CVEリスト - 高リスク・悪用確認済み脆弱性 ATT&CK の技法:Execution / RCE / Command Execution

MITRE ATT&CK CVE list for this attack path. Use risk scores and timeline to decide what to patch first and what to track next.

CVSS スコア
表示中 81100 (ほかにも結果があります)
CVE 説明 CVSS 最大値 EPSS(%) 公開 更新
CVE-2026-14143 Incorrect security UI in Passwords in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-01
CVE-2026-14142 Inappropriate implementation in Extensions in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 5.4 0.18% 2026-06-30 2026-07-01
CVE-2026-14141 Incorrect security UI in Document Picture-in-Picture in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-06
CVE-2026-14139 Inappropriate implementation in TabStrip in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.2 0.16% 2026-06-30 2026-07-01
CVE-2026-14138 Inappropriate implementation in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.2 0.16% 2026-06-30 2026-07-01
CVE-2026-14136 Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-01
CVE-2026-14134 Inappropriate implementation in Autofill in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.17% 2026-06-30 2026-07-06
CVE-2026-14133 Race in History Embeddings in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.2 0.14% 2026-06-30 2026-07-01
CVE-2026-14132 Inappropriate implementation in WebXR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 5.4 0.18% 2026-06-30 2026-07-01
CVE-2026-14130 Incorrect security UI in Omnibox in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-02
CVE-2026-14129 Inappropriate implementation in PreviewTab in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.2 0.15% 2026-06-30 2026-07-01
CVE-2026-14128 Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-01
CVE-2026-14127 Inappropriate implementation in Printing in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-02
CVE-2026-14126 Incorrect security UI in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.17% 2026-06-30 2026-07-06
CVE-2026-14123 Incorrect security UI in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-01
CVE-2026-14114 Inappropriate implementation in WebAppInstalls in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform UI spoofing via a malicious file. (Chromium security severity: Low) 7.5 0.16% 2026-06-30 2026-07-06
CVE-2026-14110 Inappropriate implementation in DarkMode in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) 4.3 0.18% 2026-06-30 2026-07-02
CVE-2026-14109 Insufficient policy enforcement in Mojo in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) 9.6 0.25% 2026-06-30 2026-07-02
CVE-2026-14086 Insufficient policy enforcement in HID in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) 8.8 0.30% 2026-06-30 2026-07-02
CVE-2026-14082 Race in Storage in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) 6.5 0.21% 2026-06-30 2026-07-01
cvelogic Threat Intelligence