CVE-2026-13881
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 18:21:46
Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13882
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 18:21:22
Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13883
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 19:16:41
Type Confusion in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13884
- EPSS 0.15%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 02.07.2026 05:16:35
Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-13885
- EPSS 0.26%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 02.07.2026 05:16:35
Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13886
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 01.07.2026 18:15:37
Insufficient policy enforcement in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13887
- EPSS 0.23%
- Veröffentlicht 30.06.2026 23:17:02
- Zuletzt bearbeitet 06.07.2026 14:56:30
Inappropriate implementation in NFC in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13867
- EPSS 0.2%
- Veröffentlicht 30.06.2026 23:17:01
- Zuletzt bearbeitet 02.07.2026 14:37:37
Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13868
- EPSS 0.22%
- Veröffentlicht 30.06.2026 23:17:01
- Zuletzt bearbeitet 06.07.2026 14:59:53
Inappropriate implementation in Network in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-13869
- EPSS 0.32%
- Veröffentlicht 30.06.2026 23:17:01
- Zuletzt bearbeitet 06.07.2026 18:57:11
Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)