370214 matches found
CVE-2026-14077
The CVE-2026-14077 entry describes an issue in Google Chrome on macOS (before version 150.0.7871.47) where an inappropriate implementation in the Select control allows a remote attacker to spoof the Omnibox (URL bar) contents via a crafted HTML page. Affected component: Select in the browser; roo...
CVE-2026-14076
CVE-2026-14076 affects Google Chrome prior to 150.0.7871.47. The issue is insufficient policy enforcement of the Content Security Policy in Chrome’s network stack, allowing a remote attacker to bypass CSP with a crafted HTML page. Impact is a CSP bypass, with no other confidentiality/integrity/av...
CVE-2026-14075
Technical details are not publicly available in the provided documents; the reports describe the vulnerability at a high level (no specifics on affected products/versions, exploitability, or fixes). Monitor for updates.
CVE-2026-14073
CVE-2026-14073 affects Google Chrome WebXR prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in WebXR, which could let a remote attacker bypass navigation restrictions through a crafted HTML page. Affects Chrome components described across multiple sources (NVD, Debi...
CVE-2026-14072
CVE-2026-14072 relates to an Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47, enabling UI spoofing via a crafted HTML page. The underlying issue is a SplitView implementation flaw; impact is UI spoofing with Low severity per the CVSS 3.1 metrics (AV:N/AC:L/PR:N/U...
CVE-2026-14074
Google Chrome on iOS prior to 150.0.7871.47 is affected by a side-channel information leakage in WebAuthentication that can leak cross-origin data via a crafted HTML page. The issue affects Chrome’s WebAuthentication component; the public references place a Low severity (CVSS 3.1: 6.5, MEDIUM) an...
CVE-2026-14070
CVE-2026-14070 affects Google Chrome’s WebNN component. The root cause is an integer overflow in WebNN that could allow a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. Affected software is Chrome prior to version 150.0.7871.47; the impact i...
CVE-2026-14071
CVE-2026-14071 describes a side-channel information leakage in WebAudio of Google Chrome, where a remote attacker could leak cross-origin data via a crafted HTML page. The vulnerability affects Chrome prior to version 150.0.7871.47. The available connected documents consistently indicate the issu...
CVE-2026-14069
This CVE affects Google Chrome’s WebNN component. An integer overflow in WebNN could allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. The issue affects Chrome before version 150.0.7871.47 (Chromium security severity: Low). Impact: high confid...
CVE-2026-14068
Vulnerability: CVE-2026-14068 affects Google Chrome on iOS, caused by an inappropriate implementation in the Omnibox. The issue enables UXSS via a crafted HTML page when a user is induced to perform specific UI gestures, using Chrome versions prior to 150.0.7871.47. Impact is described as low sev...
CVE-2026-14067
CVE-2026-14067 is a use-after-free vulnerability in Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47. The flaw allows a remote attacker to execute arbitrary code via a crafted HTML page. Across multiple sources (NVD, Debian OSV, EUVD ENISA, CVE lists), the issue is described c...
CVE-2026-14064
CVE-2026-14064 is a use-after-free in PageInfo affecting Google Chrome on Android prior to version 150.0.7871.47. The vulnerability allows a remote attacker to trigger arbitrary code execution by convincing a user to perform specific UI gestures on a crafted HTML page. Root cause: use-after-free ...
CVE-2026-14065
CVE-2026-14065 affects Google Chrome prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in PageInfo, which could allow a remote attacker who already compromised the renderer process to bypass navigation restrictions via a crafted HTML page. The common description acro...
CVE-2026-14066
CVE-2026-14066 affects Chrome for iOS (Google Chrome on iOS) prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in a crafted HTML page, allowing a remote attacker to bypass navigation restrictions. This is described across multiple feeds (NVD, Debian, EUVD, CVE listin...
CVE-2026-14061
The CVE-2026-14061 issue affects Dawn in Google Chrome, prior to version 150.0.7871.47. It is described as an insecure implementation that could allow a remote attacker to obtain potentially sensitive data from process memory via a crafted HTML page. Affected component: Dawn within Chrome. Root c...
CVE-2026-14062
The CVE-2026-14062 entry concerns Google Chrome on ChromeOS with an incorrect implementation in the Views component, affecting versions prior to 150.0.7871.47. A user convincing a target to install a malicious extension could allow access to potentially sensitive data from process memory via that...
CVE-2026-14063
The CVE-2026-14063 entry describes an out-of-bounds read in Chromecast within Google Chrome prior to 150.0.7871.47. The issue allows a local attacker to obtain potentially sensitive information from process memory via malicious network traffic. The documented impact is information disclosure with...
CVE-2026-14059
CVE-2026-14059 concerns Google Chrome (Chromium) and describes insufficient policy enforcement in the Related-Website-Sets mechanism. The vulnerability allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected software version: Chrome prior to 150.0.7871.47 (Chromium ba...
CVE-2026-14060
CVE-2026-14060 concerns Chrome on Windows with Chromoting, where insufficient validation of untrusted input in this component allows a local attacker to escalate privileges by handling a malicious file. Affected version window is prior to 150.0.7871.47. The vulnerability is described as enabling ...
CVE-2026-14058
CVE-2026-14058 affects Google Chrome: insufficient policy enforcement in the HTML Parser allows a remote attacker to bypass Content Security Policy via a crafted HTML page. Affected version range is Chrome prior to 150.0.7871.47. The vulnerability is documented across multiple sources (NVD, Debia...