CVE-2026-13993
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 01.07.2026 15:48:22
Incorrect security UI in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13994
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 06.07.2026 17:04:07
Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13995
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 06.07.2026 15:31:06
Insufficient validation of untrusted input in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13996
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 01.07.2026 19:42:58
Inappropriate implementation in Permissions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13997
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 01.07.2026 15:48:10
Incorrect security UI in Extensions in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Mediu...
CVE-2026-13998
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 01.07.2026 15:48:02
Incorrect security UI in File Input in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13999
- EPSS 0.13%
- Veröffentlicht 30.06.2026 23:17:12
- Zuletzt bearbeitet 01.07.2026 19:42:40
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security sever...
CVE-2026-13976
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:11
- Zuletzt bearbeitet 02.07.2026 16:46:32
Insufficient data validation in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13977
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:11
- Zuletzt bearbeitet 02.07.2026 16:46:40
Inappropriate implementation in HTMLParser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13978
- EPSS 0.2%
- Veröffentlicht 30.06.2026 23:17:11
- Zuletzt bearbeitet 02.07.2026 15:36:15
Insufficient policy enforcement in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)