Lucene search
K

370564 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.22 views

CVE-2026-14011

The affected component is Google Chrome (SurfaceCapture) with an out-of-bounds read vulnerability in versions prior to 150.0.7871.47. The issue could allow a remote attacker to read memory via a crafted HTML page. Severity is described as Medium by Chromium, with CVSS-driven impact: Confidentiali...

8.1CVSS5.8AI score0.00246EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.148 views

CVE-2026-14012

This CVE describes a side-channel information leakage in CSS within Google Chrome (Chromium) prior to version 150.0.7871.47. The vulnerability allows a remote attacker to exfiltrate potentially sensitive data from process memory via a crafted HTML page. The affected component is the CSS handling ...

5.3CVSS5.8AI score0.00205EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-14010

Google Chrome on Windows is affected by CVE-2026-14010 due to an uninitialized use in codecs prior to version 150.0.7871.47. A remote attacker could read potentially sensitive data from process memory via a crafted HTML page. This affects Chrome on Windows; the vulnerability is categorized as Med...

6.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-14008

CVE-2026-14008 describes an uninitialized-use flaw in WebXR within Google Chrome on Android (pre-150.0.7871.47). A crafted HTML page could cause the Chrome process to disclose potentially sensitive memory contents to remote attackers. The impact is information disclosure with a Medium severity pe...

6.5CVSS5.8AI score0.0025EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-14009

The vulnerability CVE-2026-14009 affects Google Chrome (Passwords component) due to an inappropriate implementation, enabling remote exploitation to potentially cause heap corruption via a crafted HTML page. Affected builds are prior to 150.0.7871.47; the issue is described with a Chromium severi...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-14006

CVE-2026-14006 affects Google Chrome prior to 150.0.7871.47 due to a use-after-free in Navigation, allowing remote code execution. Vulnerable component: Navigation in Chrome (Chromium). Impact: arbitrary code execution; severity shown as High (CVSS 3.1 base 8.8). Remediation: update Chrome to 150...

8.8CVSS6.2AI score0.00303EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.24 views

CVE-2026-14005

Google Chrome for Android is affected by a use-after-free in Omnibox leading to potential heap corruption via a crafted HTML page. This vulnerability requires user interaction (UI gestures) and can impact confidentiality, integrity, and availability as per CVSS. Affected component: Chrome Android...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-14007

CVE-2026-14007 affects Google Chrome prior to 150.0.7871.47. The root cause is insufficient policy enforcement in PermissionsPolicy, allowing a remote attacker to bypass navigation restrictions via a crafted HTML page. Exploitation status is not described in the provided documents. The vulnerabil...

6.5CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.29 views

CVE-2026-14003

Affected software/scope: Google Chrome extensions mechanism. Vulnerability: Insufficient policy enforcement in Chrome Extensions prior to 150.0.7871.47 allows a user-assisted attacker to leak cross-origin data when a malicious extension is installed. Underlying issue: policy enforcement weakness ...

4.3CVSS5.8AI score0.00148EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.23 views

CVE-2026-14004

The CVE-2026-14004 entry corresponds to Google Chrome’s CSS handling, where an inappropriate implementation in CSS allowed a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Chrome/Chromium before 150.0.7871.47. Root cause: faulty CSS implementation enabling cr...

6.5CVSS5.8AI score0.00299EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-14000

CVE-2026-14000 affects Google Chrome prior to 150.0.7871.47 due to an inappropriate XML implementation, enabling a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. The issue is documented across multiple sources (NVD, Debian OSV, CVE lists) with the same descrip...

6.1CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.22 views

CVE-2026-14002

CVE-2026-14002 affects Google Chrome Geolocation in Chromium, prior to 150.0.7871.47. Root cause is an inappropriate Geolocation implementation that lets a remote attacker who has compromised the renderer process perform UI spoofing via a crafted HTML page. Impact is UI spoofing with possible hig...

6.5CVSS5.8AI score0.00218EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-14001

CVE-2026-14001 corresponds to an UXSS vulnerability in Google Chrome. The issue is an inappropriate implementation in the network stack that affects Chrome prior to 150.0.7871.47, enabling a remote attacker to inject arbitrary scripts or HTML via a crafted HTML page. The vulnerability is describe...

6.1CVSS6AI score0.00171EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.14 views

CVE-2026-13999

CVE-2026-13999 affects Google Chrome where insufficient validation of untrusted input in Extensions can enable UI spoofing via a crafted Chrome Extension. The vulnerability is triggered when a user is convinced to install a malicious extension, allowing spoofed UI elements as described in multipl...

4.3CVSS5.8AI score0.00176EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.83 views

CVE-2026-13998

Impact: Affected software is Google Chrome on macOS. The vulnerability stems from an incorrect security UI in the File Input component, enabling UI spoofing when a user is induced to perform specific UI gestures via a crafted HTML page. Root cause: flawed security UI handling in Chrome/Chromium’s...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.87 views

CVE-2026-13997

The CVE-2026-13997 entry concerns Google Chrome on Android before 150.0.7871.47, where an incorrect security UI in Extensions could allow UI spoofing via a crafted HTML page if a user performed specific UI gestures after being convinced to engage them. The core issue is a flawed UI trust boundary...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13996

CVE-2026-13996 affects Google Chrome on desktop where an inappropriate implementation in the Permissions component allows a remote attacker to trigger UI spoofing via a crafted HTML page. The root cause is an improperPermissions implementation. The issue is mitigated by a Chrome update to version...

6.5CVSS5.8AI score0.00218EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.77 views

CVE-2026-13994

CVE-2026-13994 describes an issue in Google Chrome on Android related to Credential Management: an inappropriate implementation allows a remote attacker to perform UI spoofing via a crafted HTML page. The vulnerability affects Chrome versions prior to 150.0.7871.47 (Chromium security severity: Me...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.87 views

CVE-2026-13995

CVE-2026-13995 : Insufficient validation of untrusted input in Autofill for Google Chrome on Android allows a remote attacker to perform UI spoofing via a crafted HTML page. Affected are Chrome builds prior to 150.0.7871.47; remediation is to update to 150.0.7871.47 or a later version once releas...

4.3CVSS5.8AI score0.0023EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.25 views

CVE-2026-13993

The CVE-2026-13993 vulnerability affects Google Chrome WebAppInstalls via an Incorrect security UI flaw that allows domain spoofing when a user is induced to perform specific UI gestures on a crafted HTML page. Affected software is Chrome (Chromium-based) with versions prior to 150.0.7871.47. The...

4.2CVSS5.8AI score0.00154EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder