PT-2026-46421

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An out of bounds write in the GPU allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. An out of bounds write occurs when a program...

PT-2026-46548

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker who has compromised the renderer process to perform domain spoofing by using a crafted HTML...

PT-2026-46600

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in the WebView component, which allows a local attacker to execute arbitrary code by utilizing a malicious file. Use after free is a memory...

PT-2026-46613

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An integer overflow in the GPU component allows a remote attacker to potentially perform out of bounds memory access by using a crafted HTML page. Recommendations Update to...

PT-2026-46814

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Navigation allows a remote attacker who has compromised the renderer process to bypass navigation restrictions using a crafted HTML page...

PT-2026-46646

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46741

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in Cronet allows a remote attacker to perform domain spoofing by using a crafted domain name. Recommendations Update to version 149.0.7827.53 ...

PT-2026-46610

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A race condition in the GPU component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This is achieved...

PT-2026-46694

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebView allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46536

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in WebView allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page...

PT-2026-46482

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Core allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use aft...

PT-2026-46752

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the PreviewTab allows a remote attacker to bypass the same origin policy—a security mechanism that restricts how a document or script loade...

PT-2026-46715

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in the USB component allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corrupti...

PT-2026-46702

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Incorrect security UI in Messages allows a remote attacker to perform UI spoofing via a crafted HTML page. UI spoofing is a technique where an attacker mimics a legitimate us...

PT-2026-46705

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient policy enforcement in WebView allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the...

PT-2026-46690

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Messages allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw...

PT-2026-46658

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in the Autofill component. A remote attacker who has already compromised the renderer process can potentially achieve a sandbox escape by using ...

PT-2026-46672

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A race condition in the Geolocation feature allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that initiated the request,...

PT-2026-46675

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in Payments allows a local attacker to leak cross-origin data, which is data from a different origin than the one that initiated the request, ...

PT-2026-46635

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Near Field Communication NFC component allows a remote attacker to perform privilege escalation through the use of a crafted HTML page...