| Severity | Description | ||||||
|---|---|---|---|---|---|---|---|
| CVE-2026-14125 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2026-14088 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Canvas in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2026-14070 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2026-14051 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2026-14010 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-14008 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13971 | Medium | 5.3 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13970 | Medium | 5.3 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13969 | Medium | 5.3 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13958 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13950 | Medium | 5.3 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13947 | Medium | 5.3 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13943 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13940 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium) |
| CVE-2026-13923 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in GPU in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2026-13833 | Medium | 6.5 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-13825 | High | 8.8 v3 | - | - | -No fix available yet | 2026-06-30 | Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-12469 | Medium | 4.3 v3 | 0.2% | - | Fix available | 2026-06-26 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-13023 | Medium | 5.3 v3 | 0.2% | - | Fix available | 2026-06-26 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-13030 | Medium | 5.3 v3 | 0.2% | - | Fix available | 2026-06-24 | Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-11696 | Medium | 5.3 v3 | 0.2% | - | Fix available | 2026-06-15 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11668 | Medium | 4.3 v3 | 0.2% | - | Fix available | 2026-06-15 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-9754 | Medium | 6.5 v3 | 0.2% | - | Fix available | 2026-06-09 | An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command |
| CVE-2026-11064 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-09 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11039 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11090 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11089 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11087 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11141 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11033 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11138 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-10977 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11137 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-10976 | High | 7.4 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-10973 | High | 7.4 v3 | 1.0% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11123 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11067 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-10960 | High | 8.3 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11057 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11110 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11109 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11268 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11159 | Medium | 4.3 v3 | 0.2% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11104 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-11101 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-10994 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-06-05 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-26824 | Medium | 6.5 v3 | 0.2% | - | -No fix available yet | 2026-06-03 | libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file |
| CVE-2026-9963 | High | 7.5 v3 | 0.3% | - | Fix available | 2026-05-31 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-9921 | Medium | 4.3 v3 | 0.2% | - | Fix available | 2026-05-31 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
| CVE-2026-9917 | Medium | 6.5 v3 | 0.3% | - | Fix available | 2026-05-31 | This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information. |
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in Canvas in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Integer overflow in WebNN in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in GamepadAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in WebXR in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 5.3 v3·EPSS -·No fix yet
Uninitialized Use in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 5.3 v3·EPSS -·No fix yet
Uninitialized Use in Media in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 5.3 v3·EPSS -·No fix yet
Uninitialized Use in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in Codecs in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 5.3 v3·EPSS -·No fix yet
Uninitialized Use in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 5.3 v3·EPSS -·No fix yet
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in CSS in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in Cast in Google Chrome prior to 150.0.7871.47 allowed an attacker on the local network segment to obtain potentially sensitive information from process memory via malicious network traffic. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in GPU in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
Published 2026-06-30
- MediumCVSS 6.5 v3·EPSS -·No fix yet
Uninitialized Use in ANGLE in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
Published 2026-06-30
- HighCVSS 8.8 v3·EPSS -·No fix yet
Uninitialized Use in Dawn in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
Published 2026-06-30
- MediumCVSS 4.3 v3·EPSS 0.2%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-26
- MediumCVSS 5.3 v3·EPSS 0.2%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-26
- MediumCVSS 5.3 v3·EPSS 0.2%·Fix available
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
Published 2026-06-24
- MediumCVSS 5.3 v3·EPSS 0.2%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-15
- MediumCVSS 4.3 v3·EPSS 0.2%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-15
- MediumCVSS 6.5 v3·EPSS 0.2%·Fix available
An authenticated user with the read role may read limited amounts of uninitialized stack memory via specially-crafted issuances of the filemd5 command
Published 2026-06-09
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-09
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- HighCVSS 7.4 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- HighCVSS 7.4 v3·EPSS 1.0%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- HighCVSS 8.3 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 4.3 v3·EPSS 0.2%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-06-05
- MediumCVSS 6.5 v3·EPSS 0.2%·No fix yet
libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table (MSAT) in read_MSAT() is not fully initialized before being consumed by ole2_validate_sector_chain(), which may result in application crashes or potential information disclosure when processing a crafted XLS file
Published 2026-06-03
- HighCVSS 7.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-05-31
- MediumCVSS 4.3 v3·EPSS 0.2%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-05-31
- MediumCVSS 6.5 v3·EPSS 0.3%·Fix available
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Published 2026-05-31
Uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog.