Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
4.3 MEDIUM
CVE-2026-13978 — Google Chrome PageInfo UI Spoofing

Insufficient policy enforcement in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
5.3 MEDIUM
CVE-2026-13975 — ANGLE Out-of-Bounds Read

Out of bounds read in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process …

chrome macos chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.2 MEDIUM
CVE-2026-13973 — Google Chrome UI Spoofing

Inappropriate implementation in UI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML p…

linux_kernel chrome macos chrome windows | Remote | Misconfiguration
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13971 — Google Chrome Skia Information Disclosure

Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory vi…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13970 — Google Chrome Use After Free

Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory v…

linux_kernel chrome macos chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13969 — Google Chrome Uninitialized Use

Uninitialized Use in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process …

android chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-13966 — Google Chrome UI Spoofing

Inappropriate implementation in History in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
8.8 HIGH
CVE-2026-13965 — Google Chrome Use-After-Free

Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

chrome chrome | Remote | Memory Corruption
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
3.1 LOW
CVE-2026-13963 — Google Chrome DevTools Cross-Origin Data Leak

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a craft…

chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-13962 — Google Chrome PDF Navigation Restriction Bypass

Insufficient data validation in PDF in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML pag…

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
5.3 MEDIUM
CVE-2026-13961 — Google Chrome DevTools Information Disclosure

Insufficient validation of untrusted input in DevTools in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain po…

chrome chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.3 MEDIUM
CVE-2026-13960 — Google Chrome UI Spoofing

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

chrome chrome | Remote | Misconfiguration
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
4.3 MEDIUM
CVE-2026-13959 — Chrome Blink Same Origin Policy Bypass

Insufficient validation of untrusted input in Blink in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity…

chrome chrome | Remote | Authorization
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-13958 — Google Chrome Heap Buffer Overflow

Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chro…

chrome chrome windows | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
4.2 MEDIUM
CVE-2026-13957 — Google Chrome UXSS via Malicious Extensions

Incorrect security UI in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UXSS) via a …

chrome chrome | Remote | Cross-Site Scripting
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
4.2 MEDIUM
CVE-2026-13956 — Google Chrome: UI Spoofing via PageInfo Security UI Vulnerability

Incorrect security UI in PageInfo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML pa…

chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-13954 — Google Chrome for Android XML Policy Enforcement Information Disclosure

Insufficient policy enforcement in XML in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML …

android chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 01, 2026
Jun 30, 2026
Jul 01, 2026
5.3 MEDIUM
CVE-2026-13950 — Google Chrome Use-After-Free in GPU

Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via…

chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
6.5 MEDIUM
CVE-2026-13949 — Google Chrome Android Payments Information Disclosure

Insufficient policy enforcement in Payments in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted …

android chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
5.3 MEDIUM
CVE-2026-13947 — Google Chrome XR Uninitialized Use Information Disclosure

Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via …

chrome chrome | Remote | Information Disclosure
Jun 30, 2026 Jul 02, 2026
Jun 30, 2026
Jul 02, 2026
Showing 20 of 7988 Results