Lucene search
K

370369 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13892

CVE-2026-13892 concerns Chrome for iOS before version 150.0.7871.47, where an inappropriate implementation allowed a remote attacker who lured a user into specific UI gestures to leak cross-origin data via a crafted HTML page. The issue affects Chrome on iOS (Chromium-based) and has a Medium seve...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13893

CVE-2026-13893 affects Google Chrome (WebUI) with insufficient validation of untrusted input in WebUI, allowing a remote attacker to leak cross-origin data via malicious network traffic. Affected component: Chrome/WebUI; root cause: insufficient input validation in WebUI before version 150.0.7871...

6.5CVSS5.8AI score0.00293EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13891

Vulnerability summary (CVE-2026-13891): Insufficient validation of untrusted input in the Extensions component of Google Chrome up to version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to escalate privileges by loading a crafted HTML page. The issue is...

7.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13890

CVE-2026-13890 describes an out-of-bounds read in Chromecast within Google Chrome before version 150.0.7871.47. An attacker who already compromised the renderer process could exploit a crafted HTML page to read potentially sensitive information from process memory. The impact is data leakage of m...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13889

Consolidated analysis for CVE-2026-13889: A side-channel information leakage in WebAuthentication on Google Chrome for iOS (Chromium-based) affects the WebAuthentication component. The vulnerability allows a remote attacker to leak cross-origin data through a crafted HTML page. Affected product/a...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13888

The CVE-2026-13888 entry concerns a use-after-free in Chrome’s Extensions component affecting Chrome builds prior to 150.0.7871.47. The vulnerability allows a remote attacker to execute arbitrary code inside the Chrome sandbox via a crafted HTML page. Affected software: Google Chrome (Extensions ...

8.8CVSS6.2AI score0.00351EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13887

The CVE-2026-13887 entry relates to Google Chrome for Android, where an inappropriate NFC implementation before version 150.0.7871.47 allowed a remote attacker who had already compromised the renderer process to leak cross-origin data via a crafted HTML page. This is triggered by a renderer compr...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13886

Affected software: Google Chrome Isolated Web Apps. Vulnerability: insufficient policy enforcement that allows a remote attacker to bypass Content Security Policy via a crafted HTML page. Root cause (as described across connected sources): policy enforcement gaps in Isolated Web Apps prior to ver...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13884

CVE-2026-13884 affects Chromecast in Google Chrome prior to 150.0.7871.47, where an integer overflow could allow a local attacker to execute arbitrary code via malicious network traffic. The issue is documented across multiple feeds (NVD, Debian, EUVD, CVE listing, etc.). The base impact is high ...

8.8CVSS6.2AI score0.00204EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13883

CVE-2026-13883 describes a Type Confusion in ANGLE used by Google Chrome prior to 150.0.7871.47 that can potentially allow a remote attacker to perform a sandbox escape via a crafted HTML page. The vulnerability impact is described as high/critical (CVSS v3.1 base score 9.6) with network attack v...

9.6CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13885

Summary: CVE-2026-13885 is a use-after-free in Skia used by Google Chrome on Android, allowing remote code execution via a crafted HTML page. Affected product/component: Skia within Chrome on Android; Root cause: use-after-free in Skia rendering path. Impact: arbitrary code execution inside the b...

8.8CVSS6.2AI score0.00379EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13881

CVE-2026-13881 details (concrete): In Google Chrome (Chromium WebAppInstalls) before version 150.0.7871.47, an inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. This is a network-exploitable issue with user interaction required and pot...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13880

Google Chrome for macOS prior to 150.0.7871.47 is affected by CVE-2026-13880 due to a use-after-free in USB handling that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue affects Chrome on Mac, with the mitigation bein...

9.6CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13882

CVE-2026-13882 describes a race in USB handling in Google Chrome before 150.0.7871.47 that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue is documented across NVD, Debian, EUVD, and other feeds with a consistent desc...

9.6CVSS5.8AI score0.00224EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13878

CVE-2026-13878: A use-after-free in Bluetooth in Google Chrome on macOS (before 150.0.7871.47) could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected product: Google Chrome on macOS; root cause: use-after-free in ...

9.6CVSS5.8AI score0.0028EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13879

CVE-2026-13879 : Use-after-free in Bluetooth handling in Google Chrome (Chromium) prior to 150.0.7871.47. The issue allows an attacker on the local network segment to potentially read sensitive data from a process’s memory via a malicious Bluetooth peripheral. Affected component is Bluetooth code...

6.5CVSS5.8AI score0.00156EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13876

CVE-2026-13876 involves an inappropriate implementation in the Network stack of Google Chrome before version 150.0.7871.47 . The issue allows an attacker with a privileged network position to bypass the page content Security Policy (CSP) through malicious network traffic. The connected documents ...

6.5CVSS5.8AI score0.00227EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13877

CVE-2026-13877 involves insufficient validation of untrusted input in ANGLE used by Google Chrome before version 150.0.7871.47. The issue allows a remote attacker who has already compromised the renderer process to potentially read sensitive data from process memory through a crafted HTML page. T...

5.3CVSS5.8AI score0.00265EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13875

Chrome on Windows is affected by CVE-2026-13875 due to insufficient validation of untrusted input in the GPU, enabling a renderer-compromised attacker to potentially read process memory via a crafted HTML page. The issue is tied to Chromium-based Chrome and is reported as a Medium-severity vulner...

5.3CVSS5.8AI score0.00281EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.163 views

CVE-2026-13874

CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...

5.3CVSS5.8AI score0.00198EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder