CVE-2026-14034
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 01.07.2026 15:45:40
Inappropriate implementation in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14035
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 01.07.2026 15:45:29
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14036
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 02.07.2026 14:44:46
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14037
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 01.07.2026 15:44:31
Insufficient policy enforcement in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14038
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 01.07.2026 19:16:45
Insufficient validation of untrusted input in New Tab Page in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security ...
CVE-2026-14039
- EPSS 0.13%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 02.07.2026 14:44:22
Insufficient policy enforcement in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14040
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 02.07.2026 14:43:10
Use after free in BrowserTag in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2026-14041
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 02.07.2026 14:39:15
Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14042
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 02.07.2026 14:36:16
Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14043
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:16
- Zuletzt bearbeitet 02.07.2026 14:36:03
Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)