSS
Exploits0
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14412

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00237EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/01 10:21 p.m.8 views

CVE-2026-14401

Insufficient validation of untrusted input in ANGLE in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.16 views

CVE-2026-14401

CVE-2026-14401 affects Google Chrome on Android through ANGLE, where insufficient validation of untrusted input in ANGLE prior to 150.0.7871.46 enables a renderer-Process-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is described as high ...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.22 views

CVE-2026-14410

Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

0.0019EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.5 views

CVE-2026-14410

Inappropriate implementation in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.0019EPSS
Exploits0
Cvelist
Cvelist
added 2026/07/01 10:21 p.m.19 views

CVE-2026-14427

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

0.00245EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/07/01 10:21 p.m.6 views

CVE-2026-14427

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS6.1AI score0.00245EPSS
Exploits0
CVE
CVE
added 2026/07/01 10:21 p.m.24 views

CVE-2026-14427

CVE-2026-14427 : Heap buffer overflow in Skia used by Google Chrome prior to 150.0.7871.46. A remote attacker who already compromised the renderer could potentially escape the sandbox via a crafted HTML page. Affected: Chrome/Skia stack (Chrome 150 pre-release fix applies). Root cause: heap buffe...

8.3CVSS6.1AI score0.00245EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/07/01 8:44 p.m.35 views

CVE-2026-55661 TinaCMS rich-text (slatejson) rendering does not sanitize link/image URLs, allowing stored XSS via dangerous URL schemes

Tina is a headless content management system. In versions prior to @tinacms/mdx 2.1.7 and tinacms 3.9.3, rich-text parsing and the default link/image renderers did not sanitize the url field on Slate link/image nodes. Content containing javascript: or data:text/html URLs — including case-variant,...

4.8CVSS0.00239EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/01 12:34 a.m.4 views

EUVD-2026-40838

Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0022EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.5 views

EUVD-2026-40837

Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00152EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.5 views

EUVD-2026-40843

Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.002EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40839

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.0023EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.9 views

EUVD-2026-40829

Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00173EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 12:34 a.m.6 views

EUVD-2026-40796

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

5.8AI score0.00253EPSS
Exploits0References3
Rows per page
Query Builder