Lucene search
K

370256 matches found

CVE
CVE
added 2026/06/30 10:39 p.m.19 views

CVE-2026-14041

CVE-2026-14041 affects Google Chrome components handling Serial policies. The vulnerability stems from insufficient policy enforcement in Serial, allowing privilege escalation via a crafted HTML page. Affected versions are prior to 150.0.7871.47; Chromium notes a Low security severity but CVSS v3...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.22 views

CVE-2026-14036

CVE-2026-14036 affects Google Chrome’s Bluetooth policy enforcement. The issue is described as insufficient policy enforcement in Bluetooth in Chrome prior to version 150.0.7871.47, enabling a remote attacker to escalate privileges via a crafted HTML page. Connected documents consistently referen...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.20 views

CVE-2026-14037

CVE-2026-14037 affects Google Chrome (GPU component) due to insufficient policy enforcement in the GPU, enabling a sandbox escape if a renderer is compromised via a crafted HTML page. The vulnerability applies to Chrome versions prior to 150.0.7871.47 and is described with a low severity level bu...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14038

CVE-2026-14038 affects Google Chrome’s New Tab Page. The root cause is insufficient validation of untrusted input, allowing a remote attacker who has compromised the renderer to potentially escape the sandbox via a crafted HTML page. The vulnerability is addressed in Chrome version 150.0.7871.47 ...

9.3CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.19 views

CVE-2026-14033

CVE-2026-14033: Google Chrome on Windows has insufficient policy enforcement in Media, enabling a remote bypass of site isolation through a crafted HTML page. Affects Chrome versions prior to 150.0.7871.47; the issue is mitigated by upgrading to 150.0.7871.47 or later. Exploitation details are no...

6.5CVSS5.7AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14034

CVE-2026-14034 describes an insecure WebXR implementation in Google Chrome on Android prior to version 150.0.7871.47 . A remote attacker could bypass navigation restrictions by presenting a crafted HTML page, due to an inappropriate handling in WebXR. The vulnerability has a low severity (per Chr...

4.3CVSS5.8AI score0.00234EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14035

Technical details for CVE-2026-14035 are not publicly available in the provided documents; monitor for updates from vendors and security advisories.

6.5CVSS5.8AI score0.0022EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.18 views

CVE-2026-14031

CVE-2026-14031 corresponds to an Inappropriate implementation in Google Chrome’s File Input component, allowing a remote attacker to perform UI spoofing through a crafted HTML page. Affected software: Google Chrome (and Chromium-based components) with versions prior to 150.0.7871.47. Root cause (...

4.3CVSS5.8AI score0.00169EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.21 views

CVE-2026-14032

This CVE affects Google Chrome on macOS, describing a Use-After-Free in Bluetooth that allows code execution when a user is tricked into installing a crafted Chrome Extension. The vulnerable condition is Chrome versions prior to 150.0.7871.47. Impact is arbitrary code execution with high severity...

8.1CVSS6.1AI score0.0026EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.18 views

CVE-2026-14030

Summary: CVE-2026-14030 affects Google Chrome on Linux prior to 150.0.7871.47. The issue is an improper implementation in SplitView that allowed a remote attacker who enticed a user to perform specific UI gestures to spoof the Omnibox (URL bar) via a crafted HTML page. Impact (as described): Spoo...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14027

CVE-2026-14027 describes a use-after-free in Google Chrome's SignIn path prior to version 150.0.7871.47. A remote attacker could lure a user into specific UI gestures to trigger heap corruption via a crafted HTML page. The vulnerability affects Chrome and is mitigated by updating to 150.0.7871.47...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.40 views

CVE-2026-14028

Affected software: Chrome for iOS. Vulnerability: UI spoofing due to incorrect security UI in Google Chrome on iOS prior to 150.0.7871.47. Exploitation requires that a user engages in specific UI gestures, via a crafted HTML page. Impact: potential UI spoofing with low severity per Chromium. Root...

4.2CVSS5.8AI score0.00163EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.23 views

CVE-2026-14024

CVE-2026-14024 : A use-after-free in Ozone within Google Chrome on Linux versions before 150.0.7871.47 allows a remote attacker who entices a user to perform specific UI gestures to potentially trigger heap corruption via a crafted HTML page. Impact is described as high for confidentiality, integ...

8.8CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.25 views

CVE-2026-14026

CVE-2026-14026 affects Google Chrome (SplitView) prior to 150.0.7871.47. A crafted HTML page can lure a user to perform specific UI gestures, causing UI spoofing due to an incorrect security UI in SplitView. The issue is reported with Chromium security severity: Low. Remediation: update to Chrome...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:39 p.m.20 views

CVE-2026-14025

CVE-2026-14025 concerns a use-after-free in Chrome’s Views on macOS prior to version 150.0.7871.47, which can lead to heap corruption when a user is tricked into performing specific UI gestures on a crafted HTML page. Affected product: Google Chrome for macOS; vulnerable component: Views; root ca...

8.8CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.25 views

CVE-2026-14023

Google Chrome (Chromium) SanitizerAPI in affected builds is vulnerable due to insufficient validation of untrusted input, allowing a remote attacker to bypass the same-origin policy via a crafted HTML page. Affected version range is prior to 150.0.7871.47; vendor/chromium references indicate the ...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-14021

Affected software: Google Chrome (StorageAccessAPI in Chromium). Vulnerability: insufficient policy enforcement allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Versions: prior to 150.0.7871.47. Impact: cross-origin data leakage...

6.5CVSS5.8AI score0.00247EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-14022

Affected software/area: Google Chrome (Chromium-based rendering pipeline), with the issue in the Network component due to insufficient validation of untrusted input. Vulnerability details: A remote attacker who has compromised the renderer process can cause leakage of cross-origin data via a craf...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-14018

CVE-2026-14018 describes a use-after-free in Chrome’s Updater on Windows prior to 150.0.7871.47, enabling a local attacker to escalate privileges via a malicious file. Affected software: Google Chrome (Windows). Root cause: use-after-free in the Updater component. Impact: OS-level privilege escal...

7.8CVSS5.8AI score0.00104EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.167 views

CVE-2026-14020

CVE-2026-14020 affects Google Chrome WebXR prior to 150.0.7871.47. The root cause is insufficient validation of untrusted input in WebXR, allowing a remote attacker who has compromised the renderer process to perform UI spoofing via a crafted HTML page. Impact is UI spoofing with medium severity ...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder