121 matches found
CVE-2026-13851
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...
CVE-2026-14138
Inappropriate implementation in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14131
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14122
The CVE-2026-14122 entry describes an issue in Google Chrome on Windows affecting the WebAppInstalls component of Chromium. The root cause is insufficient validation of untrusted input, allowing a remote attacker to perform arbitrary read/write via a crafted HTML page. The vulnerability impacts C...
CVE-2026-14114
Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Low...
CVE-2026-14114
The vulnerability CVE-2026-14114 affects Google Chrome on Android (WebAppInstalls component). An inappropriate implementation allows a local attacker to spoof UI via a malicious file. Root cause: flawed handling in WebAppInstalls leading to UI spoofing. Affected version: Chrome for Android prior ...
CVE-2026-14114
Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Low...
CVE-2026-14104
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14104
CVE-2026-14104 affects WebAppInstalls in Google Chrome prior to 150.0.7871.47. The vulnerability arises from insufficient validation of untrusted input, allowing a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. The issue is documented across multiple...
CVE-2026-14097
Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13993
The CVE-2026-13993 vulnerability affects Google Chrome WebAppInstalls via an Incorrect security UI flaw that allows domain spoofing when a user is induced to perform specific UI gestures on a crafted HTML page. Affected software is Chrome (Chromium-based) with versions prior to 150.0.7871.47. The...
CVE-2026-13881
Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13881
Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13881
CVE-2026-13881 details (concrete): In Google Chrome (Chromium WebAppInstalls) before version 150.0.7871.47, an inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. This is a network-exploitable issue with user interaction required and pot...
CVE-2026-13872
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...
CVE-2026-13872
Affected product: Google Chrome on Android (before version 150.0.7871.47). The vulnerability arises from insufficient validation of untrusted input in WebAppInstalls, enabling a local attacker to potentially perform a sandbox escape via a malicious file. CVE-2026-13872; Chromium-based severity li...
CVE-2026-13872
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: Medium...
CVE-2026-13851
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...
CVE-2026-13851
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...
CVE-2026-13851
The provided CVE-2026-13851 entry concerns Google Chrome on Android, where WebAppInstalls suffers from insufficient validation of untrusted input. A crafted HTML page can bypass discretionary access control due to this flaw, with the issue affecting Chrome versions prior to 150.0.7871.47. The con...