CVE-2026-15131
- EPSS 0.19%
- Veröffentlicht 08.07.2026 22:36:06
- Zuletzt bearbeitet 09.07.2026 17:49:38
Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-15107
- EPSS 0.2%
- Veröffentlicht 08.07.2026 22:36:06
- Zuletzt bearbeitet 09.07.2026 17:16:10
Use after free in IndexedDB in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-15130
- EPSS 0.19%
- Veröffentlicht 08.07.2026 22:36:05
- Zuletzt bearbeitet 09.07.2026 17:49:42
Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15128
- EPSS 0.16%
- Veröffentlicht 08.07.2026 22:36:05
- Zuletzt bearbeitet 09.07.2026 17:49:51
Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15127
- EPSS 0.16%
- Veröffentlicht 08.07.2026 22:36:05
- Zuletzt bearbeitet 09.07.2026 17:49:59
Inappropriate implementation in WebGL in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15126
- EPSS 0.2%
- Veröffentlicht 08.07.2026 22:36:04
- Zuletzt bearbeitet 09.07.2026 17:50:05
Use after free in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15125
- EPSS 0.2%
- Veröffentlicht 08.07.2026 22:36:04
- Zuletzt bearbeitet 09.07.2026 17:50:11
Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15124
- EPSS 0.17%
- Veröffentlicht 08.07.2026 22:36:04
- Zuletzt bearbeitet 09.07.2026 17:50:17
Insufficient policy enforcement in Passwords in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15123
- EPSS 0.16%
- Veröffentlicht 08.07.2026 22:36:03
- Zuletzt bearbeitet 09.07.2026 17:50:23
Inappropriate implementation in DOM in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-15122
- EPSS 0.16%
- Veröffentlicht 08.07.2026 22:36:03
- Zuletzt bearbeitet 09.07.2026 17:51:05
Insufficient validation of untrusted input in Codecs in Google Chrome on Windows prior to 150.0.7871.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec...