370254 matches found
CVE-2026-14056
Consolidated details across CVE-2026-14056 entries indicate an issue in Google Chrome’s media handling: Insufficient validation of untrusted input in Media could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Vers...
CVE-2026-14057
CVE-2026-14057 affects Google Chrome where an inappropriate FedCM implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected versions are Chrome before 150.0.7871.47; the vulnerability stems from the FedCM component’s incorrect handling, enabling cr...
CVE-2026-14054
The CVE-2026-14054 entry concerns Google Chrome (Chromium base) with an issue in policy enforcement that allowed navigation restriction bypass via a crafted HTML page, affecting versions prior to 150.0.7871.47. The vulnerability is described as low severity (CVSS 4.3, MEDIUM by some scales) with ...
CVE-2026-14055
CVE-2026-14055 affects Google Chrome on Windows before 150.0.7871.47, where insufficient validation of untrusted input in Device Trust could allow a remote attacker who compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The vulnerability is addressed by th...
CVE-2026-14053
CVE-2026-14053 affects Google Chrome where extensions enforcement is insufficient. A remote attacker who has already compromised the renderer process could leak cross-origin data via a crafted HTML page, due to policy enforcement gaps in Extensions before version 150.0.7871.47. The vulnerability ...
CVE-2026-14051
CVE-2026-14051 concerns Google Chrome where the GamepadAPI has an uninitialized memory access bug. A remote attacker who has already compromised the renderer process could read potentially sensitive data from process memory via a crafted HTML page. Affected versions are Chrome prior to 150.0.7871...
CVE-2026-14052
CVE-2026-14052 describes insufficient policy enforcement in Google Chrome’s FileSystem, before version 150.0.7871.47, allowing a remote attacker to bypass discretionary access control via a crafted HTML page. Root cause is improper FileSystem permission enforcement. Impact per the documents is a ...
CVE-2026-14050
Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-14050.
CVE-2026-14047
CVE-2026-14047 affects Google Chrome before version 150.0.7871.47 due to insufficient policy enforcement in Extensions, enabling an attacker who persuades a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. The vulnerability’s impact is descri...
CVE-2026-14049
CVE-2026-14049 affects Google Chrome versions with an inappropriate GPU implementation prior to 150.0.7871.47. A remote attacker who has compromised the renderer process can obtain potentially sensitive information from process memory via a crafted HTML page. Impact is described as Low severity; ...
CVE-2026-14048
The CVE-2026-14048 entry describes a Use-After-Free in Chromecast components of Google Chrome before version 150.0.7871.47. The issue could allow a local-network attacker to read potentially sensitive data from a Chrome process memory via a malicious peripheral. The connected EUVD and NVD entries...
CVE-2026-14046
CVE-2026-14046 affects Google Chrome on Android through the CustomTabs implementation. An inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability is characterized by a Chromium-based Low severity, with a network attack vect...
CVE-2026-14045
CVE-2026-14045 affects Google Chrome (Chromium-based). The vulnerability is due to insufficient validation of untrusted input in the Network component, allowing a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page. Impact is cross-origin dat...
CVE-2026-14043
The vulnerability CVE-2026-14043 affects Google Chrome components handling GetUserMedia. A use-after-free in GetUserMedia could allow a remote attacker with control of the renderer process to potentially escape the sandbox via a crafted HTML page. Affected software is Chrome before build 150.0.78...
CVE-2026-14044
CVE-2026-14044 affects Google Chrome (ANGLE component) with a use-after-free in ANGLE that can allow a remote attacker who has compromised the renderer to escape the sandbox via a crafted HTML page. Affected versions are before Chrome 150.0.7871.47. Root cause: use-after-free in ANGLE. Impact: sa...
CVE-2026-14042
CVE-2026-14042 concerns Google Chrome Isolated Web Apps. The issue is an inappropriate implementation that allows a remote attacker to perform UI spoofing via a crafted HTML page. It affects Chrome versions prior to 150.0.7871.47 and is described with a Chromium security severity of Low. The prac...
CVE-2026-14041
CVE-2026-14041 affects Google Chrome components handling Serial policies. The vulnerability stems from insufficient policy enforcement in Serial, allowing privilege escalation via a crafted HTML page. Affected versions are prior to 150.0.7871.47; Chromium notes a Low security severity but CVSS v3...
CVE-2026-14039
CVE-2026-14039 concerns Google Chrome’s GetUserMedia, where insufficient policy enforcement before version 150.0.7871.47 allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability affects Chrome components related to media permissions and page-origin che...
CVE-2026-14040
Summary (concrete details from provided sources): CVE-2026-14040 is a use-after-free in Chrome’s BrowserTag (prior to version 150.0.7871.47). A device exploited by convincing a user to install a malicious extension could trigger heap corruption via the crafted Chrome Extension. This affects Googl...
CVE-2026-14036
CVE-2026-14036 affects Google Chrome’s Bluetooth policy enforcement. The issue is described as insufficient policy enforcement in Bluetooth in Chrome prior to version 150.0.7871.47, enabling a remote attacker to escalate privileges via a crafted HTML page. Connected documents consistently referen...