Lucene search
K

363603 matches found

NVD
NVD
•added last week•5 views

CVE-2026-13963

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00174EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13944

Inappropriate implementation in DataTransfer in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00174EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13948

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS0.00156EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13950

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.0029EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13951

Insufficient policy enforcement in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

8.3CVSS0.00278EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13953

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00262EPSS
Exploits0References2
NVD
NVD
•added last week•3 views

CVE-2026-13943

Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00326EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13945

Insufficient policy enforcement in Extensions in Google Chrome on Linux prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...

3.1CVSS0.00156EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13946

Inappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00201EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13947

Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.0029EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13949

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00238EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13952

Inappropriate implementation in PerformanceAPIs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00201EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13934

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.00316EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13935

Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00299EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13941

Inappropriate implementation in SiteSettings in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.0023EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13942

Inappropriate implementation in Video Capture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

3.3CVSS0.00117EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13933

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00256EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13932

Inappropriate implementation in Sharing in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00288EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13937

Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00288EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13936

Inappropriate implementation in Passwords in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00288EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13938

Integer overflow in Fonts in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00316EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13939

Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

3.1CVSS0.00219EPSS
Exploits0References2
NVD
NVD
•added last week•3 views

CVE-2026-13940

Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. Chromium security severity: Medium...

6.5CVSS0.00147EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13922

Side-channel information leakage in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00299EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13921

Insufficient validation of untrusted input in DeviceBoundSessionCredentials in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13923

Uninitialized Use in GPU in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00326EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13924

Insufficient validation of untrusted input in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13925

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...

7.5CVSS0.00354EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13926

Insufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13927

Insufficient validation of untrusted input in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS0.0012EPSS
Exploits0References2
NVD
NVD
•added last week•7 views

CVE-2026-13929

Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass navigation restrictions via a malicious file. Chromium security severity: Medium...

5.5CVSS0.00131EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13928

Insufficient validation of untrusted input in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00316EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13930

Insufficient policy enforcement in Actor in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13931

Inappropriate implementation in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00254EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13910

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00265EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13912

Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00204EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13911

Insufficient policy enforcement in Spellcheck in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

5.3CVSS0.00284EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13913

Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.0017EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13914

Inappropriate implementation in Passwords in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via a malicious file. Chromium security severity: Medium...

5.5CVSS0.00113EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13916

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00204EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13915

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.0028EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13917

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00242EPSS
Exploits0References2
NVD
NVD
•added last week•8 views

CVE-2026-13919

Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00319EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13918

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.0028EPSS
Exploits0References2
NVD
NVD
•added last week•4 views

CVE-2026-13920

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.00316EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13899

Use after free in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00413EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13900

Inappropriate implementation in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Medium...

6.5CVSS0.00297EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13901

Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

9.6CVSS0.00345EPSS
Exploits0References2
NVD
NVD
•added last week•5 views

CVE-2026-13903

Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: Medium...

8.8CVSS0.00345EPSS
Exploits0References2
NVD
NVD
•added last week•6 views

CVE-2026-13902

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00217EPSS
Exploits0References2
Total number of security vulnerabilities363603