370314 matches found
CVE-2026-13879
CVE-2026-13879 : Use-after-free in Bluetooth handling in Google Chrome (Chromium) prior to 150.0.7871.47. The issue allows an attacker on the local network segment to potentially read sensitive data from a process’s memory via a malicious Bluetooth peripheral. Affected component is Bluetooth code...
CVE-2026-13876
CVE-2026-13876 involves an inappropriate implementation in the Network stack of Google Chrome before version 150.0.7871.47 . The issue allows an attacker with a privileged network position to bypass the page content Security Policy (CSP) through malicious network traffic. The connected documents ...
CVE-2026-13875
Chrome on Windows is affected by CVE-2026-13875 due to insufficient validation of untrusted input in the GPU, enabling a renderer-compromised attacker to potentially read process memory via a crafted HTML page. The issue is tied to Chromium-based Chrome and is reported as a Medium-severity vulner...
CVE-2026-13877
CVE-2026-13877 involves insufficient validation of untrusted input in ANGLE used by Google Chrome before version 150.0.7871.47. The issue allows a remote attacker who has already compromised the renderer process to potentially read sensitive data from process memory through a crafted HTML page. T...
CVE-2026-13874
CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...
CVE-2026-13872
Affected product: Google Chrome on Android (before version 150.0.7871.47). The vulnerability arises from insufficient validation of untrusted input in WebAppInstalls, enabling a local attacker to potentially perform a sandbox escape via a malicious file. CVE-2026-13872; Chromium-based severity li...
CVE-2026-13873
CVE-2026-13873 describes an out-of-bounds read in the Layout component of Google Chrome, exploitable via a crafted HTML page to potentially disclose memory contents. Affected software is Google Chrome (Chromium-based). The root cause is an out-of-bounds read in Layout, leading to potential inform...
CVE-2026-13871
CVE-2026-13871 affects Google Chrome (GuestView) with insufficient policy enforcement prior to 150.0.7871.47. A remote attacker who has compromised the renderer process could bypass site isolation via a crafted HTML page. The technical impact is a bypass of isolation mechanisms within Chrome’s Gu...
CVE-2026-13869
CVE-2026-13869 describes a use-after-free in Device in Google Chrome on Windows, before version 150.0.7871.47. A remote attacker who had already compromised the renderer process could potentially escape the sandbox via a crafted HTML page. The issue is tied to Chromium components and is classifie...
CVE-2026-13870
CVE-2026-13870 describes a use-after-free in WebView for Google Chrome on Android, before version 150.0.7871.47. The underlying issue is a use-after-free in WebView that could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. The impact is a hig...
CVE-2026-13867
CVE-2026-13867 affects Google Chrome’s Geolocation implementation. The vulnerability arises from an inappropriate Geolocation implementation, enabling a remote attacker to spoof UI via a crafted HTML page. Impact is UI spoofing with no confirmed exploitation details beyond the description; affect...
CVE-2026-13868
Technical details (affected components, root cause, fixes) are not publicly available in the provided documents; monitor for updates from official advisories.
CVE-2026-13866
CVE-2026-13866 affects Google Chrome on Android prior to 150.0.7871.47. The issue is an inappropriate implementation in Input that lets a remote attacker with renderer access bypass site isolation via a crafted HTML page. Impact is a site-isolation bypass with potential access to other origins; n...
CVE-2026-13865
CVE-2026-13865 : The connected records confirm an issue in Google Chrome/Chromium where insufficient validation of untrusted input in the browser UI allows a remote attacker to spoof the UI via a crafted HTML page. Affected component is the browser UI handling, with the root cause described as in...
CVE-2026-13864
CVE-2026-13864 affects Google Chrome WebHID. Prior to version 150.0.7871.47, insufficient policy enforcement allowed an attacker to escalate privileges by convincing a user to install a crafted Chrome Extension. Impact: local privilege escalation; exploitation requires user interaction (installin...
CVE-2026-13863
The CVE-2026-13863 entry describes insufficient validation of untrusted input in CustomTabs for Google Chrome on Android, prior to version 150.0.7871.47, enabling a local privilege escalation via a malicious file. Affected component: Chrome’s CustomTabs on Android; root cause: inadequate input va...
CVE-2026-13861
CVE-2026-13861 : Use-after-free in Chrome’s Core component prior to 150.0.7871.47 allows a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Exploitation details in the connected records indicate an impact across confidentiality, i...
CVE-2026-13862
CVE-2026-13862 affects Google Chrome on iOS (prior to 150.0.7871.47). The issue is insufficient policy enforcement in Web Authentication (Passkeys & Security Keys), allowing a privileged-network attacker to exfiltrate cross-origin data via a crafted HTML page. The vulnerability is described acros...
CVE-2026-13859
The CVE-2026-13859 entry describes an issue in ANGLE used by Google Chrome, where an inappropriate ANGLE implementation prior to Chrome 150.0.7871.47 could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Affected product/component: ANGLE in Chromium-based ...
CVE-2026-13860
Google Chrome on Windows is affected by CVE-2026-13860 due to an Incorrect security UI in Autofill, allowing UI spoofing when a user is induced to perform specific UI gestures via a crafted HTML page. The issue affects Chrome versions prior to 150.0.7871.47; exploitation requires user interaction...