Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-14152

Summary
Assigner-Chrome
Assigner Org ID-ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At-30 Jun, 2026 | 22:39
Updated At-01 Jul, 2026 | 18:31
Rejected At-
Credits

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:Chrome
Assigner Org ID:ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28
Published At:30 Jun, 2026 | 22:39
Updated At:01 Jul, 2026 | 18:31
Rejected At:
â–¼CVE Numbering Authority (CNA)

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Affected Products
Vendor
Google LLCGoogle
Product
Chrome
Versions
Affected
  • From 150.0.7871.47 before 150.0.7871.47 (custom)
Problem Types
TypeCWE IDDescription
N/AN/AOut of bounds write
Type: N/A
CWE ID: N/A
Description: Out of bounds write
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html
N/A
https://issues.chromium.org/issues/517534944
N/A
Hyperlink: https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html
Resource: N/A
Hyperlink: https://issues.chromium.org/issues/517534944
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.19.6CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:chrome-cve-admin@google.com
Published At:30 Jun, 2026 | 23:17
Updated At:01 Jul, 2026 | 19:16

Out of bounds read and write in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.19.6CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
N/A
Type: Secondary
Version: 3.1
Base score: 9.6
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
Type: N/A
Version:
Base score:
Base severity: N/A
Vector:
CPE Matches

Google LLC
google
>>chrome>>Versions before 150.0.7871.47(exclusive)
cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarychrome-cve-admin@google.com
CWE ID: CWE-787
Type: Primary
Source: chrome-cve-admin@google.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.htmlchrome-cve-admin@google.com
Release Notes
https://issues.chromium.org/issues/517534944chrome-cve-admin@google.com
Permissions Required
Hyperlink: https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html
Source: chrome-cve-admin@google.com
Resource:
Release Notes
Hyperlink: https://issues.chromium.org/issues/517534944
Source: chrome-cve-admin@google.com
Resource:
Permissions Required

Change History

0
Information is not available yet

Similar CVEs

2249Records found

CVE-2026-13920
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.32% / 23.43%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-13934
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.32% / 23.43%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14017
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:38
Updated-01 Jul, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2026-14037
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 15:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2026-14043
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-02 Jul, 2026 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in GetUserMedia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14044
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-02 Jul, 2026 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14055
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-chromewindowsChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14056
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.23% / 14.12%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14093
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.23% / 14.20%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Cast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Microsoft CorporationApple Inc.Linux Kernel Organization, IncGoogle LLC
Product-chromewindowsmacoslinux_kernelChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14095
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.23% / 14.21%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Microsoft CorporationApple Inc.Linux Kernel Organization, IncGoogle LLC
Product-chromewindowsmacoslinux_kernelChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14097
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.23% / 14.20%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in WebAppInstalls in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Apple Inc.Google LLC
Product-chromemacosChrome
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2026-14101
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.24% / 15.40%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in Sandbox in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2026-14105
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.17% / 6.26%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-02 Jul, 2026 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in Speech in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-346
Origin Validation Error
CVE-2026-14106
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-02 Jul, 2026 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeandroidChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14109
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-602
Client-Side Enforcement of Server-Side Security
CVE-2026-14113
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.24% / 15.51%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-01 Jul, 2026 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Updater in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-chromewindowsChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14120
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.28% / 19.36%
||
7 Day CHG~0.00%
Published-30 Jun, 2026 | 22:39
Updated-02 Jul, 2026 | 13:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2026-14382
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.28% / 19.36%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:21
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14390
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.24% / 14.28%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14398
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.21% / 11.87%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14405
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.31% / 22.45%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2026-14411
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.52%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:21
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-14416
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.24% / 15.32%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:21
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-14417
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.21% / 10.78%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14419
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.21% / 11.87%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14423
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.22% / 12.53%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:21
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2026-14424
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.21% / 11.87%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Apple Inc.Google LLC
Product-chromemacosChrome
CWE ID-CWE-416
Use After Free
CVE-2026-14425
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.22% / 12.23%
||
7 Day CHG~0.00%
Published-01 Jul, 2026 | 22:22
Updated-03 Jul, 2026 | 04:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11634
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.45%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-09 Jun, 2026 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-windowschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11638
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.45%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-09 Jun, 2026 | 20:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Printing in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11651
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.34% / 25.67%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-09 Jun, 2026 | 14:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11654
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.45%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-10 Jun, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in CameraCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCApple Inc.
Product-chromemacosChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11659
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.45%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-10 Jun, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in UI in Google Chrome on Linux prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLC
Product-linux_kernelchromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-11671
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.24% / 15.38%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-09 Jun, 2026 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Navigation in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11697
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.20% / 10.31%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:28
Updated-10 Jun, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in UI in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-12027
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.22% / 12.98%
||
7 Day CHG~0.00%
Published-11 Jun, 2026 | 20:48
Updated-23 Jun, 2026 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLCLinux Kernel Organization, IncMicrosoft CorporationApple Inc.
Product-macoslinux_kernelchromewindowsChrome
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-693
Protection Mechanism Failure
CVE-2026-12440
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-9.6||CRITICAL
EPSS-0.25% / 16.36%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 01:38
Updated-18 Jun, 2026 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Google LLCMicrosoft Corporation
Product-chromewindowsChrome
CWE ID-CWE-416
Use After Free
CVE-2026-13032
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.22% / 12.08%
||
7 Day CHG~0.00%
Published-24 Jun, 2026 | 18:43
Updated-25 Jun, 2026 | 18:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in WebGL in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Google LLC
Product-chromeandroidChrome
CWE ID-CWE-416
Use After Free
CVE-2026-10931
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.33% / 24.39%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:03
Updated-05 Jun, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-416
Use After Free
CVE-2026-10966
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.30% / 21.75%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:03
Updated-08 Jun, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-10971
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.3||HIGH
EPSS-0.32% / 24.28%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-06 Jun, 2026 | 13:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-windowschromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-10972
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.33% / 24.40%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-08 Jun, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLC
Product-linux_kernelchromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-10974
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.33% / 24.39%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-05 Jun, 2026 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-10983
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.33% / 24.40%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-05 Jun, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Google LLC
Product-Chrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-11002
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.3||HIGH
EPSS-0.30% / 22.12%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-07 Jun, 2026 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-chromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11009
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.33% / 24.39%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-08 Jun, 2026 | 14:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-windowschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11021
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.33% / 24.39%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-08 Jun, 2026 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-windowschromeChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-11029
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.3||HIGH
EPSS-0.23% / 14.13%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-10 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in Drag and Drop in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Google LLC
Product-chromeandroidChrome
CWE ID-CWE-20
Improper Input Validation
CVE-2026-11052
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.26% / 16.85%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-08 Jun, 2026 | 15:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Type Confusion in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-windowschromeChrome
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2026-11056
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.6||CRITICAL
EPSS-0.23% / 14.24%
||
7 Day CHG~0.00%
Published-04 Jun, 2026 | 23:04
Updated-08 Jun, 2026 | 15:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Action-Not Available
Vendor-Microsoft CorporationGoogle LLC
Product-windowschromeChrome
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 44
  • 45
  • Next
Details not found