CVE-2026-14071
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 01.07.2026 16:23:31
Side-channel information leakage in WebAudio in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14072
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 02.07.2026 13:44:02
Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14073
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 01.07.2026 16:21:37
Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14074
- EPSS 0.28%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 06.07.2026 19:51:30
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14075
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 06.07.2026 18:55:01
Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14076
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 01.07.2026 16:21:19
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14077
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 01.07.2026 20:01:40
Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14078
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:19
- Zuletzt bearbeitet 02.07.2026 05:16:38
Insufficient validation of untrusted input in WebRTC in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14057
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:18
- Zuletzt bearbeitet 01.07.2026 15:56:56
Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14058
- EPSS 0.25%
- Veröffentlicht 30.06.2026 23:17:18
- Zuletzt bearbeitet 02.07.2026 13:52:45
Insufficient policy enforcement in Parser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)