CVE-2026-14132
- EPSS 0.18%
- Veröffentlicht 30.06.2026 23:17:24
- Zuletzt bearbeitet 01.07.2026 16:16:42
Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14133
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:24
- Zuletzt bearbeitet 01.07.2026 19:16:49
Race in History Embeddings in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14134
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:24
- Zuletzt bearbeitet 06.07.2026 15:30:11
Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14112
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 01.07.2026 17:10:36
Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML pag...
CVE-2026-14113
- EPSS 0.18%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 01.07.2026 20:02:11
Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14114
- EPSS 0.18%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 06.07.2026 14:51:38
Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. (Chromium security severity: Low)
CVE-2026-14115
- EPSS 0.18%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 02.07.2026 05:16:39
Insufficient validation of untrusted input in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14116
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 02.07.2026 14:14:21
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security seve...
CVE-2026-14117
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 01.07.2026 16:56:40
Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory...
CVE-2026-14118
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:23
- Zuletzt bearbeitet 02.07.2026 13:51:32
Insufficient data validation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)