CVE-2026-14147
- EPSS 0.16%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 15:53:09
Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14148
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 15:52:53
Type Confusion in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14149
- EPSS 0.24%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 02.07.2026 05:16:39
Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14150
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 19:16:49
Insufficient validation of untrusted input in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14151
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 16:16:44
Inappropriate implementation in AI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14152
- EPSS 0.17%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 19:16:49
Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14153
- EPSS 0.18%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 15:51:56
Inappropriate implementation in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14154
- EPSS 0.13%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 01.07.2026 15:51:48
Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
CVE-2026-14155
- EPSS 0.19%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 02.07.2026 13:43:37
Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-14156
- EPSS 0.21%
- Veröffentlicht 30.06.2026 23:17:26
- Zuletzt bearbeitet 02.07.2026 13:53:59
Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)