Lucene search
K

363598 matches found

NVD
NVD
•added last week•5 views

CVE-2026-13990

Insufficient validation of untrusted input in DataTransfer in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00194EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13999

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

4.3CVSS0.00176EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13988

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00218EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13998

Incorrect security UI in File Input in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00154EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13994

Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00168EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13996

Inappropriate implementation in Permissions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00218EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13995

Insufficient validation of untrusted input in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00204EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13989

Inappropriate implementation in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00204EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13993

Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00154EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13991

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00169EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13992

Inappropriate implementation in UI in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00186EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13997

Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00154EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13976

Insufficient data validation in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

5.8CVSS0.0018EPSS
Exploits0References2
NVD
NVD
•added last week•9 views

CVE-2026-13978

Insufficient policy enforcement in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13979

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13981

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13980

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13986

Inappropriate implementation in Media UI in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00199EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13987

Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00168EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13977

Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

5.4CVSS0.00171EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13984

Incorrect security UI in TabStrip in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00183EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13983

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to spoof the contents of the Omnibox URL bar via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00154EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13982

Incorrect security UI in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00205EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13985

Inappropriate implementation in MediaCapture in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00254EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13972

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13970

Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00271EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13971

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00271EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13974

Integer overflow in Safe Browsing in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a malicious file. Chromium security severity: Medium...

8.1CVSS0.00266EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13968

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: Medium...

7.5CVSS0.00327EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13967

Heap buffer overflow in V8 in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00453EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13973

Inappropriate implementation in UI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00186EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13975

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00248EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13965

Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00379EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13969

Uninitialized Use in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00271EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13966

Inappropriate implementation in History in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13954

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00288EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13955

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. Chromium security severity: Medium...

3.3CVSS0.00111EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13958

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00302EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13961

Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security...

5.3CVSS0.00265EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13964

Insufficient policy enforcement in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00277EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13962

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00272EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13956

Incorrect security UI in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00199EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13960

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13963

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00174EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13957

Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

4.2CVSS0.00148EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13959

Insufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00238EPSS
Exploits0References2
NVD
NVD
•added last week•3 views

CVE-2026-13943

Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00326EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13947

Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.0029EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13950

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.0029EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13952

Inappropriate implementation in PerformanceAPIs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00201EPSS
Exploits0References2
Total number of security vulnerabilities363598