370204 matches found
CVE-2026-14127
CVE-2026-14127 involves an inappropriate implementation in Chrome’s printing flow prior to 150.0.7871.47. A remote attacker who already had code execution in the renderer could trigger UI spoofing via a crafted HTML page. Affected product is Google Chrome (Chromium-based); impact described as low...
CVE-2026-14125
The CVE affects Google Chrome’s ANGLE component in Chromium. Affected: Chrome builds using ANGLE before version 150.0.7871.47. Description indicates an uninitialized use in ANGLE that could let a remote attacker obtain potentially sensitive information from process memory via a crafted HTML page....
CVE-2026-14126
CVE-2026-14126 describes an issue in Google Chrome on Android prior to 150.0.7871.47 where an incorrect security UI could allow a remote attacker to spoof the domain through a crafted HTML page. The vulnerability is associated with Chromium security (severity: Low) and is exploitable via network ...
CVE-2026-14122
The CVE-2026-14122 entry describes an issue in Google Chrome on Windows affecting the WebAppInstalls component of Chromium. The root cause is insufficient validation of untrusted input, allowing a remote attacker to perform arbitrary read/write via a crafted HTML page. The vulnerability impacts C...
CVE-2026-14124
CVE-2026-14124 affects Google Chrome on Windows (before version 150.0.7871.47). The vulnerability is due to an inappropriate CredentialProvider implementation, enabling a local attacker to escalate privileges via a malicious file. The described impact is OS-level, with high confidentiality, integ...
CVE-2026-14123
CVE-2026-14123 affects Google Chrome on iOS (Chrome for iOS) prior to version 150.0.7871.47. The flaw is an incorrect security UI that allows a remote attacker to spoof the Omnibox (URL bar) via a crafted HTML page. This is a UI rendering issue, not a network-processing flaw, potentially misleadi...
CVE-2026-14121
CVE-2026-14121 affects Chromoting in Google Chrome on Linux, due to a use-after-free in Chromoting that enables a remote attacker to execute arbitrary code via malicious network traffic. Affected: Chrome/Chromium on Linux prior to 150.0.7871.47. Impact signals in the source documents include high...
CVE-2026-14120
Concrete details found: CVE-2026-14120 affects Google Chrome DevTools with an inappropriate implementation allowing a remote attacker who has compromised the renderer to potentially escape the sandbox via a crafted HTML page, prior to Chrome 150.0.7871.47. The vulnerability is tied to Chromium De...
CVE-2026-14117
The CVE-2026-14117 entry concerns Google Chrome’s DevTools on Windows prior to version 150.0.7871.47. The vulnerability is described as insufficient validation of untrusted input in DevTools, which could enable a remote attacker to obtain potentially sensitive information from process memory when...
CVE-2026-14119
CVE-2026-14119 describes a type confusion in Bluetooth handling within Google Chrome on Windows, prior to version 150.0.7871.47. An attacker on the same local network could potentially read sensitive information from a victim process’s memory by presenting a malicious peripheral. The connected so...
CVE-2026-14118
Chrome DevTools in Google Chrome suffers from insufficient data validation , allowing a remote attacker to leak cross-origin data if a user is coerced into specific UI gestures on a crafted HTML page. Affected versions are prior to 150.0.7871.47 . Mitigation: upgrade to 150.0.7871.47 or later. CV...
CVE-2026-14115
The CVE-2026-14115 entry concerns insufficient validation of untrusted input in Cast in Google Chrome before 150.0.7871.47, enabling a renderer-compromised attacker to escalate privileges via a crafted HTML page. The vulnerability affects Chrome’s Cast component and is tied to Chromium security i...
CVE-2026-14116
The vulnerability CVE-2026-14116 affects Google Chrome DevTools. The root cause is insufficient validation of untrusted input in DevTools, allowing a remote attacker to leak cross-origin data through a crafted HTML page when a user is guided to perform specific UI gestures. Impact is cross-origin...
CVE-2026-14114
The vulnerability CVE-2026-14114 affects Google Chrome on Android (WebAppInstalls component). An inappropriate implementation allows a local attacker to spoof UI via a malicious file. Root cause: flawed handling in WebAppInstalls leading to UI spoofing. Affected version: Chrome for Android prior ...
CVE-2026-14112
The CVE-2026-14112 entry describes an inappropriate implementation in Google Chrome (enterprise) prior to version 150.0.7871.47 that could allow a remote attacker to extract potentially sensitive data from process memory when a user is persuaded to perform specific UI gestures via a crafted HTML ...
CVE-2026-14113
The CVE-2026-14113 entry describes a use-after-free in Chrome’s Updater on Windows before 150.0.7871.47. A remote attacker who already compromised the renderer could potentially escape the sandbox via a crafted HTML page. The issue is tied to the Chromium-based Updater component; exact root cause...
CVE-2026-14111
Use-after-free in Chrome’s WebProtect feature allows arbitrary code execution when a user is convinced to install a crafted Chrome Extension. Affected: Google Chrome (WebProtect) versions before 150.0.7871.47. Attack chain: attacker coerces user to install a malicious extension, enabling code exe...
CVE-2026-14109
CVE-2026-14109 describes insufficient policy enforcement in Mojo within Google Chrome prior to 150.0.7871.47, enabling a sandbox escape if a renderer process is compromised via a crafted HTML page. The connected Linux/Unix-facing records (Debian OSV, NVD, CVE lists, EUVD) corroborate: affected so...
CVE-2026-14110
The CVE-2026-14110 entry concerns Google Chrome’s DarkMode implementation. Affected product: Google Chrome (Chromium-based) before version 150.0.7871.47. Issue: Inappropriate DarkMode implementation allows a remote attacker to achieve UI spoofing via a crafted HTML page. Root cause: improper hand...
CVE-2026-14108
CVE-2026-14108 is a use-after-free in PDFium underlying Google Chrome prior to 150.0.7871.47. The flaw allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted PDF file. Affected component: PDFium within Chrome; root cause: use-after-free vulnerability. Impact: ...