Lucene search
K

370261 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13922

Summary of CVE-2026-13922 : A side-channel information leak in Chrome’s Paint component allows a remote attacker to exfiltrate cross-origin data via a crafted HTML page. Affected product/version: Google Chrome (Paint functionality) up to version 150.0.7871.47. Root cause: described as a side-chan...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13921

The set of connected records confirms CVE-2026-13921 affects Google Chrome (Chromium-based) via the DeviceBoundSessionCredentials component where insufficient validation of untrusted input enables a remote bypass of the same-origin policy through a crafted HTML page. The vulnerability is describe...

6.5CVSS5.8AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.22 views

CVE-2026-13923

CVE-2026-13923 : The connected documents specify that Google Chrome on Android is affected by an uninitialized GPU use vulnerability that can allow a remote attacker to read potentially sensitive data from a process memory via a crafted HTML page. Root cause: uninitialized use in the GPU componen...

6.5CVSS5.8AI score0.00326EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13920

CVE-2026-13920 describes insufficient validation of untrusted input in Chrome’s media handling on Windows before 150.0.7871.47, allowing a renderer-compromised attacker to potentially escape the sandbox via a crafted HTML page. Affected software: Google Chrome on Windows (renderer process). Root ...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13918

CVE-2026-13918 concerns Chrome for iOS (iOS) prior to 150.0.7871.47, where a use-after-free vulnerability in the browser could allow a remote attacker to potentially trigger heap corruption via a crafted HTML page. The connected Debian/OSV and related entries corroborate the description and ident...

8.8CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13919

CVE-2026-13919 describes an insufficent policy enforcement in Chrome’s Extensions on Chromium-based builds, where a crafted HTML page could enable a remote attacker with renderer access to bypass site isolation. Affected software/component: Google Chrome (Extensions/Chromium core). Root cause: po...

6.5CVSS5.7AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.14 views

CVE-2026-13917

Affected product: Chrome for iOS (Google Chrome on iOS). Vulnerable component: untrusted input validation in the iOS browser. Root cause: insufficient validation of untrusted input in a crafted HTML page that, with user engagement via specific UI gestures, lets an attacker bypass navigation restr...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13915

CVE-2026-13915 affects Chrome for iOS (Google Chrome on iOS) prior to version 150.0.7871.47. The vulnerability is described as a use-after-free that could lead to heap corruption when a remote attacker convinces a user to perform specific UI gestures on a crafted HTML page. Impact details in the ...

8.8CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.44 views

CVE-2026-13916

Chrome for iOS prior to 150.0.7871.47 allows UI spoofing via a crafted HTML page due to an inappropriate implementation in Chrome for iOS. Affected: Google Chrome on iOS (Chromium-based). Impact: UI spoofing risk; Severity: Medium (CVSS v3.1 base 4.3). Root cause: inappropriate implementation as ...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13913

CVE-2026-13913 affects Autofill in Google Chrome on iOS. The root cause is insufficient policy enforcement, allowing a remote attacker who entices a user to perform specific UI gestures to leak cross-origin data via a crafted HTML page. The vulnerability concerns Chrome/iOS versions prior to 150....

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.40 views

CVE-2026-13914

The CVE-2026-13914 entry concerns Google Chrome on macOS with an insecure implementation in Password handling that could allow a local attacker to read potentially sensitive data from process memory via a malicious file. Affected software is Chrome for macOS; the issue is tied to versions prior t...

5.5CVSS5.8AI score0.00113EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13910

Summary: CVE-2026-13910 affects Google Chrome on Android, where WebXR policy enforcement is insufficient. The vulnerability could allow a remote attacker to leak cross-origin data through a crafted HTML page. The issue is tied to Chrome/Android WebXR, with the described impact as per multiple sou...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13911

CVE-2026-13911 concerns Google Chrome’s Spellcheck: insufficient policy enforcement could allow a renderer-compromised attacker to read potentially sensitive data from process memory via a crafted HTML page. Affected are Chrome builds prior to 150.0.7871.47; exploitation is described as remote, r...

5.3CVSS5.8AI score0.00284EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.39 views

CVE-2026-13912

The CVE-2026-13912 affects Google Chrome on iOS prior to 150.0.7871.47, due to an Inappropriate implementation in Safe Browsing. This design issue enables a remote attacker to perform UI spoofing by presenting a crafted HTML page. The vulnerability description and connected records consistently i...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13909

CVE-2026-13909 refers to insufficient policy enforcement in Google Chrome DevTools, allowing a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page in Chrome versions before 150.0.7871.47. The vulnerability is described across multiple...

9.6CVSS5.8AI score0.00316EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13908

CVE-2026-13908 : Insufficient validation of untrusted input in the Omnibox of Google Chrome on iOS (before 150.0.7871.47) could allow a remote attacker to bypass navigation restrictions when a user performs specific UI gestures, via malicious network traffic. The vulnerability is documented with ...

6.5CVSS5.8AI score0.00223EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.41 views

CVE-2026-13907

CVE-2026-13907 describes an inappropriate implementation in iOSWeb in Google Chrome on iOS (versions prior to 150.0.7871.47) that could allow UI spoofing when a user is guided to perform specific UI gestures on a crafted HTML page. Impact is described as Medium (CVSS 4.2); remediation or patch de...

4.2CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13906

CVE-2026-13906 describes an out-of-bounds read in Google Chrome’s Codecs, exploitable via a crafted HTML page to access potentially sensitive data from process memory. Affected: Chrome prior to 150.0.7871.47. Impact per document: Confidentiality (partial) with network access and required user int...

6.5CVSS5.8AI score0.00318EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.45 views

CVE-2026-13905

Chrome for iOS on Google Chrome (iOS) is affected by a race in versions prior to 150.0.7871.47, allowing a local attacker with physical access to potentially read confidential data from process memory. The issue is documented across CVE-2026-13905 and EUVD-2026-40591. Remediation is to upgrade to...

4.2CVSS5.8AI score0.00092EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13903

CVE-2026-13903 affects Google Chrome’s Bluetooth implementation. The connected records describe insufficient policy enforcement in Chrome prior to version 150.0.7871.47, enabling privilege escalation via a crafted HTML page. There is no explicit exploitation detail or confirmed in-the-wild use in...

8.8CVSS5.8AI score0.00345EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder