Lucene search
K

370254 matches found

CVE
CVE
added 2026/06/30 10:39 p.m.20 views

CVE-2026-14056

Consolidated details across CVE-2026-14056 entries indicate an issue in Google Chrome’s media handling: Insufficient validation of untrusted input in Media could allow a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted video file. Vers...

9.6CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.108 views

CVE-2026-14057

CVE-2026-14057 affects Google Chrome where an inappropriate FedCM implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected versions are Chrome before 150.0.7871.47; the vulnerability stems from the FedCM component’s incorrect handling, enabling cr...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.46 views

CVE-2026-14054

The CVE-2026-14054 entry concerns Google Chrome (Chromium base) with an issue in policy enforcement that allowed navigation restriction bypass via a crafted HTML page, affecting versions prior to 150.0.7871.47. The vulnerability is described as low severity (CVSS 4.3, MEDIUM by some scales) with ...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.18 views

CVE-2026-14055

CVE-2026-14055 affects Google Chrome on Windows before 150.0.7871.47, where insufficient validation of untrusted input in Device Trust could allow a remote attacker who compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The vulnerability is addressed by th...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.36 views

CVE-2026-14053

CVE-2026-14053 affects Google Chrome where extensions enforcement is insufficient. A remote attacker who has already compromised the renderer process could leak cross-origin data via a crafted HTML page, due to policy enforcement gaps in Extensions before version 150.0.7871.47. The vulnerability ...

4.3CVSS5.8AI score0.00164EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14051

CVE-2026-14051 concerns Google Chrome where the GamepadAPI has an uninitialized memory access bug. A remote attacker who has already compromised the renderer process could read potentially sensitive data from process memory via a crafted HTML page. Affected versions are Chrome prior to 150.0.7871...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14052

CVE-2026-14052 describes insufficient policy enforcement in Google Chrome’s FileSystem, before version 150.0.7871.47, allowing a remote attacker to bypass discretionary access control via a crafted HTML page. Root cause is improper FileSystem permission enforcement. Impact per the documents is a ...

4.3CVSS5.8AI score0.00221EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.13 views

CVE-2026-14050

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-14050.

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14047

CVE-2026-14047 affects Google Chrome before version 150.0.7871.47 due to insufficient policy enforcement in Extensions, enabling an attacker who persuades a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. The vulnerability’s impact is descri...

4.3CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.152 views

CVE-2026-14049

CVE-2026-14049 affects Google Chrome versions with an inappropriate GPU implementation prior to 150.0.7871.47. A remote attacker who has compromised the renderer process can obtain potentially sensitive information from process memory via a crafted HTML page. Impact is described as Low severity; ...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.24 views

CVE-2026-14048

The CVE-2026-14048 entry describes a Use-After-Free in Chromecast components of Google Chrome before version 150.0.7871.47. The issue could allow a local-network attacker to read potentially sensitive data from a Chrome process memory via a malicious peripheral. The connected EUVD and NVD entries...

6.5CVSS5.8AI score0.00116EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14046

CVE-2026-14046 affects Google Chrome on Android through the CustomTabs implementation. An inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability is characterized by a Chromium-based Low severity, with a network attack vect...

4.3CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.17 views

CVE-2026-14045

CVE-2026-14045 affects Google Chrome (Chromium-based). The vulnerability is due to insufficient validation of untrusted input in the Network component, allowing a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted HTML page. Impact is cross-origin dat...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14043

The vulnerability CVE-2026-14043 affects Google Chrome components handling GetUserMedia. A use-after-free in GetUserMedia could allow a remote attacker with control of the renderer process to potentially escape the sandbox via a crafted HTML page. Affected software is Chrome before build 150.0.78...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.20 views

CVE-2026-14044

CVE-2026-14044 affects Google Chrome (ANGLE component) with a use-after-free in ANGLE that can allow a remote attacker who has compromised the renderer to escape the sandbox via a crafted HTML page. Affected versions are before Chrome 150.0.7871.47. Root cause: use-after-free in ANGLE. Impact: sa...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.17 views

CVE-2026-14042

CVE-2026-14042 concerns Google Chrome Isolated Web Apps. The issue is an inappropriate implementation that allows a remote attacker to perform UI spoofing via a crafted HTML page. It affects Chrome versions prior to 150.0.7871.47 and is described with a Chromium security severity of Low. The prac...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.18 views

CVE-2026-14041

CVE-2026-14041 affects Google Chrome components handling Serial policies. The vulnerability stems from insufficient policy enforcement in Serial, allowing privilege escalation via a crafted HTML page. Affected versions are prior to 150.0.7871.47; Chromium notes a Low security severity but CVSS v3...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.147 views

CVE-2026-14039

CVE-2026-14039 concerns Google Chrome’s GetUserMedia, where insufficient policy enforcement before version 150.0.7871.47 allowed a remote attacker to bypass the same-origin policy via a crafted HTML page. The vulnerability affects Chrome components related to media permissions and page-origin che...

4.3CVSS5.8AI score0.00155EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.20 views

CVE-2026-14040

Summary (concrete details from provided sources): CVE-2026-14040 is a use-after-free in Chrome’s BrowserTag (prior to version 150.0.7871.47). A device exploited by convincing a user to install a malicious extension could trigger heap corruption via the crafted Chrome Extension. This affects Googl...

8.8CVSS5.8AI score0.0021EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14036

CVE-2026-14036 affects Google Chrome’s Bluetooth policy enforcement. The issue is described as insufficient policy enforcement in Bluetooth in Chrome prior to version 150.0.7871.47, enabling a remote attacker to escalate privileges via a crafted HTML page. Connected documents consistently referen...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder