1735 matches found
CVE-2026-14702
Technical details are not publicly available in the provided documents. Monitor for updates to the CVE entry and connected sources for further information.
CVE-2026-54259
creationtimestamp| type| source ---|---|--- 2026-07-02 14:35:27+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpoaw3jyg32y 2026-07-03 13:22:59+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mpqndfs6nq2f...
EUVD-2026-41180
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14429
CVE-2026-14429 affects Google Chrome and its Skia rendering library. Insufficient validation of untrusted input in Skia before Chrome 150.0.7871.46 can allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Impact is described a...
EUVD-2026-40793
Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-13941
Inappropriate implementation in SiteSettings in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13851
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: High...
CVE-2026-14009
The vulnerability CVE-2026-14009 affects Google Chrome (Passwords component) due to an inappropriate implementation, enabling remote exploitation to potentially cause heap corruption via a crafted HTML page. Affected builds are prior to 150.0.7871.47; the issue is described with a Chromium severi...
CVE-2026-13947
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13924
CVE-2026-13924 affects WebView in Google Chrome on Android, prior to version 150.0.7871.47. The issue is insufficient validation of untrusted input in WebView, allowing a remote attacker who already compromised the renderer process to bypass the same-origin policy via a crafted HTML page. The vul...
CVE-2026-13853
Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13848
Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13813
Summary: CVE-2026-13813 concerns Chrome for iOS where insufficient policy enforcement in the renderer allowed a sandbox escape via a crafted HTML page after renderer compromise. The issue affects Google Chrome on iOS before version 150.0.7871.47 (Chromium security severity: High). Root cause / vu...
PT-2026-54354
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description Insufficient policy enforcement in the Network component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script...
Linux Distros Unpatched Vulnerability : CVE-2026-13027
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
DEBIAN-CVE-2026-13283
Use after free in AdFilter in Google Chrome on Android prior to 149.0.7827.201 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-13032
Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-10789
A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current...
CVE-2026-10789 MCP Extension Code Injection Vulnerability in Autodesk Fusion Desktop
A maliciously crafted webpage, when visited by a user with Autodesk Fusion Desktop running and the MCP extension enabled, can trigger a vulnerability in the MCP extension that could allow arbitrary code execution. A successful exploit may allow code to execute with the privileges of the current...
CVE-2026-10789
Summary: CVE-2026-10789 is a code-injection vulnerability in the MCP extension for Autodesk Fusion Desktop. A malicious webpage visited by a user with Fusion Desktop running and MCP enabled can trigger arbitrary code execution with the current user’s privileges. The CVSS 3.1 score is 9.6 (CRITICA...