Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.8 HIGH
CVE-2026-13885 — Skia Use-After-Free Vulnerability

Use after free in Skia in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Me…

android chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.8 HIGH
CVE-2026-13884 — Google Chrome Integer Overflow Remote Code Execution

Integer overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Medium)

chrome chrome | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13883 — ANGLE Type Confusion Sandbox Escape

Type Confusion in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.6 CRITICAL
CVE-2026-13882 — Google Chrome USB Race Condition Sandbox Escape

Race in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur…

linux_kernel chrome macos chrome windows | Remote | Race Condition
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-13881 — Google Chrome: WebAppInstalls Same Origin Policy Bypass

Inappropriate implementation in WebAppInstalls in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Med…

linux_kernel chrome macos chrome windows | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.6 CRITICAL
CVE-2026-13880 — Google Chrome USB Use-After-Free Sandbox Escape

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…

chrome macos chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-13879 — Google Chrome Use-After-Free in Bluetooth

Use after free in Bluetooth in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via a malicious pe…

linux_kernel chrome macos chrome windows | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.6 CRITICAL
CVE-2026-13878 — Google Chrome Bluetooth Use-After-Free Sandbox Escape

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…

chrome macos chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13877 — ANGLE Information Disclosure

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informat…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13875 — Google Chrome GPU Information Disclosure

Insufficient validation of untrusted input in GPU in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive…

chrome chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13874 — Google Chrome DataTransfer Race Condition Information Disclosure

Race in DataTransfer in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security seve…

linux_kernel chrome macos chrome windows | Remote | Race Condition
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-13873 — Google Chrome Out-of-Bounds Read Information Disclosure

Out of bounds read in Layout in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.1 CRITICAL
CVE-2026-13872 — Google Chrome Android WebAppInstalls Sandbox Escape

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to potentially perform a sandbox escape via a malicious file. …

chrome chrome | Remote | Path Traversal
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.8 HIGH
CVE-2026-13870 — Google Chrome Android Use-After-Free

Use after free in WebView in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity:…

android chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13869 — Google Chrome Use-After-Free Sandbox Escape

Use after free in Device in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…

chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-13868 — Google Chrome: Site Isolation Bypass

Inappropriate implementation in Network in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HT…

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-13867 — Google Chrome UI Spoofing

Inappropriate implementation in Geolocation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-13866 — Google Chrome Android Information Disclosure

Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML…

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.8 HIGH
CVE-2026-13863 — Google Chrome CustomTabs Privilege Escalation

Insufficient validation of untrusted input in CustomTabs in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium se…

chrome chrome | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-13862 — Google Chrome iOS Web Authentication Data Leak

Insufficient policy enforcement in Web Authentication (Passkeys & Security Keys) in Google Chrome on iOS prior to 150.0.7871.47 allowed an attacker in a privileged network position to leak cross-orig…

chrome iphone_os chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
Showing 20 of 7990 Results