Lucene search
K

370480 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13964

CVE-2026-13964 affects WebView in Google Chrome on Android. The vulnerability is due to insufficient policy enforcement that allowed bypassing navigation restrictions via a crafted HTML page. Impact is a medium severity remote issue. The documented fix is Chrome version 150.0.7871.47 or later; up...

6.5CVSS5.8AI score0.00277EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.15 views

CVE-2026-13963

In Chrome, CVE-2026-13963 involves an inappropriate DevTools implementation allowing a remote attacker to leak cross-origin data via a crafted HTML page when a user performs specific UI gestures. Affected product/area: Google Chrome DevTools. Vulnerable state: prior to version 150.0.7871.47. Root...

3.1CVSS5.8AI score0.00174EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13962

CVE-2026-13962 affects Google Chrome (Chromium-based) prior to 150.0.7871.47. The issue is insufficient data validation in PDF handling within the renderer process, allowing a remote attacker who has already compromised the renderer to bypass navigation restrictions via a crafted HTML page. The o...

6.5CVSS5.8AI score0.00272EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13961

The CVE-2026-13961 issue affects Google Chrome on Windows, specifically DevTools. It arises from insufficient validation of untrusted input, allowing a remote attacker who convinces a user to perform certain UI gestures to potentially read sensitive data from process memory via a crafted HTML pag...

5.3CVSS5.8AI score0.00265EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.11 views

CVE-2026-13960

Summary: CVE-2026-13960 describes an inappropriate implementation in Google Chrome’s Passwords feature prior to version 150.0.7871.47 that allows a remote attacker to perform UI spoofing through a crafted HTML page. The issue is tracked with a Medium severity (CVSS v3.1: 4.3) and involves network...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.12 views

CVE-2026-13959

The CVE-2026-13959 entry describes an issue in Blink (Chrome) where insufficient validation of untrusted input allows a remote attacker to bypass the Same Origin policy via a crafted HTML page. Affected software is Google Chrome (Blink engine) with versions prior to 150.0.7871.47. The impact is a...

4.3CVSS5.8AI score0.00238EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.15 views

CVE-2026-13958

CVE-2026-13958 concerns Google Chrome on Windows prior to 150.0.7871.47 where an uninitialized use in the codecs component could allow a remote attacker to read potentially sensitive data from process memory via a crafted HTML page. This is the explicit vulnerability scenario described across mul...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.15 views

CVE-2026-13956

CVE-2026-13956 affects Google Chrome’s PageInfo security UI, where an attacker could induce UI spoofing via a crafted HTML page. The issue is described as an incorrect security UI in PageInfo, allowing a remote attacker to exploit user interactions after luring a user to perform specific UI gestu...

4.2CVSS5.8AI score0.00199EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13957

Chrome extensions UXSS issue (CVE-2026-13957): Incorrect security UI in Extensions allowed a user-assisted attacker to inject arbitrary scripts/HTML via a crafted HTML page in Chrome before version 150.0.7871.47. Impact is partial and requires user interaction; update to Chrome 150.0.7871.47 or n...

4.2CVSS5.9AI score0.00148EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13954

The CVE-2026-13954 entry concerns Google Chrome on Android with an XML policy enforcement flaw. The issue is described as insufficient policy enforcement in XML that could allow a remote attacker to read potentially sensitive information from process memory via a crafted HTML page. Affected softw...

6.5CVSS5.8AI score0.00288EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13953

Summary: CVE-2026-13953 affects Google Chrome’s SplitView implementation in Chromium. An insecure/incorrect SplitView behavior allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. This is rated Medium (CVSSv3.1 base score 6....

6.5CVSS5.8AI score0.00262EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.78 views

CVE-2026-13955

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-13955.

3.3CVSS5.8AI score0.00111EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.23 views

CVE-2026-13951

CVE-2026-13951 concerns Google Chrome where insufficient policy enforcement in USB handling within the renderer can enable a sandbox escape via a crafted HTML page if the renderer is compromised. Affected product: Chrome/Chromium ecosystem; vulnerable component is the USB policy enforcement in th...

8.3CVSS5.8AI score0.00278EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.165 views

CVE-2026-13952

CVE-2026-13952 describes an inappropriate implementation in Chrome's PerformanceAPIs prior to 150.0.7871.47, allowing a remote attacker to leak cross-origin data through a crafted HTML page. The issue affects Google Chrome (Chromium-based). The vulnerability’s root cause is an insecure data expos...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13948

CVE-2026-13948 : Concrete details in connected records show an insufficient policy enforcement in Google Chrome extensions prior to 150.0.7871.47, enabling a user-assisted UI spoofing attack if a user is convinced to install a malicious Chrome Extension. Root cause: policy enforcement weakness in...

3.1CVSS5.8AI score0.00156EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13949

Technical details about CVE-2026-13949 are not publicly available in the provided documents. The records reference the vulnerability in Chrome on Android, but no concrete impact, affected versions, exploits, or remediation steps are included. Monitor for updates.

6.5CVSS5.8AI score0.00238EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.166 views

CVE-2026-13950

CVE-2026-13950 affects Google Chrome (GPU component) with an uninitialized use in GPU that could allow a remote attacker who already compromised the renderer process to read potentially sensitive data from process memory via a crafted HTML page. Affected version range is Chrome before 150.0.7871....

5.3CVSS5.8AI score0.0029EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.72 views

CVE-2026-13946

CVE-2026-13946 concerns Google Chrome on iOS. The issue is an inappropriate implementation in ScriptInjections , allowing a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Google Chrome on iOS prior to version 150.0.7871.47. Impact is cross-origin data leakage...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.148 views

CVE-2026-13945

CVE-2026-13945 concerns Google Chrome on Linux where insufficient policy enforcement in Extensions allows UI spoofing via a crafted extension. Affected: Chrome on Linux prior to version 150.0.7871.47. Impact is described as user interaction required for exploitation, enabling UI spoofing without ...

3.1CVSS5.8AI score0.00156EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.159 views

CVE-2026-13947

CVE-2026-13947 concerns Google Chrome’s XR handling. The vulnerability is described as an uninitialized use in XR that affects Chrome prior to version 150.0.7871.47 . A remote attacker who had already compromised the renderer process could potentially read sensitive information from the process m...

5.3CVSS5.8AI score0.0029EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder