Skip to main content

Information Disclosure

66654 CVEs technique

Monthly

CVE-2026-14134 MEDIUM PATCH This Month

Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14133 MEDIUM PATCH This Month

UI spoofing via race condition in Google Chrome's History Embeddings component (versions prior to 150.0.7871.47) enables remote attackers to present falsified browser interface elements to users through a crafted HTML page. The flaw requires both high attack complexity - a precisely timed race window - and victim interaction, yielding only limited confidentiality and integrity impact with no code execution capability. No public exploit or active exploitation has been identified; EPSS at 0.14% (4th percentile) and SSVC exploitation status of 'none' confirm extremely low real-world exploitation probability at time of analysis.

Information Disclosure Race Condition Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-14132 MEDIUM PATCH This Month

UI spoofing in Google Chrome's WebXR component (all versions prior to 150.0.7871.47) allows remote attackers to misrepresent browser interface elements when a victim visits a crafted HTML page. The flaw stems from an inappropriate implementation in the WebXR Device API, enabling manipulation of what the user perceives as trusted UI - potentially obscuring origin indicators, security state, or page identity. No public exploit code exists and EPSS stands at 0.18% (8th percentile); CISA SSVC rates exploitation as none with partial technical impact, placing this firmly in the lower-priority tier despite its network-accessible vector.

Information Disclosure Google Suse
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2026-14131 MEDIUM PATCH This Month

UI spoofing in Google Chrome's WebAppInstalls component (prior to 150.0.7871.47) is reachable only after an attacker has already compromised the Chrome renderer process, making this a chained, post-exploitation capability rather than a standalone entry point. With a compromised renderer, the attacker can serve a crafted HTML page that bypasses insufficient input validation in WebAppInstalls to forge Chrome's native UI - potentially deceiving users into trusting malicious web app install prompts or dialogs. No public exploit or active exploitation (CISA KEV) is confirmed; EPSS sits at 0.18% (8th percentile), consistent with the high prerequisite barrier and Chromium's own 'Low' severity rating.

Information Disclosure Google Suse
NVD
CVSS 3.1
5.4
EPSS
0.2%
CVE-2026-14130 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Omnibox (address bar) prior to version 150.0.7871.47 allows a remote attacker to misrepresent origin or security indicators to a victim via a crafted HTML page. Rooted in CWE-451 (misrepresentation of critical security information), the flaw can enable phishing or origin-confusion attacks by deceiving users into trusting a false domain indicator. No public exploit code exists, CISA SSVC rates exploitation as none, and the EPSS score of 0.18% (8th percentile) confirms this is low-priority outside phishing-sensitive deployments.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14129 MEDIUM PATCH This Month

UI spoofing in Google Chrome for Android (prior to 150.0.7871.47) via the PreviewTab feature allows remote attackers to misrepresent interface elements through a crafted HTML page. Successful exploitation requires high attack complexity - specifically, the attacker must convince a victim to perform particular UI gestures - limiting this to targeted rather than opportunistic attacks. No active exploitation or public proof-of-concept has been identified; the Chromium security team rates this as Low severity, consistent with its constrained CVSS 4.2 score.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-14128 MEDIUM PATCH This Month

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Apple Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14127 MEDIUM PATCH This Month

Inappropriate implementation in Printing in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14126 MEDIUM PATCH This Month

Domain spoofing in Google Chrome for Android (versions prior to 150.0.7871.47) allows remote attackers to deceive users about the origin of a webpage by exploiting incorrect rendering of security-critical UI elements via a crafted HTML page. User interaction is required - the victim must navigate to the attacker-controlled page - and impact is limited to integrity (UI misrepresentation), with no direct confidentiality or availability consequences. No active exploitation is confirmed (not in CISA KEV) and EPSS of 0.17% at the 7th percentile reflects minimal real-world exploitation activity; Google itself rates this 'Low' severity.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14125 MEDIUM PATCH This Month

Uninitialized memory use in Chrome's ANGLE graphics layer exposes potentially sensitive process memory contents to remote attackers who can entice a user to visit a crafted HTML page. The flaw affects all Chrome versions prior to 150.0.7871.47, with High confidentiality impact per CVSS despite Google's own Chromium severity rating of Low - a discrepancy suggesting practical extraction of meaningful data is constrained in real-world conditions. No public exploit identified at time of analysis, and no CISA KEV listing; a vendor patch has been released.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-14123 MEDIUM PATCH This Month

Omnibox (URL bar) spoofing in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to display a fraudulent URL in the browser's address bar by delivering a crafted HTML page. The root cause is classified as CWE-451 (UI Misrepresentation of Critical Information), meaning the security UI fails to accurately reflect the true origin of displayed content - a condition that directly undermines phishing defenses. No public exploit code has been identified at time of analysis, and the EPSS score of 0.18% (8th percentile) indicates very low observed exploitation pressure, consistent with the Chromium team's own 'Low' severity rating.

Information Disclosure Apple Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14122 HIGH PATCH This Week

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-14120 CRITICAL PATCH Act Now

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14119 MEDIUM PATCH This Month

Type confusion in Chrome's Bluetooth stack on Windows (versions prior to 150.0.7871.47) enables an adjacent-network attacker to exfiltrate sensitive data from Chrome process memory by presenting a malicious Bluetooth peripheral. The CVSS 6.5 score reflects high confidentiality impact but no integrity or availability exposure; notably, Chromium's internal security team rated this Low severity, suggesting the memory regions accessible are constrained. No public exploit code and no CISA KEV listing exist at time of analysis, and exploitation is physically bounded by Bluetooth range.

Memory Corruption Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-14118 MEDIUM PATCH This Month

Cross-origin data leak in Google Chrome DevTools prior to version 150.0.7871.47 exposes sensitive information from foreign origins when a victim visits a crafted HTML page and performs attacker-directed UI gestures. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms high confidentiality impact with no integrity or availability consequences. No public exploit identified at time of analysis, and EPSS of 0.18% at the 8th percentile - combined with Chromium's own 'Low' severity classification - signals limited real-world exploitation likelihood despite the Medium NVD score.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14117 MEDIUM PATCH This Month

Memory disclosure via DevTools in Google Chrome on Windows (prior to 150.0.7871.47) enables a remote attacker to read sensitive process memory contents by delivering a crafted HTML page and manipulating the victim into performing specific UI gestures. The vulnerability is Windows-platform-exclusive and carries a Chromium-internal severity of Low, consistent with SSVC's assessment of no current exploitation and non-automatable delivery. No active exploitation or public exploit code has been identified at time of analysis, though the CVSS C:H rating reflects meaningful confidentiality risk if successfully triggered.

Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-14116 MEDIUM PATCH This Month

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14114 HIGH PATCH This Week

Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-14112 MEDIUM PATCH This Month

Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-14110 MEDIUM PATCH This Month

Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14109 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop before 150.0.7871.47 lets an attacker who has already compromised the renderer process bypass Mojo IPC policy enforcement and break out of the sandbox using a crafted HTML page. This is a second-stage flaw in the Mojo inter-process communication layer rather than an initial-access bug, and Google itself rated the Chromium security severity as Low despite the NVD CVSS of 9.6. No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile).

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14106 CRITICAL PATCH Act Now

Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14101 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox through a crafted HTML page. The root cause is insufficient policy enforcement in Chrome's macOS sandbox (CWE-693). No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile); Google's own Chromium security team rated the severity 'Low', which conflicts sharply with the CVSS 9.6 assigned by NVD.

Information Disclosure Google Red Hat Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14100 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's NetworkCache component affects all desktop versions prior to 150.0.7871.47, enabling remote attackers to read sensitive cached data belonging to other origins. Exploitation requires a victim to visit a specially crafted HTML page, placing this squarely in the browser-based phishing and malvertising threat model. No public exploit code or active exploitation has been identified; an EPSS score of 0.17% (7th percentile) and Chromium's own Low severity classification indicate low immediate exploitation probability despite the Medium CVSS base score.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14098 MEDIUM PATCH This Month

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14097 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS prior to 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the WebAppInstalls component. Chromium rated the underlying issue Low severity even though the CVSS base score is 9.6, and there is no public exploit identified at time of analysis; EPSS is 0.17% (7th percentile). The vulnerability is a second-stage primitive that requires prior renderer code execution, not a standalone drive-by.

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14096 MEDIUM PATCH This Month

Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14095 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop versions prior to 150.0.7871.47 lets an attacker who has already compromised the renderer process break out of the browser sandbox and gain code execution on the host via a crafted HTML page. The flaw stems from insufficient policy enforcement in the browser process (CWE-20) and, while carrying a high CVSS base score of 9.6 due to the scope change, was rated only Low severity by Chromium because it is not independently exploitable. No public exploit has been identified and EPSS probability is very low (0.17%, 7th percentile).

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14092 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome prior to 150.0.7871.47 enables an on-path network adversary to bypass Chrome's privacy policy enforcement and observe data belonging to a different origin via crafted malicious network traffic. The flaw is classified as CWE-693 (Protection Mechanism Failure), indicating Chrome's privacy isolation layer fails to correctly enforce cross-origin restrictions under certain network conditions. EPSS sits at 0.11% (2nd percentile), no public exploit code is known, and the vulnerability has not been added to CISA KEV; Chromium itself rates this Low severity.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2026-14090 HIGH PATCH This Week

Out-of-bounds memory read in the CameraCapture component of Google Chrome on ChromeOS (versions prior to 150.0.7871.47) lets a remote attacker leak adjacent process memory when a victim opens a crafted HTML page. No public exploit identified at time of analysis, and EPSS is low (0.17%), but the flaw is marked automatable by CISA SSVC. Note a signal conflict: the NVD CVSS is 8.1 (high) while Google rates the Chromium security severity as Low.

Google Buffer Overflow Information Disclosure Suse
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-14089 MEDIUM PATCH This Month

UI spoofing in Google Chrome's PopupBlocker component (all versions prior to 150.0.7871.47) enables a remote attacker who has already compromised the Chrome renderer process to manipulate browser UI elements through a crafted HTML page. The integrity impact is limited to UI deception - no code execution, credential theft, or availability impact is possible through this flaw alone. EPSS at 0.17% (7th percentile) and Chromium's own 'Low' severity rating align with the constrained exploit chain; no public exploit or CISA KEV listing exists at time of analysis.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14088 MEDIUM PATCH This Month

Uninitialized memory read in the Canvas API of Google Chrome on Android (prior to 150.0.7871.47) exposes potentially sensitive process memory contents to remote attackers. Exploitation requires luring a target to a crafted HTML page, after which the uninitialized Canvas buffer may leak memory from the renderer process. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; Chromium's own security team rates severity as Low despite the NVD CVSS score of 6.5.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14085 MEDIUM PATCH This Month

CSS side-channel information leakage in Google Chrome prior to 150.0.7871.47 enables remote attackers to exfiltrate cross-origin data by luring victims to a crafted HTML page. The CVSS vector rates confidentiality impact as High (C:H) with network access and no authentication required from the attacker, though user interaction is necessary. Despite the NVD Medium score of 6.5, Google's internal Chromium severity rating is Low, EPSS sits at just 0.17% (7th percentile), there is no KEV listing, and no public exploit has been identified at time of analysis - signals that collectively indicate limited real-world exploitability.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14084 HIGH PATCH This Week

Heap corruption in the Chromoting (Chrome Remote Desktop) component of Google Chrome before 150.0.7871.47 lets a remote attacker deliver malicious network traffic to a victim's active remote session, potentially corrupting heap memory and enabling arbitrary code execution in the browser process. All desktop Chrome installs using Chrome Remote Desktop below the fixed build are affected. There is no public exploit identified at time of analysis, and CISA SSVC records exploitation as none; EPSS is low at 0.16% (6th percentile), so this is a patch-during-normal-cycle item rather than an emergency.

Information Disclosure Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14082 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Storage component prior to version 150.0.7871.47 enables remote attackers to read data belonging to a different origin by exploiting a race condition triggered via a crafted HTML page. The Chromium security team internally rated this as Low severity - a notable contrast to the CVSS 6.5 score reflecting High confidentiality impact - suggesting the practical exploitation window or data exposure scope is constrained in real-world conditions. No public exploit has been identified at time of analysis, and EPSS at 0.14% (4th percentile) confirms negligible observed exploitation activity.

Information Disclosure Race Condition Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-14081 MEDIUM PATCH This Month

Insufficient policy enforcement in Chrome's DevTools component allows a crafted malicious extension to read potentially sensitive data from process memory. Affected versions are all Google Chrome releases prior to 150.0.7871.47 on desktop platforms. An attacker must first persuade a victim to install the malicious extension, after which the extension can silently extract in-memory data - including session tokens, credentials, or page content resident in the Chrome process - without triggering further user interaction. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14077 MEDIUM PATCH This Month

Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14074 MEDIUM PATCH This Month

Side-channel information leakage in the WebAuthentication component of Google Chrome on iOS (prior to 150.0.7871.47) exposes cross-origin data to remote attackers via a crafted HTML page, requiring only that a victim visit attacker-controlled content. The CVSS Confidentiality:High rating reflects the category of cross-origin data exposure, while Chromium's own internal severity classification of Low and an EPSS score of 0.21% (11th percentile) both signal that practical exploitation is considered unlikely at scale. No public exploit is identified at time of analysis and no CISA KEV listing exists.

Information Disclosure Apple Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14072 MEDIUM PATCH This Month

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14071 MEDIUM PATCH This Month

Side-channel information leakage via the WebAudio API in Google Chrome prior to 150.0.7871.47 enables a remote attacker to extract cross-origin data from a victim's browser session through a crafted HTML page. The vulnerability abuses WebAudio's timing or spectral measurement capabilities to infer data that should be isolated by the Same-Origin Policy, exposing potentially sensitive cross-origin resources. No active exploitation has been confirmed (absent from CISA KEV), and the EPSS score of 0.17% at the 7th percentile reflects very low current exploitation probability; Chromium's own team rated the severity as Low despite the NVD's Medium (6.5) CVSS assignment.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14070 MEDIUM PATCH This Month

Integer overflow in Chrome's WebNN (Web Neural Network API) component prior to version 150.0.7871.47 enables remote attackers to read potentially sensitive data from browser process memory by luring a user to a crafted HTML page. The attack requires no privileges and no special configuration, but mandates user interaction - the victim must navigate to a malicious page. No public exploit identified at time of analysis; CISA SSVC rates exploitation as none with partial technical impact, and Google itself assigned a Low Chromium severity, suggesting real-world impact is constrained by browser sandboxing despite the CVSS C:H rating.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14069 MEDIUM PATCH This Month

Integer overflow in the WebNN component of Google Chrome prior to 150.0.7871.47 allows an unauthenticated remote attacker to read potentially sensitive data from Chrome's process memory. Exploitation requires convincing a victim to visit a crafted HTML page, placing this in the class of user-interaction-dependent browser memory disclosure vulnerabilities. No public exploit code exists and CISA has not listed this in KEV; SSVC rates exploitation as 'none' and Chromium's own triage assigns 'Low' severity, suggesting the disclosed memory is constrained in practice.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14063 MEDIUM PATCH This Month

Out-of-bounds read in Chrome's Chromecast component allows a local attacker to leak sensitive contents from the browser's process memory by delivering malicious network traffic to the affected subsystem. Affected versions are all Chrome releases prior to 150.0.7871.47 on desktop platforms. No public exploit code or CISA KEV listing is identified at time of analysis, and Google's own severity rating is Low, though the CVSS confidentiality impact is scored High due to potential direct process memory exposure.

Google Buffer Overflow Information Disclosure Suse
NVD
CVSS 3.1
5.7
EPSS
0.1%
CVE-2026-14062 MEDIUM PATCH This Month

Process memory disclosure in Google Chrome's Views UI framework on ChromeOS allows a crafted extension, once installed by a user, to read potentially sensitive data from Chrome's process memory. All ChromeOS Chrome versions prior to 150.0.7871.47 are affected; desktop Chrome on Windows, macOS, and Linux is not confirmed in scope. No public exploit has been identified at time of analysis, and Chromium's own internal severity rating is Low - tempering the NVD CVSS 5.9 score - indicating Google's security team assessed limited practical exploitability.

Google Information Disclosure Suse
NVD
CVSS 3.1
5.9
EPSS
0.2%
CVE-2026-14059 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome prior to 150.0.7871.47 stems from insufficient policy enforcement in the Related-Website-Sets feature, enabling a remote attacker to read sensitive cross-origin data by delivering a crafted HTML page to a victim. The CVSS 6.5 score with High confidentiality impact reflects meaningful exposure potential, though Google internally rated this as Low severity and EPSS sits at 0.17% (7th percentile), suggesting limited real-world exploitation risk. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; a vendor patch is available.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14056 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Media component before version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to break out of the sandbox using a crafted video file. The flaw stems from insufficient validation of untrusted input (CWE-20) and carries a scope-changing CVSS 3.1 score of 9.6, though Google rated the underlying Chromium severity as Low and no public exploit has been identified at time of analysis. EPSS is low at 0.16% (6th percentile), and it is not listed in CISA KEV.

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14055 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox by feeding crafted input to the Device Trust component via a malicious HTML page. NVD scores this 9.6 (Critical) while Google rates the Chromium security severity as Low, and there is no public exploit identified at time of analysis. EPSS is very low at 0.17% (7th percentile), and it is not listed in CISA KEV.

Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14053 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Extensions subsystem (versions prior to 150.0.7871.47) enables a remote attacker - who has first achieved renderer process compromise - to bypass same-origin policy enforcement and read cross-origin data via a specially crafted HTML page. The flaw is classified as CWE-346 (Origin Validation Error) and rated Low severity by the Chromium security team. EPSS is extremely low at 0.17% (7th percentile), no CISA KEV listing exists, and no public exploit code has been identified, consistent with the significant chained exploitation barrier imposed by the renderer-compromise prerequisite.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14051 MEDIUM PATCH This Month

Uninitialized memory exposure in Google Chrome's GamepadAPI allows an attacker who has already achieved renderer process compromise to read potentially sensitive contents from process memory by serving a crafted HTML page that triggers the flaw. Affected versions are all Chrome releases prior to 150.0.7871.47. While the CVSS base score is 6.5 with high confidentiality impact, Chromium's own severity rating is Low, reflecting the significant prerequisite of prior renderer compromise that dramatically constrains real-world exploitability. No public exploit code or CISA KEV listing has been identified at time of analysis, and a vendor patch is available.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14050 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Passwords component prior to version 150.0.7871.47 enables remote attackers to exfiltrate credential-related or other sensitive cross-origin data by directing victims to a crafted HTML page. The root cause (CWE-693, Protection Mechanism Failure) represents a breakdown in the policy enforcement layer governing cross-origin access in the Passwords subsystem - a bypass of the isolation guarantees Chrome's same-origin model is meant to provide. No public exploit has been identified at time of analysis; EPSS of 0.17% (7th percentile) and the absence of a CISA KEV listing place real-world exploitation probability very low, and Chromium's own team rated the severity as Low despite the NVD CVSS 6.5 Medium score.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14049 MEDIUM PATCH This Month

Memory disclosure in Google Chrome's GPU component (prior to 150.0.7871.47) allows an attacker who has already achieved renderer process compromise to extract potentially sensitive information from process memory via a crafted HTML page. The attack requires both user interaction and a pre-existing renderer compromise, making this a second-stage vulnerability most useful for ASLR bypass or credential harvesting within an exploit chain. No public exploit code or active exploitation (CISA KEV) has been identified; Google rates this as Low severity internally despite the NVD CVSS 5.3 Medium score.

Google Information Disclosure Suse
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-14045 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Network component (versions prior to 150.0.7871.47) enables a remote attacker who has already compromised the renderer process to exfiltrate cross-origin data via a specially crafted HTML page. This is a chained vulnerability - renderer-process compromise is a hard prerequisite, meaning real-world risk is substantially lower than the network-accessible CVSS vector implies. No public exploit code has been identified and EPSS sits at the 7th percentile (0.17%), consistent with limited exploitation interest. Google has released a fix in the stable channel update to 150.0.7871.47.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14042 MEDIUM PATCH This Month

Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14038 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's New Tab Page prior to 150.0.7871.47 allows an attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page. The flaw stems from insufficient validation of untrusted input (CWE-20) and requires a pre-existing renderer foothold, making it a second-stage exploit rather than an initial-access vector. Google rated the Chromium severity as Low; no public exploit identified at time of analysis and EPSS exploitation probability is low (0.17%, 7th percentile).

Information Disclosure Google Suse
NVD
CVSS 3.1
9.3
EPSS
0.2%
CVE-2026-14037 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's GPU process before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the sandbox via a crafted HTML page. The flaw is a protection-mechanism failure (CWE-693) that Google patched in the June 2026 Stable channel update; Chromium rated its intrinsic severity Low because it is only useful as the second link in an exploit chain, and no public exploit has been identified at time of analysis. EPSS probability is low (0.17%, 7th percentile), consistent with a chained bug rather than a mass-exploitable entry point.

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14031 MEDIUM PATCH This Month

Inappropriate implementation in File Input in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14030 MEDIUM PATCH This Month

Omnibox (URL bar) spoofing in Google Chrome on Linux prior to 150.0.7871.47 is possible through an inappropriate SplitView implementation, allowing remote attackers to display false URLs to victims who are tricked into performing specific UI gestures on a crafted HTML page. This CWE-451 class flaw undermines browser trust indicators and enables phishing scenarios, though exploitation is constrained by high attack complexity and mandatory user interaction. No public exploit code or active exploitation has been identified; a vendor patch is available in the stable channel release.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-14028 MEDIUM PATCH This Month

UI spoofing in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to misrepresent security indicators to users who are socially engineered into performing specific UI gestures on a crafted HTML page. The root cause is incorrect rendering of security UI elements (CWE-451), classified by the Chromium team as Low severity. No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog, aligning with the modest CVSS 4.2 score and the high-complexity attack requirements.

Information Disclosure Apple Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-14026 MEDIUM PATCH This Month

UI spoofing via incorrect security rendering in Chrome's SplitView component allows a remote attacker to misrepresent security-critical UI elements to a victim running any Chrome version prior to 150.0.7871.47. The attacker must serve a crafted HTML page and successfully induce the victim into performing specific UI gestures, after which SplitView renders misleading security indicators - enabling phishing-class deception within a trusted browser context. No public exploit code exists and no active exploitation has been confirmed; the Chromium team itself rated this Low severity, consistent with the CVSS 4.2 score and high attack complexity.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-14022 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Network component (versions prior to 150.0.7871.47) enables a remote attacker who has already achieved renderer process compromise to bypass same-origin policy protections and exfiltrate sensitive cross-origin data via a crafted HTML page. This vulnerability functions as a second-stage exploit primitive within a chain - it does not enable initial access but extends the impact of an existing renderer compromise. No public exploit code or CISA KEV listing has been identified at time of analysis; EPSS of 0.21% (11th percentile) reflects low observed exploitation activity.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14021 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's StorageAccessAPI (prior to 150.0.7871.47) enables a remote attacker who has already compromised the renderer process to read storage or cookie data belonging to other origins by delivering a crafted HTML page. This is a chained attack - the StorageAccessAPI policy bypass is the second stage of a multi-step compromise, not a standalone entry point. EPSS is very low (0.17%, 7th percentile), no active exploitation is confirmed in CISA KEV, and no public exploit code has been identified at time of analysis.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14020 MEDIUM PATCH This Month

UI spoofing in Google Chrome's WebXR subsystem (versions prior to 150.0.7871.47) is achievable by an attacker who has already compromised the renderer process, allowing manipulation of browser UI elements via a crafted HTML page. The vulnerability is a second-stage attack component, not a standalone entry point - exploitation chains through a separate renderer compromise before WebXR's insufficient input validation can be abused. EPSS at 0.17% (7th percentile) and no CISA KEV listing indicate minimal observed exploitation activity; patch is available as of Chrome 150.0.7871.47.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14019 MEDIUM PATCH This Month

Cross-origin credential data leakage in Google Chrome's built-in Passwords feature (all versions prior to 150.0.7871.47) can be triggered remotely via a crafted HTML page requiring only user interaction. The flaw is rooted in an inappropriate implementation in Chrome's password management subsystem (CWE-522 - Insufficiently Protected Credentials), allowing a remote attacker to read data across origin boundaries that should be strictly isolated. No public exploit code is identified and EPSS stands at 0.17% (7th percentile), indicating limited exploitation pressure at time of analysis; however, Chrome's ubiquitous deployment makes the aggregate exposure significant.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14017 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Navigation component before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. Rated Medium by Chromium but carries a 9.6 CVSS due to the scope-changing sandbox breach; EPSS is low (0.17%, 7th percentile) and there is no public exploit identified at time of analysis, indicating it is realistically a second-stage link in an exploit chain rather than a standalone remote-code path.

Information Disclosure Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14015 MEDIUM PATCH This Month

Cross-origin data exfiltration in Google Chrome's WebRTC subsystem on Windows allows remote attackers to leak sensitive data from other origins by directing victims to a specially crafted HTML page. All Chrome on Windows versions prior to 150.0.7871.47 are affected. No public exploit identified at time of analysis, and the EPSS score of 0.17% (7th percentile) signals low near-term exploitation probability despite the CVSS High confidentiality impact - consistent with Chromium's own 'Medium' severity designation and the inherent timing-sensitivity of race condition attacks.

Information Disclosure Microsoft Race Condition Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14014 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Paint rendering component (versions prior to 150.0.7871.47) enables remote attackers to misrepresent browser interface elements through a specially crafted HTML page, with the victim's visit being the sole prerequisite. The CVSS vector confirms high integrity impact (I:H) with no confidentiality or availability exposure, consistent with CWE-451 misrepresentation of critical UI information rather than code execution. No public exploit has been identified and EPSS sits at the 7th percentile (0.17%), indicating very low near-term exploitation probability; a vendor patch is confirmed available in the Chrome stable channel.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14013 MEDIUM PATCH This Month

UI spoofing in Google Chrome prior to version 150.0.7871.47 is caused by an inappropriate SVG rendering implementation, enabling remote attackers to visually misrepresent browser UI elements through a crafted HTML page. Exploitation requires user interaction - the victim must visit a malicious page - and the direct impact is limited to integrity via visual deception, with no confidentiality or availability consequence. No public exploit has been identified and the EPSS score of 0.17% (7th percentile) confirms minimal exploitation activity at time of analysis.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-14012 MEDIUM PATCH This Month

CSS side-channel information leakage in Google Chrome prior to 150.0.7871.47 enables a remote attacker to read potentially sensitive data from the browser's process memory by inducing a victim to visit a specially crafted HTML page. The vulnerability is classified under CWE-1300 (Improper Protection of Physical Side Channels), indicating that observable rendering or timing behavior in Chrome's CSS engine can be exploited to infer in-memory state. No public exploit identified at time of analysis; however, the CVSS-assessed confidentiality impact is rated High, and Google has released a fix in Chrome stable channel version 150.0.7871.47.

Information Disclosure Google Suse
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-14011 HIGH PATCH This Week

Out-of-bounds memory read in the SurfaceCapture component of Google Chrome before 150.0.7871.47 lets a remote attacker leak adjacent heap memory when a victim opens a crafted HTML page. Chromium rated the flaw Medium severity, though the associated CVSS is 8.1; there is no public exploit identified at time of analysis and EPSS estimates exploitation probability at just 0.17% (7th percentile), consistent with a browser bug fixed pre-disclosure. Successful exploitation could disclose sensitive in-process data or crash the renderer, and typically serves as one link in a larger sandbox-escape chain rather than standalone compromise.

Google Buffer Overflow Information Disclosure Suse
NVD
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-14010 MEDIUM PATCH This Month

Uninitialized memory use in Chrome's codec subsystem on Windows leaks process memory contents to remote attackers who can direct a user to a crafted HTML page. All Chrome versions prior to 150.0.7871.47 on Windows are affected; exploitation requires no authentication but does require the victim to visit attacker-controlled content, placing this in the drive-by browsing threat category. No public exploit code has been identified at time of analysis, and Google has released a confirmed fix in stable channel 150.0.7871.47.

Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-14009 HIGH PATCH This Week

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14008 MEDIUM PATCH This Month

Uninitialized memory read in Google Chrome's WebXR subsystem on Android (versions prior to 150.0.7871.47) enables remote attackers to leak sensitive contents from process memory by inducing a victim to visit a crafted HTML page. The root cause is CWE-457 (use of an uninitialized variable) within the WebXR implementation, meaning memory buffers are consumed before being properly zeroed or assigned, exposing whatever residual data the process held. No public exploit or CISA KEV listing is identified at time of analysis, but the CVSS C:H rating reflects the potential for meaningful data exposure including in-memory credentials, tokens, or browsing context.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14004 MEDIUM PATCH This Month

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14002 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Geolocation implementation allows an attacker who has already compromised the renderer process to present misleading geolocation-related interface elements to the user via a crafted HTML page. Affected versions are all Chrome releases prior to 150.0.7871.47. The integrity impact is rated High (CVSS I:H) because the spoofed UI can deceive users into granting or believing geolocation permissions under false pretenses; no public exploit or CISA KEV listing exists, and the 0.17% EPSS score (7th percentile) reflects low observed exploitation probability.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-13999 MEDIUM PATCH This Month

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2026-13998 MEDIUM PATCH This Month

UI spoofing via the File Input security indicator in Google Chrome on macOS allows a remote attacker to misrepresent security-critical interface elements when a user visits a crafted HTML page and performs specific UI gestures. Affected are all Chrome for Mac builds prior to 150.0.7871.47. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV; combined with the high attack complexity and required user interaction, real-world exploitation at scale is unlikely without a targeted social engineering component.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-13997 MEDIUM PATCH This Month

UI spoofing in the Extensions component of Google Chrome on Android (prior to 150.0.7871.47) allows a remote attacker to misrepresent security UI elements by luring a victim into performing specific UI gestures on a crafted HTML page. The root cause (CWE-451) is incorrect rendering of security-critical extension UI, potentially misleading users about which extensions are active or what permissions they hold. No public exploit identified at time of analysis; the vendor has released a patch in the stable channel update.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-13996 MEDIUM PATCH This Month

Inappropriate implementation in Permissions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-13995 MEDIUM PATCH This Month

Insufficient validation of untrusted input in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-13994 MEDIUM PATCH This Month

Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-13993 MEDIUM PATCH This Month

Domain spoofing in Google Chrome's WebAppInstalls component (versions prior to 150.0.7871.47) allows remote attackers to misrepresent the security origin displayed to a user, enabling phishing or social engineering attacks. Exploitation requires convincing the victim to perform specific UI gestures while visiting a crafted HTML page, placing this in a moderate-complexity social engineering category. No public exploit code has been identified at time of analysis, and the vendor has released a patch in Chrome 150.0.7871.47.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-13992 MEDIUM PATCH This Month

UI spoofing in Google Chrome on macOS prior to version 150.0.7871.47 allows a remote attacker to misrepresent browser UI elements by convincing a user to perform specific UI gestures on a crafted HTML page. Rooted in CWE-451 (UI Misrepresentation of Critical Information), the flaw can cause security-sensitive browser chrome - such as origin indicators or permission prompts - to display falsified content, potentially deceiving users into unsafe actions. No public exploit code exists and this vulnerability is not listed in CISA KEV; the vendor has released a patch in the Chrome 150 stable channel.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-13991 MEDIUM PATCH This Month

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Apple Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-13990 MEDIUM PATCH This Month

UI spoofing in Google Chrome for Windows (prior to 150.0.7871.47) is enabled by insufficient input validation in the DataTransfer subsystem when the renderer process has already been compromised. A remote attacker who controls a compromised renderer can deliver a crafted HTML page that manipulates visual UI elements, potentially deceiving users into approving malicious permissions, revealing credentials, or performing unintended actions. No active exploitation has been confirmed (not in CISA KEV), and EPSS of 0.17% at the 7th percentile reflects minimal observed exploitation probability; however, exploitation as a second-stage payload in a renderer RCE chain remains a realistic concern for high-value targets.

Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-13989 MEDIUM PATCH This Month

UI spoofing in Google Chrome's PageInfo component affects all desktop versions prior to 150.0.7871.47, enabling an attacker who has already compromised the renderer process to present deceptive browser security indicators to the user via a crafted HTML page. The vulnerability stems from an inappropriate implementation in the PageInfo subsystem (CWE-451), which controls the trusted security panel users consult to assess site authenticity. No active exploitation is confirmed - EPSS is 0.17% (7th percentile), SSVC rates exploitation as none, and this CVE is absent from the CISA KEV catalog - but the integrity impact is high where the attack chain is achievable.

Information Disclosure Google Suse
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2026-13988 MEDIUM PATCH This Month

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-13987 MEDIUM PATCH This Month

Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2026-13986 MEDIUM PATCH This Month

UI spoofing in Google Chrome's Media UI component on ChromeOS allows a remote attacker to manipulate what a user sees by delivering a crafted HTML page and social-engineering the victim into performing specific in-browser UI gestures. Affected versions are all Chrome on ChromeOS prior to 150.0.7871.47. While classified Medium severity (CVSS 4.2), the practical risk is constrained by the requirement for active user interaction and the ChromeOS-only scope; no public exploit code or CISA KEV listing has been identified at time of analysis.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.2
EPSS
0.2%
CVE-2026-13985 MEDIUM PATCH This Month

UI spoofing via MediaCapture in Google Chrome prior to 150.0.7871.47 enables a remote attacker who has already compromised the renderer process to misrepresent browser UI through a crafted HTML page, potentially deceiving users into granting permissions or trusting malicious content. This is a chained exploitation technique - it requires a prior renderer compromise as a prerequisite - making it a post-exploitation integrity threat rather than an initial access vector. EPSS is 0.21% (11th percentile), no public exploit or CISA KEV listing exists at time of analysis, and Google has patched this in the stable channel update.

Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-13984 MEDIUM PATCH This Month

UI spoofing in Google Chrome's TabStrip component, fixed in version 150.0.7871.47, enables remote attackers to misrepresent browser security indicators through specially crafted HTML pages. The incorrect security UI rendering in the tab strip allows an attacker to deceive users about the true origin or security state of a webpage, creating phishing-enablement risk. No public exploit code and an EPSS of 0.17% (7th percentile) indicate low exploitation likelihood at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Google Suse
NVD
CVSS 3.1
4.3
EPSS
0.2%
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing via race condition in Google Chrome's History Embeddings component (versions prior to 150.0.7871.47) enables remote attackers to present falsified browser interface elements to users through a crafted HTML page. The flaw requires both high attack complexity - a precisely timed race window - and victim interaction, yielding only limited confidentiality and integrity impact with no code execution capability. No public exploit or active exploitation has been identified; EPSS at 0.14% (4th percentile) and SSVC exploitation status of 'none' confirm extremely low real-world exploitation probability at time of analysis.

Information Disclosure Race Condition Google +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

UI spoofing in Google Chrome's WebXR component (all versions prior to 150.0.7871.47) allows remote attackers to misrepresent browser interface elements when a victim visits a crafted HTML page. The flaw stems from an inappropriate implementation in the WebXR Device API, enabling manipulation of what the user perceives as trusted UI - potentially obscuring origin indicators, security state, or page identity. No public exploit code exists and EPSS stands at 0.18% (8th percentile); CISA SSVC rates exploitation as none with partial technical impact, placing this firmly in the lower-priority tier despite its network-accessible vector.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

UI spoofing in Google Chrome's WebAppInstalls component (prior to 150.0.7871.47) is reachable only after an attacker has already compromised the Chrome renderer process, making this a chained, post-exploitation capability rather than a standalone entry point. With a compromised renderer, the attacker can serve a crafted HTML page that bypasses insufficient input validation in WebAppInstalls to forge Chrome's native UI - potentially deceiving users into trusting malicious web app install prompts or dialogs. No public exploit or active exploitation (CISA KEV) is confirmed; EPSS sits at 0.18% (8th percentile), consistent with the high prerequisite barrier and Chromium's own 'Low' severity rating.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Omnibox (address bar) prior to version 150.0.7871.47 allows a remote attacker to misrepresent origin or security indicators to a victim via a crafted HTML page. Rooted in CWE-451 (misrepresentation of critical security information), the flaw can enable phishing or origin-confusion attacks by deceiving users into trusting a false domain indicator. No public exploit code exists, CISA SSVC rates exploitation as none, and the EPSS score of 0.18% (8th percentile) confirms this is low-priority outside phishing-sensitive deployments.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing in Google Chrome for Android (prior to 150.0.7871.47) via the PreviewTab feature allows remote attackers to misrepresent interface elements through a crafted HTML page. Successful exploitation requires high attack complexity - specifically, the attacker must convince a victim to perform particular UI gestures - limiting this to targeted rather than opportunistic attacks. No active exploitation or public proof-of-concept has been identified; the Chromium security team rates this as Low severity, consistent with its constrained CVSS 4.2 score.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Apple Google +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in Printing in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Domain spoofing in Google Chrome for Android (versions prior to 150.0.7871.47) allows remote attackers to deceive users about the origin of a webpage by exploiting incorrect rendering of security-critical UI elements via a crafted HTML page. User interaction is required - the victim must navigate to the attacker-controlled page - and impact is limited to integrity (UI misrepresentation), with no direct confidentiality or availability consequences. No active exploitation is confirmed (not in CISA KEV) and EPSS of 0.17% at the 7th percentile reflects minimal real-world exploitation activity; Google itself rates this 'Low' severity.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory use in Chrome's ANGLE graphics layer exposes potentially sensitive process memory contents to remote attackers who can entice a user to visit a crafted HTML page. The flaw affects all Chrome versions prior to 150.0.7871.47, with High confidentiality impact per CVSS despite Google's own Chromium severity rating of Low - a discrepancy suggesting practical extraction of meaningful data is constrained in real-world conditions. No public exploit identified at time of analysis, and no CISA KEV listing; a vendor patch has been released.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Omnibox (URL bar) spoofing in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to display a fraudulent URL in the browser's address bar by delivering a crafted HTML page. The root cause is classified as CWE-451 (UI Misrepresentation of Critical Information), meaning the security UI fails to accurately reflect the true origin of displayed content - a condition that directly undermines phishing defenses. No public exploit code has been identified at time of analysis, and the EPSS score of 0.18% (8th percentile) indicates very low observed exploitation pressure, consistent with the Chromium team's own 'Low' severity rating.

Information Disclosure Apple Google +1
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Insufficient validation of untrusted input in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Microsoft Google +1
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Inappropriate implementation in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Type confusion in Chrome's Bluetooth stack on Windows (versions prior to 150.0.7871.47) enables an adjacent-network attacker to exfiltrate sensitive data from Chrome process memory by presenting a malicious Bluetooth peripheral. The CVSS 6.5 score reflects high confidentiality impact but no integrity or availability exposure; notably, Chromium's internal security team rated this Low severity, suggesting the memory regions accessible are constrained. No public exploit code and no CISA KEV listing exist at time of analysis, and exploitation is physically bounded by Bluetooth range.

Memory Corruption Information Disclosure Microsoft +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leak in Google Chrome DevTools prior to version 150.0.7871.47 exposes sensitive information from foreign origins when a victim visits a crafted HTML page and performs attacker-directed UI gestures. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N) confirms high confidentiality impact with no integrity or availability consequences. No public exploit identified at time of analysis, and EPSS of 0.18% at the 8th percentile - combined with Chromium's own 'Low' severity classification - signals limited real-world exploitation likelihood despite the Medium NVD score.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Memory disclosure via DevTools in Google Chrome on Windows (prior to 150.0.7871.47) enables a remote attacker to read sensitive process memory contents by delivering a crafted HTML page and manipulating the victim into performing specific UI gestures. The vulnerability is Windows-platform-exclusive and carries a Chromium-internal severity of Low, consistent with SSVC's assessment of no current exploitation and non-automatable delivery. No active exploitation or public exploit code has been identified at time of analysis, though the CVSS C:H rating reflects meaningful confidentiality risk if successfully triggered.

Information Disclosure Microsoft Google +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Inappropriate implementation in Enterprise in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop before 150.0.7871.47 lets an attacker who has already compromised the renderer process bypass Mojo IPC policy enforcement and break out of the sandbox using a crafted HTML page. This is a second-stage flaw in the Mojo inter-process communication layer rather than an initial-access bug, and Google itself rated the Chromium security severity as Low despite the NVD CVSS of 9.6. No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile).

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Insufficient validation of untrusted input in Text in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox through a crafted HTML page. The root cause is insufficient policy enforcement in Chrome's macOS sandbox (CWE-693). No public exploit identified at time of analysis, and EPSS is low (0.17%, 7th percentile); Google's own Chromium security team rated the severity 'Low', which conflicts sharply with the CVSS 9.6 assigned by NVD.

Information Disclosure Google Red Hat +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's NetworkCache component affects all desktop versions prior to 150.0.7871.47, enabling remote attackers to read sensitive cached data belonging to other origins. Exploitation requires a victim to visit a specially crafted HTML page, placing this squarely in the browser-based phishing and malvertising threat model. No public exploit code or active exploitation has been identified; an EPSS score of 0.17% (7th percentile) and Chromium's own Low severity classification indicate low immediate exploitation probability despite the Medium CVSS base score.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS prior to 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page abusing the WebAppInstalls component. Chromium rated the underlying issue Low severity even though the CVSS base score is 9.6, and there is no public exploit identified at time of analysis; EPSS is 0.17% (7th percentile). The vulnerability is a second-stage primitive that requires prior renderer code execution, not a standalone drive-by.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Inappropriate implementation in Input in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop versions prior to 150.0.7871.47 lets an attacker who has already compromised the renderer process break out of the browser sandbox and gain code execution on the host via a crafted HTML page. The flaw stems from insufficient policy enforcement in the browser process (CWE-20) and, while carrying a high CVSS base score of 9.6 due to the scope change, was rated only Low severity by Chromium because it is not independently exploitable. No public exploit has been identified and EPSS probability is very low (0.17%, 7th percentile).

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome prior to 150.0.7871.47 enables an on-path network adversary to bypass Chrome's privacy policy enforcement and observe data belonging to a different origin via crafted malicious network traffic. The flaw is classified as CWE-693 (Protection Mechanism Failure), indicating Chrome's privacy isolation layer fails to correctly enforce cross-origin restrictions under certain network conditions. EPSS sits at 0.11% (2nd percentile), no public exploit code is known, and the vulnerability has not been added to CISA KEV; Chromium itself rates this Low severity.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Out-of-bounds memory read in the CameraCapture component of Google Chrome on ChromeOS (versions prior to 150.0.7871.47) lets a remote attacker leak adjacent process memory when a victim opens a crafted HTML page. No public exploit identified at time of analysis, and EPSS is low (0.17%), but the flaw is marked automatable by CISA SSVC. Note a signal conflict: the NVD CVSS is 8.1 (high) while Google rates the Chromium security severity as Low.

Google Buffer Overflow Information Disclosure +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's PopupBlocker component (all versions prior to 150.0.7871.47) enables a remote attacker who has already compromised the Chrome renderer process to manipulate browser UI elements through a crafted HTML page. The integrity impact is limited to UI deception - no code execution, credential theft, or availability impact is possible through this flaw alone. EPSS at 0.17% (7th percentile) and Chromium's own 'Low' severity rating align with the constrained exploit chain; no public exploit or CISA KEV listing exists at time of analysis.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory read in the Canvas API of Google Chrome on Android (prior to 150.0.7871.47) exposes potentially sensitive process memory contents to remote attackers. Exploitation requires luring a target to a crafted HTML page, after which the uninitialized Canvas buffer may leak memory from the renderer process. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; Chromium's own security team rates severity as Low despite the NVD CVSS score of 6.5.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

CSS side-channel information leakage in Google Chrome prior to 150.0.7871.47 enables remote attackers to exfiltrate cross-origin data by luring victims to a crafted HTML page. The CVSS vector rates confidentiality impact as High (C:H) with network access and no authentication required from the attacker, though user interaction is necessary. Despite the NVD Medium score of 6.5, Google's internal Chromium severity rating is Low, EPSS sits at just 0.17% (7th percentile), there is no KEV listing, and no public exploit has been identified at time of analysis - signals that collectively indicate limited real-world exploitability.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in the Chromoting (Chrome Remote Desktop) component of Google Chrome before 150.0.7871.47 lets a remote attacker deliver malicious network traffic to a victim's active remote session, potentially corrupting heap memory and enabling arbitrary code execution in the browser process. All desktop Chrome installs using Chrome Remote Desktop below the fixed build are affected. There is no public exploit identified at time of analysis, and CISA SSVC records exploitation as none; EPSS is low at 0.16% (6th percentile), so this is a patch-during-normal-cycle item rather than an emergency.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Storage component prior to version 150.0.7871.47 enables remote attackers to read data belonging to a different origin by exploiting a race condition triggered via a crafted HTML page. The Chromium security team internally rated this as Low severity - a notable contrast to the CVSS 6.5 score reflecting High confidentiality impact - suggesting the practical exploitation window or data exposure scope is constrained in real-world conditions. No public exploit has been identified at time of analysis, and EPSS at 0.14% (4th percentile) confirms negligible observed exploitation activity.

Information Disclosure Race Condition Google +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Insufficient policy enforcement in Chrome's DevTools component allows a crafted malicious extension to read potentially sensitive data from process memory. Affected versions are all Google Chrome releases prior to 150.0.7871.47 on desktop platforms. An attacker must first persuade a victim to install the malicious extension, after which the extension can silently extract in-memory data - including session tokens, credentials, or page content resident in the Chrome process - without triggering further user interaction. No public exploit code has been identified at time of analysis, and this CVE is not listed in the CISA KEV catalog.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in Select in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Side-channel information leakage in the WebAuthentication component of Google Chrome on iOS (prior to 150.0.7871.47) exposes cross-origin data to remote attackers via a crafted HTML page, requiring only that a victim visit attacker-controlled content. The CVSS Confidentiality:High rating reflects the category of cross-origin data exposure, while Chromium's own internal severity classification of Low and an EPSS score of 0.21% (11th percentile) both signal that practical exploitation is considered unlikely at scale. No public exploit is identified at time of analysis and no CISA KEV listing exists.

Information Disclosure Apple Google +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in SplitView in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Side-channel information leakage via the WebAudio API in Google Chrome prior to 150.0.7871.47 enables a remote attacker to extract cross-origin data from a victim's browser session through a crafted HTML page. The vulnerability abuses WebAudio's timing or spectral measurement capabilities to infer data that should be isolated by the Same-Origin Policy, exposing potentially sensitive cross-origin resources. No active exploitation has been confirmed (absent from CISA KEV), and the EPSS score of 0.17% at the 7th percentile reflects very low current exploitation probability; Chromium's own team rated the severity as Low despite the NVD's Medium (6.5) CVSS assignment.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Integer overflow in Chrome's WebNN (Web Neural Network API) component prior to version 150.0.7871.47 enables remote attackers to read potentially sensitive data from browser process memory by luring a user to a crafted HTML page. The attack requires no privileges and no special configuration, but mandates user interaction - the victim must navigate to a malicious page. No public exploit identified at time of analysis; CISA SSVC rates exploitation as none with partial technical impact, and Google itself assigned a Low Chromium severity, suggesting real-world impact is constrained by browser sandboxing despite the CVSS C:H rating.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Integer overflow in the WebNN component of Google Chrome prior to 150.0.7871.47 allows an unauthenticated remote attacker to read potentially sensitive data from Chrome's process memory. Exploitation requires convincing a victim to visit a crafted HTML page, placing this in the class of user-interaction-dependent browser memory disclosure vulnerabilities. No public exploit code exists and CISA has not listed this in KEV; SSVC rates exploitation as 'none' and Chromium's own triage assigns 'Low' severity, suggesting the disclosed memory is constrained in practice.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 5.7
MEDIUM PATCH This Month

Out-of-bounds read in Chrome's Chromecast component allows a local attacker to leak sensitive contents from the browser's process memory by delivering malicious network traffic to the affected subsystem. Affected versions are all Chrome releases prior to 150.0.7871.47 on desktop platforms. No public exploit code or CISA KEV listing is identified at time of analysis, and Google's own severity rating is Low, though the CVSS confidentiality impact is scored High due to potential direct process memory exposure.

Google Buffer Overflow Information Disclosure +1
NVD
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Process memory disclosure in Google Chrome's Views UI framework on ChromeOS allows a crafted extension, once installed by a user, to read potentially sensitive data from Chrome's process memory. All ChromeOS Chrome versions prior to 150.0.7871.47 are affected; desktop Chrome on Windows, macOS, and Linux is not confirmed in scope. No public exploit has been identified at time of analysis, and Chromium's own internal severity rating is Low - tempering the NVD CVSS 5.9 score - indicating Google's security team assessed limited practical exploitability.

Google Information Disclosure Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome prior to 150.0.7871.47 stems from insufficient policy enforcement in the Related-Website-Sets feature, enabling a remote attacker to read sensitive cross-origin data by delivering a crafted HTML page to a victim. The CVSS 6.5 score with High confidentiality impact reflects meaningful exposure potential, though Google internally rated this as Low severity and EPSS sits at 0.17% (7th percentile), suggesting limited real-world exploitation risk. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis; a vendor patch is available.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Media component before version 150.0.7871.47 allows a remote attacker who has already compromised the renderer process to break out of the sandbox using a crafted video file. The flaw stems from insufficient validation of untrusted input (CWE-20) and carries a scope-changing CVSS 3.1 score of 9.6, though Google rated the underlying Chromium severity as Low and no public exploit has been identified at time of analysis. EPSS is low at 0.16% (6th percentile), and it is not listed in CISA KEV.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Windows prior to 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox by feeding crafted input to the Device Trust component via a malicious HTML page. NVD scores this 9.6 (Critical) while Google rates the Chromium security severity as Low, and there is no public exploit identified at time of analysis. EPSS is very low at 0.17% (7th percentile), and it is not listed in CISA KEV.

Information Disclosure Microsoft Google +1
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Extensions subsystem (versions prior to 150.0.7871.47) enables a remote attacker - who has first achieved renderer process compromise - to bypass same-origin policy enforcement and read cross-origin data via a specially crafted HTML page. The flaw is classified as CWE-346 (Origin Validation Error) and rated Low severity by the Chromium security team. EPSS is extremely low at 0.17% (7th percentile), no CISA KEV listing exists, and no public exploit code has been identified, consistent with the significant chained exploitation barrier imposed by the renderer-compromise prerequisite.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory exposure in Google Chrome's GamepadAPI allows an attacker who has already achieved renderer process compromise to read potentially sensitive contents from process memory by serving a crafted HTML page that triggers the flaw. Affected versions are all Chrome releases prior to 150.0.7871.47. While the CVSS base score is 6.5 with high confidentiality impact, Chromium's own severity rating is Low, reflecting the significant prerequisite of prior renderer compromise that dramatically constrains real-world exploitability. No public exploit code or CISA KEV listing has been identified at time of analysis, and a vendor patch is available.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Passwords component prior to version 150.0.7871.47 enables remote attackers to exfiltrate credential-related or other sensitive cross-origin data by directing victims to a crafted HTML page. The root cause (CWE-693, Protection Mechanism Failure) represents a breakdown in the policy enforcement layer governing cross-origin access in the Passwords subsystem - a bypass of the isolation guarantees Chrome's same-origin model is meant to provide. No public exploit has been identified at time of analysis; EPSS of 0.17% (7th percentile) and the absence of a CISA KEV listing place real-world exploitation probability very low, and Chromium's own team rated the severity as Low despite the NVD CVSS 6.5 Medium score.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Memory disclosure in Google Chrome's GPU component (prior to 150.0.7871.47) allows an attacker who has already achieved renderer process compromise to extract potentially sensitive information from process memory via a crafted HTML page. The attack requires both user interaction and a pre-existing renderer compromise, making this a second-stage vulnerability most useful for ASLR bypass or credential harvesting within an exploit chain. No public exploit code or active exploitation (CISA KEV) has been identified; Google rates this as Low severity internally despite the NVD CVSS 5.3 Medium score.

Google Information Disclosure Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Network component (versions prior to 150.0.7871.47) enables a remote attacker who has already compromised the renderer process to exfiltrate cross-origin data via a specially crafted HTML page. This is a chained vulnerability - renderer-process compromise is a hard prerequisite, meaning real-world risk is substantially lower than the network-accessible CVSS vector implies. No public exploit code has been identified and EPSS sits at the 7th percentile (0.17%), consistent with limited exploitation interest. Google has released a fix in the stable channel update to 150.0.7871.47.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in Isolated Web Apps in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's New Tab Page prior to 150.0.7871.47 allows an attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page. The flaw stems from insufficient validation of untrusted input (CWE-20) and requires a pre-existing renderer foothold, making it a second-stage exploit rather than an initial-access vector. Google rated the Chromium severity as Low; no public exploit identified at time of analysis and EPSS exploitation probability is low (0.17%, 7th percentile).

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's GPU process before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the sandbox via a crafted HTML page. The flaw is a protection-mechanism failure (CWE-693) that Google patched in the June 2026 Stable channel update; Chromium rated its intrinsic severity Low because it is only useful as the second link in an exploit chain, and no public exploit has been identified at time of analysis. EPSS probability is low (0.17%, 7th percentile), consistent with a chained bug rather than a mass-exploitable entry point.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in File Input in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Omnibox (URL bar) spoofing in Google Chrome on Linux prior to 150.0.7871.47 is possible through an inappropriate SplitView implementation, allowing remote attackers to display false URLs to victims who are tricked into performing specific UI gestures on a crafted HTML page. This CWE-451 class flaw undermines browser trust indicators and enables phishing scenarios, though exploitation is constrained by high attack complexity and mandatory user interaction. No public exploit code or active exploitation has been identified; a vendor patch is available in the stable channel release.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing in Google Chrome for iOS prior to 150.0.7871.47 allows a remote attacker to misrepresent security indicators to users who are socially engineered into performing specific UI gestures on a crafted HTML page. The root cause is incorrect rendering of security UI elements (CWE-451), classified by the Chromium team as Low severity. No public exploit code exists and the vulnerability is not listed in the CISA KEV catalog, aligning with the modest CVSS 4.2 score and the high-complexity attack requirements.

Information Disclosure Apple Google +1
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing via incorrect security rendering in Chrome's SplitView component allows a remote attacker to misrepresent security-critical UI elements to a victim running any Chrome version prior to 150.0.7871.47. The attacker must serve a crafted HTML page and successfully induce the victim into performing specific UI gestures, after which SplitView renders misleading security indicators - enabling phishing-class deception within a trusted browser context. No public exploit code exists and no active exploitation has been confirmed; the Chromium team itself rated this Low severity, consistent with the CVSS 4.2 score and high attack complexity.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's Network component (versions prior to 150.0.7871.47) enables a remote attacker who has already achieved renderer process compromise to bypass same-origin policy protections and exfiltrate sensitive cross-origin data via a crafted HTML page. This vulnerability functions as a second-stage exploit primitive within a chain - it does not enable initial access but extends the impact of an existing renderer compromise. No public exploit code or CISA KEV listing has been identified at time of analysis; EPSS of 0.21% (11th percentile) reflects low observed exploitation activity.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome's StorageAccessAPI (prior to 150.0.7871.47) enables a remote attacker who has already compromised the renderer process to read storage or cookie data belonging to other origins by delivering a crafted HTML page. This is a chained attack - the StorageAccessAPI policy bypass is the second stage of a multi-step compromise, not a standalone entry point. EPSS is very low (0.17%, 7th percentile), no active exploitation is confirmed in CISA KEV, and no public exploit code has been identified at time of analysis.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's WebXR subsystem (versions prior to 150.0.7871.47) is achievable by an attacker who has already compromised the renderer process, allowing manipulation of browser UI elements via a crafted HTML page. The vulnerability is a second-stage attack component, not a standalone entry point - exploitation chains through a separate renderer compromise before WebXR's insufficient input validation can be abused. EPSS at 0.17% (7th percentile) and no CISA KEV listing indicate minimal observed exploitation activity; patch is available as of Chrome 150.0.7871.47.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin credential data leakage in Google Chrome's built-in Passwords feature (all versions prior to 150.0.7871.47) can be triggered remotely via a crafted HTML page requiring only user interaction. The flaw is rooted in an inappropriate implementation in Chrome's password management subsystem (CWE-522 - Insufficiently Protected Credentials), allowing a remote attacker to read data across origin boundaries that should be strictly isolated. No public exploit code is identified and EPSS stands at 0.17% (7th percentile), indicating limited exploitation pressure at time of analysis; however, Chrome's ubiquitous deployment makes the aggregate exposure significant.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Navigation component before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. Rated Medium by Chromium but carries a 9.6 CVSS due to the scope-changing sandbox breach; EPSS is low (0.17%, 7th percentile) and there is no public exploit identified at time of analysis, indicating it is realistically a second-stage link in an exploit chain rather than a standalone remote-code path.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Cross-origin data exfiltration in Google Chrome's WebRTC subsystem on Windows allows remote attackers to leak sensitive data from other origins by directing victims to a specially crafted HTML page. All Chrome on Windows versions prior to 150.0.7871.47 are affected. No public exploit identified at time of analysis, and the EPSS score of 0.17% (7th percentile) signals low near-term exploitation probability despite the CVSS High confidentiality impact - consistent with Chromium's own 'Medium' severity designation and the inherent timing-sensitivity of race condition attacks.

Information Disclosure Microsoft Race Condition +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Paint rendering component (versions prior to 150.0.7871.47) enables remote attackers to misrepresent browser interface elements through a specially crafted HTML page, with the victim's visit being the sole prerequisite. The CVSS vector confirms high integrity impact (I:H) with no confidentiality or availability exposure, consistent with CWE-451 misrepresentation of critical UI information rather than code execution. No public exploit has been identified and EPSS sits at the 7th percentile (0.17%), indicating very low near-term exploitation probability; a vendor patch is confirmed available in the Chrome stable channel.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome prior to version 150.0.7871.47 is caused by an inappropriate SVG rendering implementation, enabling remote attackers to visually misrepresent browser UI elements through a crafted HTML page. Exploitation requires user interaction - the victim must visit a malicious page - and the direct impact is limited to integrity via visual deception, with no confidentiality or availability consequence. No public exploit has been identified and the EPSS score of 0.17% (7th percentile) confirms minimal exploitation activity at time of analysis.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

CSS side-channel information leakage in Google Chrome prior to 150.0.7871.47 enables a remote attacker to read potentially sensitive data from the browser's process memory by inducing a victim to visit a specially crafted HTML page. The vulnerability is classified under CWE-1300 (Improper Protection of Physical Side Channels), indicating that observable rendering or timing behavior in Chrome's CSS engine can be exploited to infer in-memory state. No public exploit identified at time of analysis; however, the CVSS-assessed confidentiality impact is rated High, and Google has released a fix in Chrome stable channel version 150.0.7871.47.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Out-of-bounds memory read in the SurfaceCapture component of Google Chrome before 150.0.7871.47 lets a remote attacker leak adjacent heap memory when a victim opens a crafted HTML page. Chromium rated the flaw Medium severity, though the associated CVSS is 8.1; there is no public exploit identified at time of analysis and EPSS estimates exploitation probability at just 0.17% (7th percentile), consistent with a browser bug fixed pre-disclosure. Successful exploitation could disclose sensitive in-process data or crash the renderer, and typically serves as one link in a larger sandbox-escape chain rather than standalone compromise.

Google Buffer Overflow Information Disclosure +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory use in Chrome's codec subsystem on Windows leaks process memory contents to remote attackers who can direct a user to a crafted HTML page. All Chrome versions prior to 150.0.7871.47 on Windows are affected; exploitation requires no authentication but does require the victim to visit attacker-controlled content, placing this in the drive-by browsing threat category. No public exploit code has been identified at time of analysis, and Google has released a confirmed fix in stable channel 150.0.7871.47.

Information Disclosure Microsoft Google +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Inappropriate implementation in Passwords in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Uninitialized memory read in Google Chrome's WebXR subsystem on Android (versions prior to 150.0.7871.47) enables remote attackers to leak sensitive contents from process memory by inducing a victim to visit a crafted HTML page. The root cause is CWE-457 (use of an uninitialized variable) within the WebXR implementation, meaning memory buffers are consumed before being properly zeroed or assigned, exposing whatever residual data the process held. No public exploit or CISA KEV listing is identified at time of analysis, but the CVSS C:H rating reflects the potential for meaningful data exposure including in-memory credentials, tokens, or browsing context.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Inappropriate implementation in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Geolocation implementation allows an attacker who has already compromised the renderer process to present misleading geolocation-related interface elements to the user via a crafted HTML page. Affected versions are all Chrome releases prior to 150.0.7871.47. The integrity impact is rated High (CVSS I:H) because the spoofed UI can deceive users into granting or believing geolocation permissions under false pretenses; no public exploit or CISA KEV listing exists, and the 0.17% EPSS score (7th percentile) reflects low observed exploitation probability.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient validation of untrusted input in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing via the File Input security indicator in Google Chrome on macOS allows a remote attacker to misrepresent security-critical interface elements when a user visits a crafted HTML page and performs specific UI gestures. Affected are all Chrome for Mac builds prior to 150.0.7871.47. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV; combined with the high attack complexity and required user interaction, real-world exploitation at scale is unlikely without a targeted social engineering component.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing in the Extensions component of Google Chrome on Android (prior to 150.0.7871.47) allows a remote attacker to misrepresent security UI elements by luring a victim into performing specific UI gestures on a crafted HTML page. The root cause (CWE-451) is incorrect rendering of security-critical extension UI, potentially misleading users about which extensions are active or what permissions they hold. No public exploit identified at time of analysis; the vendor has released a patch in the stable channel update.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Inappropriate implementation in Permissions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient validation of untrusted input in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Inappropriate implementation in Credential Management in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Domain spoofing in Google Chrome's WebAppInstalls component (versions prior to 150.0.7871.47) allows remote attackers to misrepresent the security origin displayed to a user, enabling phishing or social engineering attacks. Exploitation requires convincing the victim to perform specific UI gestures while visiting a crafted HTML page, placing this in a moderate-complexity social engineering category. No public exploit code has been identified at time of analysis, and the vendor has released a patch in Chrome 150.0.7871.47.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing in Google Chrome on macOS prior to version 150.0.7871.47 allows a remote attacker to misrepresent browser UI elements by convincing a user to perform specific UI gestures on a crafted HTML page. Rooted in CWE-451 (UI Misrepresentation of Critical Information), the flaw can cause security-sensitive browser chrome - such as origin indicators or permission prompts - to display falsified content, potentially deceiving users into unsafe actions. No public exploit code exists and this vulnerability is not listed in CISA KEV; the vendor has released a patch in the Chrome 150 stable channel.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Apple Google +1
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

UI spoofing in Google Chrome for Windows (prior to 150.0.7871.47) is enabled by insufficient input validation in the DataTransfer subsystem when the renderer process has already been compromised. A remote attacker who controls a compromised renderer can deliver a crafted HTML page that manipulates visual UI elements, potentially deceiving users into approving malicious permissions, revealing credentials, or performing unintended actions. No active exploitation has been confirmed (not in CISA KEV), and EPSS of 0.17% at the 7th percentile reflects minimal observed exploitation probability; however, exploitation as a second-stage payload in a renderer RCE chain remains a realistic concern for high-value targets.

Information Disclosure Microsoft Google +1
NVD
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's PageInfo component affects all desktop versions prior to 150.0.7871.47, enabling an attacker who has already compromised the renderer process to present deceptive browser security indicators to the user via a crafted HTML page. The vulnerability stems from an inappropriate implementation in the PageInfo subsystem (CWE-451), which controls the trusted security panel users consult to assess site authenticity. No active exploitation is confirmed - EPSS is 0.17% (7th percentile), SSVC rates exploitation as none, and this CVE is absent from the CISA KEV catalog - but the integrity impact is high where the attack chain is achievable.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Inappropriate implementation in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Incorrect security UI in Mobile in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing in Google Chrome's Media UI component on ChromeOS allows a remote attacker to manipulate what a user sees by delivering a crafted HTML page and social-engineering the victim into performing specific in-browser UI gestures. Affected versions are all Chrome on ChromeOS prior to 150.0.7871.47. While classified Medium severity (CVSS 4.2), the practical risk is constrained by the requirement for active user interaction and the ChromeOS-only scope; no public exploit code or CISA KEV listing has been identified at time of analysis.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

UI spoofing via MediaCapture in Google Chrome prior to 150.0.7871.47 enables a remote attacker who has already compromised the renderer process to misrepresent browser UI through a crafted HTML page, potentially deceiving users into granting permissions or trusting malicious content. This is a chained exploitation technique - it requires a prior renderer compromise as a prerequisite - making it a post-exploitation integrity threat rather than an initial access vector. EPSS is 0.21% (11th percentile), no public exploit or CISA KEV listing exists at time of analysis, and Google has patched this in the stable channel update.

Information Disclosure Google Suse
NVD
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

UI spoofing in Google Chrome's TabStrip component, fixed in version 150.0.7871.47, enables remote attackers to misrepresent browser security indicators through specially crafted HTML pages. The incorrect security UI rendering in the tab strip allows an attacker to deceive users about the true origin or security state of a webpage, creating phishing-enablement risk. No public exploit code and an EPSS of 0.17% (7th percentile) indicate low exploitation likelihood at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Google Suse
NVD
Prev Page 13 of 741 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy