Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-13793 — Google Chrome SVG Cross-Origin Data Leak

Insufficient policy enforcement in SVG in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

linux_kernel chrome macos chrome windows | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.1 HIGH
CVE-2026-13791 — Google Chrome Extension Arbitrary Code Execution

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via…

linux_kernel chrome macos chrome windows | Remote | Injection
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.8 HIGH
CVE-2026-13788 — Google Chrome for Android Use-After-Free in Fullscreen

Use after free in Fullscreen in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

android chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.1 HIGH
CVE-2026-13787 — Google Chrome Use-After-Free Remote Code Execution

Use after free in Chromoting in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critica…

chrome chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.8 HIGH
CVE-2026-13786 — Google Chrome Use-After-Free

Use after free in Ozone in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13785 — Google Chrome Use-after-free Sandbox Escape

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via…

chrome macos chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13784 — Google Chrome Use-After-Free

Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted H…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13783 — Google Chrome Use-after-free

Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted H…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
10.0 CRITICAL
CVE-2026-13782 — Google Chrome Use-After-Free Sandbox Escape

Use after free in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13781 — Google Chrome Skia Sandbox Escape

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape v…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.6 CRITICAL
CVE-2026-13780 — ANGLE Sandbox Escape

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape …

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.1 HIGH
CVE-2026-13779 — Google Chrome Use-After-Free Vulnerability

Use after free in Chromoting in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critic…

chrome chrome_os chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
7.8 HIGH
CVE-2026-13778 — Google Chrome WebUSB Use-After-Free Vulnerability

Use after free in WebUSB in Google Chrome on Mac prior to 150.0.7871.47 allowed a local attacker to execute arbitrary code via a malicious peripheral. (Chromium security severity: Critical)

chrome macos chrome | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.8 HIGH
CVE-2026-13777 — Google Chrome iOS Heap Corruption

Insufficient validation of untrusted input in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.8 CRITICAL
CVE-2026-13776 — Google Chrome Type Confusion Sandbox Escape

Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
9.8 CRITICAL
CVE-2026-13775 — Google Chrome Use-after-free Sandbox Escape

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.1 HIGH
CVE-2026-13774 — Google Chrome Extensions Use-After-Free Vulnerability

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension…

linux_kernel chrome macos chrome windows | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.1 HIGH
CVE-2025-71374 — picklescan - Arbitrary Code Execution via Undetected profile.Profile.run

picklescan before 0.0.29 fails to detect the built-in python profile.Profile.run function when used in pickle reduce methods, allowing attackers to execute arbitrary code. Remote attackers can craft …

picklescan | Remote | Injection
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.1 HIGH
CVE-2025-71371 — picklescan - Remote Code Execution via code.InteractiveInterpreter Detection Bypass

picklescan before 0.0.29 fails to detect malicious pickle files using code.InteractiveInterpreter.runcode in reduce methods. Attackers can craft pickle payloads that bypass picklescan detection and e…

picklescan | Remote | Injection
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
8.1 HIGH
CVE-2025-71368 — picklescan - Arbitrary Code Execution via Undetected doctest.debug_script

picklescan before 0.0.30 fails to detect the doctest.debug_script function when analyzing pickle files, allowing attackers to execute arbitrary code. Remote attackers can craft malicious pickle files…

picklescan | Remote | Injection
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
Showing 20 of 7990 Results