Lucene search
K

370254 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.24 views

CVE-2026-14017

CVE-2026-14017 concerns Google Chrome’s Navigation logic. Affected component: Chrome prior to build 150.0.7871.47; root cause: inappropriate navigation implementation allowed a remote attacker who had already compromised the renderer process to potentially escape the Chrome sandbox via a crafted ...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-14015

Summary: CVE-2026-14015 describes a race condition in WebRTC within Google Chrome on Windows before version 150.0.7871.47. The bug could allow a remote attacker to leak cross-origin data via a crafted HTML page. What’s affected: Google Chrome on Windows; vulnerable component is the WebRTC impleme...

6.5CVSS5.8AI score0.00197EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.149 views

CVE-2026-14013

CVE-2026-14013 affects Google Chrome before version 150.0.7871.47, due to an inappropriate SVG implementation that enables UI spoofing via a crafted HTML page. The issue is documented across multiple feeds (NVD, Debian OSV, EUVD) with a Medium severity. The connected references indicate a patch/r...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.23 views

CVE-2026-14014

CVE-2026-14014 corresponds to an insufficiently robust Paint implementation in Google Chrome that allows UI spoofing via a crafted HTML page. Affected product: Google Chrome (Paint component); root cause: inappropriate implementation in Paint prior to version 150.0.7871.47. Impact is UI spoofing ...

6.5CVSS5.8AI score0.00218EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-14011

The affected component is Google Chrome (SurfaceCapture) with an out-of-bounds read vulnerability in versions prior to 150.0.7871.47. The issue could allow a remote attacker to read memory via a crafted HTML page. Severity is described as Medium by Chromium, with CVSS-driven impact: Confidentiali...

8.1CVSS5.8AI score0.00246EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-14010

Google Chrome on Windows is affected by CVE-2026-14010 due to an uninitialized use in codecs prior to version 150.0.7871.47. A remote attacker could read potentially sensitive data from process memory via a crafted HTML page. This affects Chrome on Windows; the vulnerability is categorized as Med...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.148 views

CVE-2026-14012

This CVE describes a side-channel information leakage in CSS within Google Chrome (Chromium) prior to version 150.0.7871.47. The vulnerability allows a remote attacker to exfiltrate potentially sensitive data from process memory via a crafted HTML page. The affected component is the CSS handling ...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-14008

CVE-2026-14008 describes an uninitialized-use flaw in WebXR within Google Chrome on Android (pre-150.0.7871.47). A crafted HTML page could cause the Chrome process to disclose potentially sensitive memory contents to remote attackers. The impact is information disclosure with a Medium severity pe...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-14009

The vulnerability CVE-2026-14009 affects Google Chrome (Passwords component) due to an inappropriate implementation, enabling remote exploitation to potentially cause heap corruption via a crafted HTML page. Affected builds are prior to 150.0.7871.47; the issue is described with a Chromium severi...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-14007

CVE-2026-14007 affects Google Chrome prior to 150.0.7871.47. The root cause is insufficient policy enforcement in PermissionsPolicy, allowing a remote attacker to bypass navigation restrictions via a crafted HTML page. Exploitation status is not described in the provided documents. The vulnerabil...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-14005

Google Chrome for Android is affected by a use-after-free in Omnibox leading to potential heap corruption via a crafted HTML page. This vulnerability requires user interaction (UI gestures) and can impact confidentiality, integrity, and availability as per CVSS. Affected component: Chrome Android...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-14006

CVE-2026-14006 affects Google Chrome prior to 150.0.7871.47 due to a use-after-free in Navigation, allowing remote code execution. Vulnerable component: Navigation in Chrome (Chromium). Impact: arbitrary code execution; severity shown as High (CVSS 3.1 base 8.8). Remediation: update Chrome to 150...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.29 views

CVE-2026-14003

Affected software/scope: Google Chrome extensions mechanism. Vulnerability: Insufficient policy enforcement in Chrome Extensions prior to 150.0.7871.47 allows a user-assisted attacker to leak cross-origin data when a malicious extension is installed. Underlying issue: policy enforcement weakness ...

4.3CVSS5.8AI score0.00148EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-14004

The CVE-2026-14004 entry corresponds to Google Chrome’s CSS handling, where an inappropriate implementation in CSS allowed a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Chrome/Chromium before 150.0.7871.47. Root cause: faulty CSS implementation enabling cr...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-14001

CVE-2026-14001 corresponds to an UXSS vulnerability in Google Chrome. The issue is an inappropriate implementation in the network stack that affects Chrome prior to 150.0.7871.47, enabling a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. The vulnerability is describe...

6.1CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-14002

CVE-2026-14002 affects Google Chrome Geolocation in Chromium, prior to 150.0.7871.47. Root cause is an inappropriate Geolocation implementation that lets a remote attacker who has compromised the renderer process perform UI spoofing via a crafted HTML page. Impact is UI spoofing with possible hig...

6.5CVSS5.8AI score0.00218EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.14 views

CVE-2026-14000

CVE-2026-14000 affects Google Chrome prior to 150.0.7871.47 due to an inappropriate XML implementation, enabling a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. The issue is documented across multiple sources (NVD, Debian OSV, CVE lists) with the same descrip...

6.1CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.14 views

CVE-2026-13999

CVE-2026-13999 affects Google Chrome where insufficient validation of untrusted input in Extensions can enable UI spoofing via a crafted Chrome Extension. The vulnerability is triggered when a user is convinced to install a malicious extension, allowing spoofed UI elements as described in multipl...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.42 views

CVE-2026-13997

The CVE-2026-13997 entry concerns Google Chrome on Android before 150.0.7871.47, where an incorrect security UI in Extensions could allow UI spoofing via a crafted HTML page if a user performed specific UI gestures after being convinced to engage them. The core issue is a flawed UI trust boundary...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.41 views

CVE-2026-13998

Impact: Affected software is Google Chrome on macOS. The vulnerability stems from an incorrect security UI in the File Input component, enabling UI spoofing when a user is induced to perform specific UI gestures via a crafted HTML page. Root cause: flawed security UI handling in Chrome/Chromium’s...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder