Lucene search
K

371596 matches found

CVE
CVE
added 2026/07/01 10:21 p.m.22 views

CVE-2026-14428

The CVE-2026-14428 entry covers Google Chrome on Android (Dawn) with insufficient validation of untrusted input, allowing a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Affected software is Chrome on Android, spe...

8.3CVSS5.8AI score0.00259EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.36 views

CVE-2026-14411

CVE-2026-14411 describes insufficient validation of untrusted input in ANGLE used by Google Chrome, prior to build 150.0.7871.46. The issue may allow a remote attacker to cause a sandbox escape via a crafted HTML page. Documented impact is a high-severity, likely remote threat affecting ANGLE int...

9.6CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.47 views

CVE-2026-14382

CVE-2026-14382 affects Chrome’s ANGLE component. The issue is insufficient validation of untrusted input in ANGLE, enabling a remote sandbox-escape via a crafted HTML page. Product/versions: Google Chrome prior to 150.0.7871.46. Impact: sandbox escape potential with high severity (per Chromium ad...

9.6CVSS5.8AI score0.00276EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.55 views

CVE-2026-14401

CVE-2026-14401 affects Google Chrome on Android through ANGLE, where insufficient validation of untrusted input in ANGLE prior to 150.0.7871.46 enables a renderer-Process-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is described as high ...

8.3CVSS5.8AI score0.00237EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.22 views

CVE-2026-14381

CVE-2026-14381 affects Google Chrome’s WebAppInstalls UI. A crafted HTML page can trigger UI spoofing due to an incorrect security UI in WebAppInstalls prior to Chrome 150.0.7871.46. Impact: remote attacker could spoof UI. Mitigation: update to Chrome 150.0.7871.46 or later (Chromium-based). Refe...

6.5CVSS5.8AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.17 views

CVE-2026-14415

In Chrome, CVE-2026-14415 concerns an inappropriate implementation in V8 that affects Google Chrome before version 150.0.7871.46. A remote attacker could exploit the issue by persuading a user to perform specific UI gestures, potentially triggering heap corruption through a crafted HTML page. The...

8.8CVSS5.8AI score0.00253EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.21 views

CVE-2026-14407

CVE-2026-14407: In Google Chrome, an inappropriate implementation in the V8 engine prior to 150.0.7871.46 allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Affects the V8 implementation in Chrome; details indicate a sandbox escape/vector leadin...

8.8CVSS6.2AI score0.00319EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.18 views

CVE-2026-14409

CVE-2026-14409 affects the Chrome V8 engine prior to 150.0.7871.46. Affected component: V8 in Google Chrome. Root cause: inappropriate implementation allowing a remote attacker to execute arbitrary code inside a sandbox when a user is tricked into performing specific UI gestures on a crafted HTML...

7.5CVSS6.2AI score0.00265EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.24 views

CVE-2026-14383

The CVE-2026-14383 entry concerns Google Chrome’s V8 engine. Affected component: V8 in Chrome prior to version 150.0.7871.46. Description from multiple sources indicates an inappropriate implementation allowed remote attackers to execute arbitrary code inside the browser sandbox via a crafted HTM...

8.8CVSS6.2AI score0.00348EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.16 views

CVE-2026-14404

CVE-2026-14404 affects Google Chrome via an incorrect implementation in PDFium, enabling a remote attacker to achieve UI spoofing through a crafted PDF file. The vulnerability is tied to Chrome versions before 150.0.7871.46 (Chromium security severity: Medium). The underlying root cause is an ina...

6.5CVSS5.8AI score0.00202EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.39 views

CVE-2026-14410

CVE-2026-14410 affects Google Chrome’s Skia rendering pipeline. The issue arises from an inappropriate implementation in Skia that, if a renderer process is compromised, enables UI spoofing via a crafted HTML page. Impact is limited to remote UI spoofing with no broader exploit chain described; b...

4.3CVSS5.8AI score0.0019EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.28 views

CVE-2026-14427

CVE-2026-14427 : Heap buffer overflow in Skia used by Google Chrome prior to 150.0.7871.46. A remote attacker who already compromised the renderer could potentially escape the sandbox via a crafted HTML page. Affected: Chrome/Skia stack (Chrome 150 pre-release fix applies). Root cause: heap buffe...

8.3CVSS6.1AI score0.00245EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:21 p.m.23 views

CVE-2026-14385

CVE-2026-14385 : Heap buffer overflow in ANGLE within Google Chrome on macOS prior to 150.0.7871.46 allows a remote attacker to trigger out-of-bounds memory access via a crafted HTML page. The issue affects ANGLE in Chrome and is tied to the macOS build; CVSS v3.1 base score: 8.8 (High). Remediat...

8.8CVSS6.1AI score0.00327EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/07/01 10:20 p.m.18 views

CVE-2026-50283

Craft CMS versions 5.0.0-RC1–5.9.20 and 4.0.0-RC1–4.17.13 contain an authorization issue in AssetsController::actionReplaceFile that can delete a source asset without source delete permission when both assetId and sourceAssetId are supplied. The runtime loads assetId ($assetToReplace) and sourceA...

5.3CVSS5.8AI score0.00265EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 10:2 p.m.13 views

CVE-2026-50143

Technical details are not publicly available in the provided documents for CVE-2026-50143. The description indicates a reserved placeholder; monitor for updates and published specifics once available.

Exploits0References4
CVE
CVE
added 2026/07/01 9:59 p.m.14 views

CVE-2026-50139

Technical details for CVE-2026-50139 are not publicly available in the provided documents. No affected products, vectors, or remediation are listed. Monitor for updates as new information is published.

Exploits0References6
CVE
CVE
added 2026/07/01 9:57 p.m.16 views

CVE-2026-55793

Craft CMS versions 5.0.0-RC1–5.9.22 are affected by a stored XSS in a Structure entry title. An author-level control panel user can insert malicious JavaScript into an entry title. When a victim with saveEntries permission drags another entry under the poisoned one in table view, the payload exec...

5.9CVSS5.7AI score0.00412EPSS
Exploits0References2
CVE
CVE
added 2026/07/01 9:56 p.m.18 views

CVE-2026-50138

Technical details for CVE-2026-50138 are not provided in the supplied documents. This CVE entry is reserved/placeholder with no public details. Monitor for updates as information becomes available.

Exploits0References7
CVE
CVE
added 2026/07/01 9:51 p.m.17 views

CVE-2026-53712

Technical details for CVE-2026-53712 are not publicly available in the provided documents. Monitor for updates.

Exploits0References4
CVE
CVE
added 2026/07/01 9:48 p.m.27 views

CVE-2026-50163

Technical details for CVE-2026-50163 are not publicly available in the provided documents. No affected products, root cause, or remediation are specified. Monitor for updates.

Exploits0References7
Rows per page
Query Builder