CVE-2026-13904
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 01.07.2026 19:31:24
Inappropriate implementation in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13905
- EPSS 0.09%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 01.07.2026 19:46:03
Race in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. (Chromium security severity: Medium)
CVE-2026-13906
- EPSS 0.28%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 01.07.2026 19:45:54
Out of bounds read in Codecs in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13907
- EPSS 0.2%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 01.07.2026 19:45:48
Inappropriate implementation in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium...
CVE-2026-13908
- EPSS 0.2%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 01.07.2026 19:31:01
Insufficient validation of untrusted input in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via malicious network traffic. (Ch...
CVE-2026-13909
- EPSS 0.28%
- Veröffentlicht 30.06.2026 23:17:04
- Zuletzt bearbeitet 02.07.2026 14:32:20
Insufficient policy enforcement in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Mediu...
CVE-2026-13888
- EPSS 0.26%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 02.07.2026 05:16:35
Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13889
- EPSS 0.25%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 01.07.2026 19:32:53
Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13890
- EPSS 0.26%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 01.07.2026 15:42:39
Out of bounds read in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security se...
CVE-2026-13891
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 02.07.2026 05:16:35
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: ...