198 matches found
CVE-2026-14398
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-14431
Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-14427
Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
DEBIAN-CVE-2026-14101
Insufficient policy enforcement in Sandbox in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-13901
Insufficient policy enforcement in Serial in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13859
Inappropriate implementation in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
DEBIAN-CVE-2026-13817
Insufficient validation of untrusted input in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-14101
CVE-2026-14101 affects Google Chrome on macOS before 150.0.7871.47, due to insufficient policy enforcement in the Sandbox component, enabling a renderer-compromised attacker to potentially escape the sandbox via a crafted HTML page. The issue is described across multiple sources (NVD/DEBIAN/RH/EU...
CVE-2026-14095
Insufficient policy enforcement in Browser in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
CVE-2026-13909
Insufficient policy enforcement in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13859
Inappropriate implementation in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13841
Integer overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13797
Insufficient validation of untrusted input in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13789
Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-13785
Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-13780
Affected software: Google Chrome with ANGLE. Vulnerability: Insufficient validation of untrusted input in ANGLE could allow a renderer-compromised attacker to perform a sandbox escape via a crafted HTML page. Root cause: input validation flaw in ANGLE preceding Chrome 150.0.7871.47. Impact: poten...
CVE-2026-13781
CVE-2026-13781 concerns an issue in Skia used by Google Chrome before 150.0.7871.47. The vulnerability stems from insufficient validation of untrusted input, which could enable a remote attacker who has already compromised the renderer process to potentially escape the browser sandbox via a craft...
CVE-2026-13775
Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-13031
CVE-2026-13031 is a use-after-free in Blink (Chrome) prior to 149.0.7827.197, allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Affected component: Blink in Google Chrome. Root cause: use-after-free in the browser’s rendering engine. Impact: high (arbi...
PT-2026-50215
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An object lifecycle issue in Metrics allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the use of a...