CVE-2026-14107
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:22
- Zuletzt bearbeitet 02.07.2026 05:16:39
Use after free in Scheduling in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14108
- EPSS 0.2%
- Veröffentlicht 30.06.2026 23:17:22
- Zuletzt bearbeitet 02.07.2026 05:16:39
Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low)
CVE-2026-14109
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:22
- Zuletzt bearbeitet 02.07.2026 13:55:55
Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14110
- EPSS 0.18%
- Veröffentlicht 30.06.2026 23:17:22
- Zuletzt bearbeitet 02.07.2026 13:45:50
Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14111
- EPSS 0.13%
- Veröffentlicht 30.06.2026 23:17:22
- Zuletzt bearbeitet 02.07.2026 05:16:39
Use after free in WebProtect in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2026-14090
- EPSS 0.28%
- Veröffentlicht 30.06.2026 23:17:21
- Zuletzt bearbeitet 02.07.2026 14:13:58
Insufficient validation of untrusted input in CameraCapture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14091
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:21
- Zuletzt bearbeitet 02.07.2026 05:16:38
Use after free in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14092
- EPSS 0.11%
- Veröffentlicht 30.06.2026 23:17:21
- Zuletzt bearbeitet 01.07.2026 18:32:54
Insufficient policy enforcement in Privacy in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-origin data via malicious network traffic. (Chromium security severity: Low)
CVE-2026-14093
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:21
- Zuletzt bearbeitet 01.07.2026 19:16:47
Use after free in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14094
- EPSS 0.11%
- Veröffentlicht 30.06.2026 23:17:21
- Zuletzt bearbeitet 02.07.2026 05:16:38
Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low)