Lucene search
K

370596 matches found

CVE
CVE
added 2026/06/30 10:38 p.m.81 views

CVE-2026-13902

CVE-2026-13902 affects Chrome on iOS (Google Chrome on iOS) prior to version 150.0.7871.47 . The issue is described as an inappropriate implementation in Chrome for iOS that allows a remote attacker to perform UI spoofing via a crafted HTML page. The vulnerability is documented across multiple so...

4.3CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13899

CVE-2026-13899 affects Google Chrome (Chromium) prior to 150.0.7871.47, with a use-after-free in HTML that allows a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Impact is rated high (C/H/I/A: High). The vulnerability is addressed by updating to Chrome 150....

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13900

CVE-2026-13900 concerns Chromecast in Google Chrome. A flawed implementation allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. Affected software is Chrome/Chromecast prior to version 150.0.7871.47. This could enable navig...

6.5CVSS5.8AI score0.00297EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13901

The connected advisories identify CVE-2026-13901 as a Chrome/Chromium issue where insufficient policy enforcement in the Serial sandbox allowed a renderer-compromised page to potentially escape the sandbox via a crafted HTML page. Affected product: Google Chrome (Chromium-based) with versions pri...

9.6CVSS5.8AI score0.00345EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13897

Summary: CVE-2026-13897 affects Chromecast-in-Chrome functionality in Google Chrome, with the root cause described as insufficient policy enforcement. The vulnerability permits a remote attacker to escalate privileges via a crafted HTML page, under the condition that the target is on a Chrome ver...

8.8CVSS5.8AI score0.00304EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13898

CVE-2026-13898 affects Google Chrome’s Cast Receiver. A use-after-free flaw in the Cast Receiver component can be triggered by a crafted HTML page, enabling a remote attacker to execute arbitrary code inside the sandbox. Affected are Chrome versions prior to 150.0.7871.47; exploitation requires n...

8.8CVSS6.2AI score0.00413EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.22 views

CVE-2026-13894

Affected software: Google Chrome (Chromium-based). The issue is described as insufficient policy enforcement in the Network component prior to version 150.0.7871.47, allowing an attacker with a privileged network position to bypass navigation restrictions via a crafted HTML page. Severity is rate...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13895

CVE-2026-13895 concerns an inappropriate implementation in Google Chrome’s Autofill component (Chromium) prior to version 150.0.7871.47. A remote attacker could trigger UI spoofing by persuading a user to perform specific UI gestures on a crafted HTML page. The documented impact is limited to UI ...

4.2CVSS5.8AI score0.00212EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13896

The connected sources confirm CVE-2026-13896 affects Google Chrome (Chromium-based) with insufficient policy enforcement in “Glic” prior to version 150.0.7871.47, enabling a remote attacker to bypass navigation restrictions via a crafted HTML page. The impact is described as medium. The vulnerabi...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13893

CVE-2026-13893 affects Google Chrome (WebUI) with insufficient validation of untrusted input in WebUI, allowing a remote attacker to leak cross-origin data via malicious network traffic. Affected component: Chrome/WebUI; root cause: insufficient input validation in WebUI before version 150.0.7871...

6.5CVSS5.8AI score0.00293EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.21 views

CVE-2026-13891

Vulnerability summary (CVE-2026-13891): Insufficient validation of untrusted input in the Extensions component of Google Chrome up to version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to escalate privileges by loading a crafted HTML page. The issue is...

7.5CVSS5.8AI score0.00302EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13892

CVE-2026-13892 concerns Chrome for iOS before version 150.0.7871.47, where an inappropriate implementation allowed a remote attacker who lured a user into specific UI gestures to leak cross-origin data via a crafted HTML page. The issue affects Chrome on iOS (Chromium-based) and has a Medium seve...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13890

CVE-2026-13890 describes an out-of-bounds read in Chromecast within Google Chrome before version 150.0.7871.47. An attacker who already compromised the renderer process could exploit a crafted HTML page to read potentially sensitive information from process memory. The impact is data leakage of m...

5.3CVSS5.8AI score0.00264EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.16 views

CVE-2026-13888

The CVE-2026-13888 entry concerns a use-after-free in Chrome’s Extensions component affecting Chrome builds prior to 150.0.7871.47. The vulnerability allows a remote attacker to execute arbitrary code inside the Chrome sandbox via a crafted HTML page. Affected software: Google Chrome (Extensions ...

8.8CVSS6.2AI score0.00351EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13889

Consolidated analysis for CVE-2026-13889: A side-channel information leakage in WebAuthentication on Google Chrome for iOS (Chromium-based) affects the WebAuthentication component. The vulnerability allows a remote attacker to leak cross-origin data through a crafted HTML page. Affected product/a...

6.5CVSS5.8AI score0.00296EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.18 views

CVE-2026-13886

Affected software: Google Chrome Isolated Web Apps. Vulnerability: insufficient policy enforcement that allows a remote attacker to bypass Content Security Policy via a crafted HTML page. Root cause (as described across connected sources): policy enforcement gaps in Isolated Web Apps prior to ver...

6.5CVSS5.8AI score0.00242EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.26 views

CVE-2026-13887

The CVE-2026-13887 entry relates to Google Chrome for Android, where an inappropriate NFC implementation before version 150.0.7871.47 allowed a remote attacker who had already compromised the renderer process to leak cross-origin data via a crafted HTML page. This is triggered by a renderer compr...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.17 views

CVE-2026-13883

CVE-2026-13883 describes a Type Confusion in ANGLE used by Google Chrome prior to 150.0.7871.47 that can potentially allow a remote attacker to perform a sandbox escape via a crafted HTML page. The vulnerability impact is described as high/critical (CVSS v3.1 base score 9.6) with network attack v...

9.6CVSS5.8AI score0.00306EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.19 views

CVE-2026-13884

CVE-2026-13884 affects Chromecast in Google Chrome prior to 150.0.7871.47, where an integer overflow could allow a local attacker to execute arbitrary code via malicious network traffic. The issue is documented across multiple feeds (NVD, Debian, EUVD, CVE listing, etc.). The base impact is high ...

8.8CVSS6.2AI score0.00204EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 10:38 p.m.20 views

CVE-2026-13885

Summary: CVE-2026-13885 is a use-after-free in Skia used by Google Chrome on Android, allowing remote code execution via a crafted HTML page. Affected product/component: Skia within Chrome on Android; Root cause: use-after-free in Skia rendering path. Impact: arbitrary code execution inside the b...

8.8CVSS6.2AI score0.00379EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder