CVEs classified under CWE-1300, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2026-11153 — CVSS 9.1 (critical): Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a…
CVE-2026-14085 — CVSS 6.5 (medium): Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a…
CVE-2026-14074 — CVSS 6.5 (medium): Side-channel information leakage in WebAuthentication in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak…
CVE-2026-14071 — CVSS 6.5 (medium): Side-channel information leakage in WebAudio in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data…
CVE-2026-13935 — CVSS 6.5 (medium): Side-channel information leakage in ComputePressure in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin…
CVE-2026-13922 — CVSS 6.5 (medium): Side-channel information leakage in Paint in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a…
CVE-2026-13809 — CVSS 6.5 (medium): Side-channel information leakage in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had…
CVE-2026-13790 — CVSS 6.5 (medium): Side-channel information leakage in Scroll in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via…
CVE-2026-11289 — CVSS 6.5 (medium): Side-channel information leakage in Paint in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a…
CVE-2026-11284 — CVSS 6.5 (medium): Side-channel information leakage in PerformanceAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin…
CVE-2026-5876 — CVSS 6.5 (medium): Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to leak cross-origin data…
CVE-2025-11207 — CVSS 6.5 (medium): Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary…
CVE-2025-11210 — CVSS 5.4 (medium): Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to engage in…
CVE-2026-14012 — CVSS 5.3 (medium): Side-channel information leakage in CSS in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to obtain potentially sensitive…
CVE-2025-13992 — CVSS 4.7 (medium): Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to bypass site…
CVE-2026-8562 — CVSS 4.3 (medium): Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data…
CVE-2026-6923 — CVSS 3.8 (low): A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman (ECDH) key.
CVE-2026-8017 — CVSS 3.1 (low): Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a…
CVE-2026-3929 — CVSS 3.1 (low): Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to leak cross-origin…
CVE-2026-0115 — CVSS 2.1 (low): In Trusted Execution Environment, there is a possible key leak due to side channel information disclosure. This could lead to physical…