CVE-2026-13892
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 01.07.2026 19:32:01
Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security sever...
CVE-2026-13893
- EPSS 0.26%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 02.07.2026 16:39:31
Insufficient validation of untrusted input in WebUI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-13894
- EPSS 0.16%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 01.07.2026 19:31:54
Insufficient policy enforcement in Network in Google Chrome prior to 150.0.7871.47 allowed an attacker in a privileged network position to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13895
- EPSS 0.2%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 01.07.2026 15:42:24
Inappropriate implementation in Autofill in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13896
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 01.07.2026 19:31:34
Insufficient policy enforcement in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13897
- EPSS 0.27%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 02.07.2026 16:39:43
Insufficient policy enforcement in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13898
- EPSS 0.37%
- Veröffentlicht 30.06.2026 23:17:03
- Zuletzt bearbeitet 02.07.2026 16:39:53
Use after free in Cast Receiver in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13878
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 19:16:40
Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13879
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 15:43:03
Use after free in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious peripheral. (Chromium security severity: Medium)
CVE-2026-13880
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 19:16:40
Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)