370598 matches found
CVE-2026-13884
CVE-2026-13884 affects Chromecast in Google Chrome prior to 150.0.7871.47, where an integer overflow could allow a local attacker to execute arbitrary code via malicious network traffic. The issue is documented across multiple feeds (NVD, Debian, EUVD, CVE listing, etc.). The base impact is high ...
CVE-2026-13885
Summary: CVE-2026-13885 is a use-after-free in Skia used by Google Chrome on Android, allowing remote code execution via a crafted HTML page. Affected product/component: Skia within Chrome on Android; Root cause: use-after-free in Skia rendering path. Impact: arbitrary code execution inside the b...
CVE-2026-13882
CVE-2026-13882 describes a race in USB handling in Google Chrome before 150.0.7871.47 that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue is documented across NVD, Debian, EUVD, and other feeds with a consistent desc...
CVE-2026-13880
Google Chrome for macOS prior to 150.0.7871.47 is affected by CVE-2026-13880 due to a use-after-free in USB handling that could allow a remote attacker who has compromised the renderer process to escape the sandbox via a crafted HTML page. The issue affects Chrome on Mac, with the mitigation bein...
CVE-2026-13881
CVE-2026-13881 details (concrete): In Google Chrome (Chromium WebAppInstalls) before version 150.0.7871.47, an inappropriate implementation allows a remote attacker to bypass the same-origin policy via a crafted HTML page. This is a network-exploitable issue with user interaction required and pot...
CVE-2026-13878
CVE-2026-13878: A use-after-free in Bluetooth in Google Chrome on macOS (before 150.0.7871.47) could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. Affected product: Google Chrome on macOS; root cause: use-after-free in ...
CVE-2026-13879
CVE-2026-13879 : Use-after-free in Bluetooth handling in Google Chrome (Chromium) prior to 150.0.7871.47. The issue allows an attacker on the local network segment to potentially read sensitive data from a process’s memory via a malicious Bluetooth peripheral. Affected component is Bluetooth code...
CVE-2026-13876
CVE-2026-13876 involves an inappropriate implementation in the Network stack of Google Chrome before version 150.0.7871.47 . The issue allows an attacker with a privileged network position to bypass the page content Security Policy (CSP) through malicious network traffic. The connected documents ...
CVE-2026-13877
CVE-2026-13877 involves insufficient validation of untrusted input in ANGLE used by Google Chrome before version 150.0.7871.47. The issue allows a remote attacker who has already compromised the renderer process to potentially read sensitive data from process memory through a crafted HTML page. T...
CVE-2026-13875
Chrome on Windows is affected by CVE-2026-13875 due to insufficient validation of untrusted input in the GPU, enabling a renderer-compromised attacker to potentially read process memory via a crafted HTML page. The issue is tied to Chromium-based Chrome and is reported as a Medium-severity vulner...
CVE-2026-13874
CVE-2026-13874 describes a race in DataTransfer in Google Chrome (Chromium) prior to version 150.0.7871.47 that could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a data race in the DataTransfer pathway, with a net...
CVE-2026-13873
CVE-2026-13873 describes an out-of-bounds read in the Layout component of Google Chrome, exploitable via a crafted HTML page to potentially disclose memory contents. Affected software is Google Chrome (Chromium-based). The root cause is an out-of-bounds read in Layout, leading to potential inform...
CVE-2026-13872
Affected product: Google Chrome on Android (before version 150.0.7871.47). The vulnerability arises from insufficient validation of untrusted input in WebAppInstalls, enabling a local attacker to potentially perform a sandbox escape via a malicious file. CVE-2026-13872; Chromium-based severity li...
CVE-2026-13869
CVE-2026-13869 describes a use-after-free in Device in Google Chrome on Windows, before version 150.0.7871.47. A remote attacker who had already compromised the renderer process could potentially escape the sandbox via a crafted HTML page. The issue is tied to Chromium components and is classifie...
CVE-2026-13870
CVE-2026-13870 describes a use-after-free in WebView for Google Chrome on Android, before version 150.0.7871.47. The underlying issue is a use-after-free in WebView that could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. The impact is a hig...
CVE-2026-13871
CVE-2026-13871 affects Google Chrome (GuestView) with insufficient policy enforcement prior to 150.0.7871.47. A remote attacker who has compromised the renderer process could bypass site isolation via a crafted HTML page. The technical impact is a bypass of isolation mechanisms within Chrome’s Gu...
CVE-2026-13868
Technical details (affected components, root cause, fixes) are not publicly available in the provided documents; monitor for updates from official advisories.
CVE-2026-13867
CVE-2026-13867 affects Google Chrome’s Geolocation implementation. The vulnerability arises from an inappropriate Geolocation implementation, enabling a remote attacker to spoof UI via a crafted HTML page. Impact is UI spoofing with no confirmed exploitation details beyond the description; affect...
CVE-2026-13865
CVE-2026-13865 : The connected records confirm an issue in Google Chrome/Chromium where insufficient validation of untrusted input in the browser UI allows a remote attacker to spoof the UI via a crafted HTML page. Affected component is the browser UI handling, with the root cause described as in...
CVE-2026-13866
CVE-2026-13866 affects Google Chrome on Android prior to 150.0.7871.47. The issue is an inappropriate implementation in Input that lets a remote attacker with renderer access bypass site isolation via a crafted HTML page. Impact is a site-isolation bypass with potential access to other origins; n...