25566 matches found
ToddyCat-Linked Umbrij Malware Abuses OAuth to Access Gmail via Google API
The threat actor known as ToddyCat has been attributed to a new malware called Umbrij that's designed to gain surreptitious access to a victim's email correspondence via the Google API. "In this campaign, the attackers focused their attention on corporate email communications hosted on Gmail,...
EUVD-2026-41156
Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-41160
Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-41180
Out of bounds read in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-41196
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-41197
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
EUVD-2026-41177
Out of bounds read in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14398
Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-14402
CVE-2026-14402 describes an uninitialized use in ANGLE within Google Chrome on Windows, prior to version 150.0.7871.46. The issue allows a remote attacker to potentially read sensitive data from a process's memory via a crafted HTML page. Affected component is ANGLE in Chrome’s Windows build; und...
CVE-2026-14423
CVE-2026-14423 describes a Type Confusion vulnerability in Google Chrome’s Tint component, exploitable via a crafted HTML page to potentially escape the sandbox. Affected software: Google Chrome (Tint component) before version 150.0.7871.46. Root cause: type confusion in Tint leading to sandbox e...
CVE-2026-14412
The CVE-2026-14412 entry concerns ANGLE in Google Chrome with insufficient validation of untrusted input. Attack vector involves a remote attacker who has already compromised the renderer process and could potentially escape the sandbox through a crafted HTML page. Affected product context is Goo...
CVE-2026-14401
CVE-2026-14401 affects Google Chrome on Android through ANGLE, where insufficient validation of untrusted input in ANGLE prior to 150.0.7871.46 enables a renderer-Process-compromised remote attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is described as high ...
CVE-2026-14407
CVE-2026-14407: In Google Chrome, an inappropriate implementation in the V8 engine prior to 150.0.7871.46 allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Affects the V8 implementation in Chrome; details indicate a sandbox escape/vector leadin...
CVE-2026-50521
Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...
CVE-2026-50521 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
...
EUVD-2026-41137
Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...
CVE-2026-50521
Use after free in Microsoft Edge Chromium-based allows an authorized attacker to execute code over a network...
GHSA-XX2V-HW92-QXMX vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-XRV4-RVR5-75GV vulnerabilities
Vulnerabilities for packages: chromium...
GHSA-XMX7-WHJX-VF2R vulnerabilities
Vulnerabilities for packages: chromium...