Lucene search
K

63 matches found

NVD
NVD
added 2 days ago5 views

CVE-2026-14001

Inappropriate implementation in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS0.00171EPSS
Exploits0References2
NVD
NVD
added 2 days ago5 views

CVE-2026-14000

Inappropriate implementation in XML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

6.1CVSS0.00171EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-14147

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS6AI score0.0016EPSS
Exploits0
CVE
CVE
added 2 days ago6 views

CVE-2026-14068

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS6AI score0.00179EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-14068

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Low...

6.1CVSS6AI score0.00179EPSS
Exploits0
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS6AI score0.00171EPSS
Exploits0
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13957

Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS5.9AI score0.00138EPSS
Exploits0
Debian CVE
Debian CVE
added 2 days ago3 views

CVE-2026-13836

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1CVSS6AI score0.00213EPSS
Exploits0
Cvelist
Cvelist
added 2 days ago20 views

CVE-2026-13812

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

0.00204EPSS
Exploits0References2
CVE
CVE
added 2 days ago7 views

CVE-2026-13812

CVE-2026-13812 affects Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47. The issue is insufficient validation of untrusted input in a crafted HTML page, enabling UXSS if a user is induced to perform specific UI gestures. The vulnerability results in potential script/HTML injec...

4.7CVSS6AI score0.00204EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/17 6:35 p.m.9 views

EUVD-2026-37548

Inappropriate implementation in Views in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

4.7CVSS5.6AI score0.00133EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 1:20 p.m.10 views

CVE-2026-12459

Inappropriate implementation in Serial in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1CVSS0.00181EPSS
Exploits0References2
CVE
CVE
added 2026/06/17 1:38 a.m.193 views

CVE-2026-12463

The CVE-2026-12463 entry corresponds to an UXSS vulnerability in Google Chrome on Linux, caused by an inappropriate implementation in Views that allowed a compromised renderer to inject arbitrary scripts/HTML via a crafted HTML page. Affected product is Chrome on Linux, with the issue present pri...

4.7CVSS5.6AI score0.00133EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/06/09 8:52 p.m.8 views

CVE-2026-11799 UXSS in Focus for iOS / Klar Webkit navigation

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

5.4AI score0.00216EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 8:52 p.m.22 views

CVE-2026-11799

CVE-2026-11799 concerns a UXSS flaw in Focus for iOS and Klar WebKit navigation. The affected components are Focus for iOS and Klar for iOS, with a root cause not explicitly detailed in the provided documents beyond the UXSS classification. The vulnerability is rated HIGH (CVSS 3.1: AV:N/AC:L/PR:...

7.5CVSS5.5AI score0.00216EPSS
Exploits0References2Affected Software2
Mozilla
Mozilla
added 2026/06/09 12:0 a.m.8 views

Security Vulnerabilities fixed in Focus for iOS / Klar 151.3.1 — Mozilla

CVE-2026-11799: UXSS in Focus for iOS / Klar Webkit navigation Reporter Renwa Hiwa Impact high References Bug 1975667...

7.5CVSS5.4AI score0.00216EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48265

Name of the Vulnerable Software and Affected Versions Focus for iOS versions prior to 151.3.1 Klar for iOS versions prior to 151.3.1 Description Universal Cross-Site Scripting UXSS exists in the Webkit navigation of Focus for iOS and Klar for iOS. UXSS is a security flaw that allows an attacker t...

7.5CVSS5.6AI score0.00216EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/06/07 4:50 a.m.9 views

SUSE CVE-2026-10916

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: High...

6.1CVSS5.6AI score0.00213EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:47 a.m.9 views

SUSE CVE-2026-11034

Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

6.1CVSS5.6AI score0.00182EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/06/07 4:43 a.m.5 views

SUSE CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

8.1CVSS5.6AI score0.00211EPSS
Exploits0References2
Rows per page
Query Builder