CVE-2026-13846
- EPSS 0.28%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 02.07.2026 14:50:08
Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13847
- EPSS 0.28%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 02.07.2026 14:50:55
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13848
- EPSS 0.26%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 02.07.2026 05:16:34
Use after free in Forms in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13849
- EPSS 0.13%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 01.07.2026 19:16:38
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)
CVE-2026-13850
- EPSS 0.27%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 06.07.2026 18:48:13
Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High)
CVE-2026-13851
- EPSS 0.27%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 02.07.2026 14:52:29
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13852
- EPSS 0.27%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 02.07.2026 13:38:46
Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13853
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 01.07.2026 19:16:38
Use after free in Journeys in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13854
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 01.07.2026 19:16:39
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-13855
- EPSS 0.26%
- Veröffentlicht 30.06.2026 23:16:59
- Zuletzt bearbeitet 02.07.2026 05:16:34
Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)