Lucene search
K

370314 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13897

Summary: CVE-2026-13897 affects Chromecast-in-Chrome functionality in Google Chrome, with the root cause described as insufficient policy enforcement. The vulnerability permits a remote attacker to escalate privileges via a crafted HTML page, under the condition that the target is on a Chrome ver...

8.8CVSS5.8AI score0.00304EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13898

CVE-2026-13898 affects Google Chrome’s Cast Receiver. A use-after-free flaw in the Cast Receiver component can be triggered by a crafted HTML page, enabling a remote attacker to execute arbitrary code inside the sandbox. Affected are Chrome versions prior to 150.0.7871.47; exploitation requires n...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13895

CVE-2026-13895 concerns an inappropriate implementation in Google Chrome’s Autofill component (Chromium) prior to version 150.0.7871.47. A remote attacker could trigger UI spoofing by persuading a user to perform specific UI gestures on a crafted HTML page. The documented impact is limited to UI ...

4.2CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13894

Affected software: Google Chrome (Chromium-based). The issue is described as insufficient policy enforcement in the Network component prior to version 150.0.7871.47, allowing an attacker with a privileged network position to bypass navigation restrictions via a crafted HTML page. Severity is rate...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13896

The connected sources confirm CVE-2026-13896 affects Google Chrome (Chromium-based) with insufficient policy enforcement in “Glic” prior to version 150.0.7871.47, enabling a remote attacker to bypass navigation restrictions via a crafted HTML page. The impact is described as medium. The vulnerabi...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13892

CVE-2026-13892 concerns Chrome for iOS before version 150.0.7871.47, where an inappropriate implementation allowed a remote attacker who lured a user into specific UI gestures to leak cross-origin data via a crafted HTML page. The issue affects Chrome on iOS (Chromium-based) and has a Medium seve...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13891

Vulnerability summary (CVE-2026-13891): Insufficient validation of untrusted input in the Extensions component of Google Chrome up to version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to escalate privileges by loading a crafted HTML page. The issue is...

7.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13893

CVE-2026-13893 affects Google Chrome (WebUI) with insufficient validation of untrusted input in WebUI, allowing a remote attacker to leak cross-origin data via malicious network traffic. Affected component: Chrome/WebUI; root cause: insufficient input validation in WebUI before version 150.0.7871...

6.5CVSS5.8AI score0.00293EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13890

CVE-2026-13890 describes an out-of-bounds read in Chromecast within Google Chrome before version 150.0.7871.47. An attacker who already compromised the renderer process could exploit a crafted HTML page to read potentially sensitive information from process memory. The impact is data leakage of m...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13889

Consolidated analysis for CVE-2026-13889: A side-channel information leakage in WebAuthentication on Google Chrome for iOS (Chromium-based) affects the WebAuthentication component. The vulnerability allows a remote attacker to leak cross-origin data through a crafted HTML page. Affected product/a...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13888

The CVE-2026-13888 entry concerns a use-after-free in Chrome’s Extensions component affecting Chrome builds prior to 150.0.7871.47. The vulnerability allows a remote attacker to execute arbitrary code inside the Chrome sandbox via a crafted HTML page. Affected software: Google Chrome (Extensions ...

8.8CVSS6.2AI score0.00351EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13887

The CVE-2026-13887 entry relates to Google Chrome for Android, where an inappropriate NFC implementation before version 150.0.7871.47 allowed a remote attacker who had already compromised the renderer process to leak cross-origin data via a crafted HTML page. This is triggered by a renderer compr...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13886

Affected software: Google Chrome Isolated Web Apps. Vulnerability: insufficient policy enforcement that allows a remote attacker to bypass Content Security Policy via a crafted HTML page. Root cause (as described across connected sources): policy enforcement gaps in Isolated Web Apps prior to ver...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13884

CVE-2026-13884 affects Chromecast in Google Chrome prior to 150.0.7871.47, where an integer overflow could allow a local attacker to execute arbitrary code via malicious network traffic. The issue is documented across multiple feeds (NVD, Debian, EUVD, CVE listing, etc.). The base impact is high ...

8.8CVSS6.2AI score0.00204EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13883

CVE-2026-13883 describes a Type Confusion in ANGLE used by Google Chrome prior to 150.0.7871.47 that can potentially allow a remote attacker to perform a sandbox escape via a crafted HTML page. The vulnerability impact is described as high/critical (CVSS v3.1 base score 9.6) with network attack v...

9.6CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13885

Summary: CVE-2026-13885 is a use-after-free in Skia used by Google Chrome on Android, allowing remote code execution via a crafted HTML page. Affected product/component: Skia within Chrome on Android; Root cause: use-after-free in Skia rendering path. Impact: arbitrary code execution inside the b...

8.8CVSS6.2AI score0.00379EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13881

CVE-2026-13881 details (concrete): In Google Chrome (Chromium WebAppInstalls) before version 150.0.7871.47, an inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. This is a network-exploitable issue with user interaction required and pot...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13880

Google Chrome for macOS prior to 150.0.7871.47 is affected by CVE-2026-13880 due to a use-after-free in USB handling that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue affects Chrome on Mac, with the mitigation bein...

9.6CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13882

CVE-2026-13882 describes a race in USB handling in Google Chrome before 150.0.7871.47 that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue is documented across NVD, Debian, EUVD, and other feeds with a consistent desc...

9.6CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13878

CVE-2026-13878: A use-after-free in Bluetooth in Google Chrome on macOS (before 150.0.7871.47) could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected product: Google Chrome on macOS; root cause: use-after-free in ...

9.6CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder