370223 matches found
CVE-2026-14064
CVE-2026-14064 is a use-after-free in PageInfo affecting Google Chrome on Android prior to version 150.0.7871.47. The vulnerability allows a remote attacker to trigger arbitrary code execution by convincing a user to perform specific UI gestures on a crafted HTML page. Root cause: use-after-free ...
CVE-2026-14065
CVE-2026-14065 affects Google Chrome prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in PageInfo, which could allow a remote attacker who already compromised the renderer process to bypass navigation restrictions via a crafted HTML page. The common description acro...
CVE-2026-14066
CVE-2026-14066 affects Chrome for iOS (Google Chrome on iOS) prior to 150.0.7871.47. The issue is insufficient validation of untrusted input in a crafted HTML page, allowing a remote attacker to bypass navigation restrictions. This is described across multiple feeds (NVD, Debian, EUVD, CVE listin...
CVE-2026-14062
The CVE-2026-14062 entry concerns Google Chrome on ChromeOS with an incorrect implementation in the Views component, affecting versions prior to 150.0.7871.47. A user convincing a target to install a malicious extension could allow access to potentially sensitive data from process memory via that...
CVE-2026-14063
The CVE-2026-14063 entry describes an out-of-bounds read in Chromecast within Google Chrome prior to 150.0.7871.47. The issue allows a local attacker to obtain potentially sensitive information from process memory via malicious network traffic. The documented impact is information disclosure with...
CVE-2026-14061
The CVE-2026-14061 issue affects Dawn in Google Chrome, prior to version 150.0.7871.47. It is described as an insecure implementation that could allow a remote attacker to obtain potentially sensitive data from process memory via a crafted HTML page. Affected component: Dawn within Chrome. Root c...
CVE-2026-14059
CVE-2026-14059 concerns Google Chrome (Chromium) and describes insufficient policy enforcement in the Related-Website-Sets mechanism. The vulnerability allows a remote attacker to leak cross-origin data via a crafted HTML page. Affected software version: Chrome prior to 150.0.7871.47 (Chromium ba...
CVE-2026-14060
CVE-2026-14060 concerns Chrome on Windows with Chromoting, where insufficient validation of untrusted input in this component allows a local attacker to escalate privileges by handling a malicious file. Affected version window is prior to 150.0.7871.47. The vulnerability is described as enabling ...
CVE-2026-14058
CVE-2026-14058 affects Google Chrome: insufficient policy enforcement in the HTML Parser allows a remote attacker to bypass Content Security Policy via a crafted HTML page. Affected version range is Chrome prior to 150.0.7871.47. The vulnerability is documented across multiple sources (NVD, Debia...
CVE-2026-14057
CVE-2026-14057 affects Google Chrome where an inappropriate FedCM implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected versions are Chrome before 150.0.7871.47; the vulnerability stems from the FedCM component’s incorrect handling, enabling cr...
CVE-2026-14056
Consolidated details across CVE-2026-14056 entries indicate an issue in Google Chrome’s media handling: Insufficient validation of untrusted input in Media could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Vers...
CVE-2026-14054
The CVE-2026-14054 entry concerns Google Chrome (Chromium base) with an issue in policy enforcement that allowed navigation restriction bypass via a crafted HTML page, affecting versions prior to 150.0.7871.47. The vulnerability is described as low severity (CVSS 4.3, MEDIUM by some scales) with ...
CVE-2026-14055
CVE-2026-14055 affects Google Chrome on Windows before 150.0.7871.47, where insufficient validation of untrusted input in Device Trust could allow a remote attacker who compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The vulnerability is addressed by th...
CVE-2026-14053
CVE-2026-14053 affects Google Chrome where extensions enforcement is insufficient. A remote attacker who has already compromised the renderer process could leak cross-origin data via a crafted HTML page, due to policy enforcement gaps in Extensions before version 150.0.7871.47. The vulnerability ...
CVE-2026-14051
CVE-2026-14051 concerns Google Chrome where the GamepadAPI has an uninitialized memory access bug. A remote attacker who has already compromised the renderer process could read potentially sensitive data from process memory via a crafted HTML page. Affected versions are Chrome prior to 150.0.7871...
CVE-2026-14052
CVE-2026-14052 describes insufficient policy enforcement in Google Chrome’s FileSystem, before version 150.0.7871.47, allowing a remote attacker to bypass discretionary access control via a crafted HTML page. Root cause is improper FileSystem permission enforcement. Impact per the documents is a ...
CVE-2026-14050
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-14050.
CVE-2026-14047
CVE-2026-14047 affects Google Chrome before version 150.0.7871.47 due to insufficient policy enforcement in Extensions, enabling an attacker who persuades a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. The vulnerability’s impact is descri...
CVE-2026-14049
CVE-2026-14049 affects Google Chrome versions with an inappropriate GPU implementation prior to 150.0.7871.47. A remote attacker who has compromised the renderer process can obtain potentially sensitive information from process memory via a crafted HTML page. Impact is described as Low severity; ...
CVE-2026-14048
The CVE-2026-14048 entry describes a Use-After-Free in Chromecast components of Google Chrome before version 150.0.7871.47. The issue could allow a local-network attacker to read potentially sensitive data from a Chrome process memory via a malicious peripheral. The connected EUVD and NVD entries...