46 matches found
AI-Generated Browser Ransomware Abuses Chromium API on Windows, Linux, macOS, Android
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capability" to turn it into a working ransomware technique that runs entirely inside the browser on both...
EUVD-2026-40739
Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14052
Insufficient policy enforcement in FileSystem in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13027
Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-13027
CVE-2026-13027 is a use-after-free in Chrome’s FileSystem prior to 149.0.7827.197, allowing a remote attacker to potentially exploit heap corruption via a crafted HTML page. Affected: Google Chrome (FileSystem component); root cause: use-after-free vulnerability; impact: heap corruption with high...
CVE-2026-13027
Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-10886
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
DEBIAN-CVE-2026-10886
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-11258
This CVE (CVE-2026-11258) affects Google Chrome’s File System Access and is due to an inappropriate implementation that allows a remote attacker to bypass discretionary access control when a user is persuaded by a crafted HTML page to perform specific UI gestures. Affected software: Chrome prior ...
CVE-2026-10931
Summary: CVE-2026-10931 is a use-after-free in Chrome’s FileSystem that could allow a remote sandbox escape via a crafted HTML page. Affected product/area: Google Chrome (Chromium-based) prior to version 149.0.7827.53. Impact: high severity with potential sandbox escape; attacker could trigger ne...
CVE-2026-10931
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10886
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-8543
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-8543
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-8512
CVE-2026-8512 affects Google Chrome FileSystem use-after-free prior to version 148.0.7778.168. A remote attacker who entices a user to perform specific UI gestures could trigger a sandbox escape via a crafted HTML page. Diagnosis: the root cause is a use-after-free in FileSystem; impact is sandbo...
CVE-2026-8512
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
PT-2026-41072
Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 148.0.7778.168 Description An out of bounds read in FileSystem allows a remote attacker to obtain potentially sensitive information from process memory. This occurs when a user is convinced to perform...
CVE-2026-6360
Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. Chromium security severity: High...
Linux Distros Unpatched Vulnerability : CVE-2026-6360
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page...