CVE-2026-13916
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:05
- Zuletzt bearbeitet 06.07.2026 18:30:51
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13917
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:05
- Zuletzt bearbeitet 01.07.2026 19:30:36
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (C...
CVE-2026-13918
- EPSS 0.32%
- Veröffentlicht 30.06.2026 23:17:05
- Zuletzt bearbeitet 06.07.2026 18:30:22
Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13919
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:05
- Zuletzt bearbeitet 01.07.2026 19:30:23
Insufficient policy enforcement in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13920
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:05
- Zuletzt bearbeitet 01.07.2026 19:30:17
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...
CVE-2026-13899
- EPSS 0.37%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 02.07.2026 16:40:02
Use after free in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13900
- EPSS 0.31%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 02.07.2026 16:40:12
Inappropriate implementation in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13901
- EPSS 0.31%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 02.07.2026 14:34:13
Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13902
- EPSS 0.25%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 06.07.2026 18:47:53
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13903
- EPSS 0.31%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 02.07.2026 16:40:20
Insufficient policy enforcement in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)