CVE-2026-13038

Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2026-13022

Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-13022

Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

EUVD-2026-39035

Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-13038

Use-after-free in Chrome’s Autofill on Windows exploited via a crafted HTML page could allow remote code execution. Affected versions are Chrome on Windows before 149.0.7827.197. If exploiting, attacker could take arbitrary code execution; impact is severe (CVE-2026-13038). The cited sources indi...

EUVD-2026-39037

Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-13022

CVE-2026-13022 affects Google Chrome up to version 149.0.7827.196/197 (prior to 149.0.7827.197). The issue is an inappropriate implementation in Autofill within the Chromium-based renderer, enabling a remote attacker who has compromised the renderer process to leak cross-origin data via a crafted...

CVE-2026-13038

Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-13038

Use after free in Autofill in Google Chrome on Windows prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-13022

Inappropriate implementation in Autofill in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Google Chrome < 149.0.7827.196 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.196. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0482630350 advisory. - Use after free in Autofill. CVE-2026-13038 - Use after free in...

Google Chrome < 149.0.7827.196 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 149.0.7827.196. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop0482630350 advisory. - Use after free in Autofill. CVE-2026-13038 - Use after free in WebG...

PT-2026-52056

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description A use after free issue exists in the Autofill component on Windows. This occurs when a remote attacker induces the browser to process a specially crafted HTML page, which can lead to...

Stable Channel Update for Desktop

The Stable channel has been updated to 149.0.7827.196/197 for Windows and Mac and 149.0.7827.196 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

CVE-2026-12020

The following flaw was identified in the Chromium browser: Use after free Autofill. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=516907083...

Astra Linux – Vulnerability in Chromium

Before version 90.0.4430.212, using Autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Before version 92.0.4515.107, using Autofill in Google Chrome allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...

Astra Linux – Vulnerability in Chromium

Chromium: CVE-2021-30624 – Use after free in Autofill...

Astra Linux – Vulnerability in Chromium

Insufficient policy enforcement in Autofill in Google Chrome prior to 95.0.4638.69 allowed a remote attacker to leak cross-origin data through a crafted HTML page...

Astra Linux – Vulnerability in Firefox

While the text displayed in Autofill tooltips cannot be directly read by JavaScript, it was rendered using page fonts. Side-channel attacks on the text using specially crafted fonts could have led to this text being interpreted by the webpage. This vulnerability affects Firefox versions earlier...