Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-14075 — Google Chrome for iOS No-Referrer Policy Bypass

Insufficient policy enforcement in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass no-referrer policy via a crafted HTML page. (Chromium security sev…

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-14074 — Google Chrome iOS Side-Channel Information Leak

Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security se…

chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-14073 — Google Chrome WebXR Navigation Restriction Bypass

Insufficient validation of untrusted input in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security sev…

linux_kernel chrome macos chrome windows | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-14072 — Google Chrome SplitView UI Spoofing

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-14071 — Google Chrome WebAudio Information Leak

Side-channel information leakage in WebAudio in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-14070 — Google Chrome WebNN Integer Overflow Information Disclosure

Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-14069 — Google Chrome WebNN Integer Overflow Information Disclosure

Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.1 MEDIUM
CVE-2026-14068 — Google Chrome iOS Omnibox UXSS

Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or …

chrome iphone_os chrome | Remote | Cross-Site Scripting
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.8 HIGH
CVE-2026-14067 — Google Chrome iOS Use After Free

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

chrome iphone_os chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
4.3 MEDIUM
CVE-2026-14066 — Google Chrome for iOS Navigation Restriction Bypass

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chrom…

chrome iphone_os chrome | Remote | Authorization
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-14065 — Google Chrome: Insufficient Validation of Untrusted Input in PageInfo

Insufficient validation of untrusted input in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via…

linux_kernel chrome macos chrome windows | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.5 HIGH
CVE-2026-14064 — Google Chrome Android Use-After-Free

Use after free in PageInfo in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted …

chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
5.7 MEDIUM
CVE-2026-14063 — Google Chrome Out-of-Bounds Read

Out of bounds read in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via malicious network traffic. (Chrom…

linux_kernel chrome macos chrome windows | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
6.5 MEDIUM
CVE-2026-14061 — Chrome Dawn Information Disclosure

Inappropriate implementation in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
7.8 HIGH
CVE-2026-14060 — Google Chrome Chromoting Local Privilege Escalation

Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium se…

chrome chrome | Path Traversal
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-14059 — Google Chrome: Related-Website-Sets Cross-Origin Data Leak

Insufficient policy enforcement in Related-Website-Sets in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severit…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-14058 — Google Chrome Content Security Policy Bypass

Insufficient policy enforcement in Parser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
4.3 MEDIUM
CVE-2026-14057 — Google Chrome FedCM Same Origin Policy Bypass

Inappropriate implementation in FedCM in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.6 CRITICAL
CVE-2026-14056 — Google Chrome Media Sandbox Escape

Insufficient validation of untrusted input in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape …

chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
9.6 CRITICAL
CVE-2026-14055 — Google Chrome Device Trust Sandbox Escape

Insufficient validation of untrusted input in Device Trust in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform…

chrome chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
Showing 20 of 7990 Results