23 matches found
CVE-2026-7339
Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-7351
CVE-2026-7351 describes a race in MHTML handling in Google Chrome prior to 147.0.7727.138. The vulnerability allows a user who is induced to install a crafted Chrome Extension to leak cross-origin data via MHTML processing. The root cause, per sources, is a race condition in MHTML handling; no ex...
CVE-2026-7353
Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-7363
Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-6312
Google Chrome Vulnerability CVE-2026-6312 affects the Passwords feature. The issue is caused by insufficient policy enforcement in Passwords, allowing a remote attacker who compromises the renderer process to leak cross-origin data via a crafted HTML page. Affected: Chrome versions before 147.0.7...
PT-2026-35847
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.138 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code via malicious network traffic. Use after free is a memory corruption flaw that occurs when an...
SUSE CVE-2026-5860
Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-5891
Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-5914
Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. Chromium security severity: Low...
SUSE CVE-2026-5918
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-5889
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs via a...
CVE-2026-5912
Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-5911
Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. Chromium security severity: Low...
DEBIAN-CVE-2026-5901
Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. Chromium security severity: Low...
CVE-2026-5889
Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs via a brute-force attack. Chromium security severity: Medium...
CVE-2026-5913
Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Low...
CVE-2026-5892
CVE-2026-5892 affects Google Chrome/Chromium PWAs. The root cause is insufficient policy enforcement for PWAs in the renderer, allowing a remote attacker who had compromised the renderer to install a PWA without user consent via a crafted HTML page. Affected versions are prior to 147.0.7727.55 (C...
CVE-2026-5881
CVE-2026-5881 describes a policy bypass in Chrome’s LocalNetworkAccess that could allow a remote attacker to bypass navigation restrictions via a crafted HTML page. The CVE affects Chrome/Chromium prior to 147.0.7727.55, with a Medium severity (CVSS 6.5, NETWORK attack vector, LOW attack complexi...
CVE-2026-5861
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 147.0.7727.55 contained a security vulnerability, which was caused by a heap buffer overflow in WebML. This vulnerability could allow arbitrary code to be executed through specially crafted...