CVE-2026-9949

An use after free flaw was found in the Core component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503793153...

CVE-2026-9876

An use after free flaw was found in the WebGL component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=493747593...

Linux Distros Unpatched Vulnerability : CVE-2026-9884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Browser in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium...

Linux Distros Unpatched Vulnerability : CVE-2026-9989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from out-of-bounds read operations in Headless mode, which could allow remote attackers with compromised rendering...

PT-2026-44556

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in Passwords on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the u...

Astra Linux - уязвимость в firefox

The browser might have mistakenly transferred the pointer lock state to another tab, which could lead to clickjacking attacks. This vulnerability affects Firefox versions earlier than 85...

Astra Linux - уязвимость в thunderbird, firefox

Regular expressions used to filter out forbidden properties and values from style directives in calls to console.log did not account for external URLs. As a result, data could potentially be exfiltrated from the browser. This vulnerability affects Firefox 109, Firefox ESR 102.7, and Thunderbird...

Astra Linux - уязвимость в firefox, thunderbird

The Mozilla Fuzzing Team reported potential vulnerabilities in Thunderbird 91.10. Some of these bugs exhibited signs of memory corruption, and we assume that with sufficient effort, some of these vulnerabilities could have been exploited to execute arbitrary code. This vulnerability affects Firef...

Astra Linux - уязвимость в firefox, thunderbird

If a user opens a specially crafted PDF file, the PDF reader may be tricked into leaking cross-origin information, when such information is served as chunked data. This vulnerability affects Firefox versions earlier than 85, Thunderbird versions earlier than 78.7, and Firefox ESR versions earlier...

ROS-20260520-73-0004

A vulnerability in the V8 JavaScript script handler of Google Chrome and Microsoft Edge browsers is related to improper code generation control. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...

CVE-2026-8945

Sandbox escape in Firefox and Firefox Focus for Android. This vulnerability was fixed in Firefox 151...

Kieback & Peter DDC Building Controllers

ADVISORY SUMMARY Successful exploitation of this vulnerability could allow an attacker to take control of the victim's browser. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. Minimize network exposure for all...

CVE-2026-8529

A heap buffer overflow flaw was found in the Codecs component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490222151...

Linux Distros Unpatched Vulnerability : CVE-2026-8536

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the...

CVE-2026-44659

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

PT-2026-39675

Zen is a firefox-based browser. Prior to 1.19.12b, the ZEN Browser incorrectly truncates long hostnames in the address bar and shows only the attacker-controlled prefix of the subdomain, hiding the actual registrable domain eTLD+1. As a result, an attacker can craft extremely long malicious...

CVE-2026-7986

An insufficient policy enforcement flaw was found in the Autofill component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498396238...

CVE-2026-7969

An integer overflow flaw was found in the Network component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497450574...

Chromium: CVE-2026-7953 Insufficient validation of untrusted input in Omnibox

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...