Chromium: CVE-2026-11654 Use after free in CameraCapture

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-11634 Use after free in Gamepad

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-9878 Use after free in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-7353 Heap buffer overflow in Skia

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Researcher claims Claude Desktop installs “spyware” on macOS

Security researcher Alexander Hanff wrote an article titled Anthropic secretly installs spyware when you install Claude Desktop. Claims like that are bound to create two sides, so we searched for an official rebuttal by Anthropic. But we couldn’t find one. It would surprise me very much if they’d...

CVE-2026-22643

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

EUVD-2026-2801

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher...

October 14, 2025—KB5066835 (OS Builds 26200.6899 and 26100.6899)

October 14, 2025—KB5066835 OS Builds 26200.6899 and 26100.6899 Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business...

WebXR Flaw Hits 4 Billion Chromium Users, Update Your Browser Now

Cybersecurity startup AISLE discovered a Medium severity flaw in the WebXR component of Chrome, Edge, and other Chromium browsers. Over 4 billion devices were at risk. Update now...

EUVD-2023-39393

Malicious code in bioql PyPI...

webpack-dev-server users' source code may be stolen when they access a malicious web site with non-Chromium based browser

...

Performance Analysis of Common Browser Extensions for Cryptojacking Detection

This paper considers five extensions for Chromium-based browsers in order to determine how effective can browser-based defenses against cryptojacking available to regular users be. We've examined most popular extensions - MinerBlock, AdGuard AdBlocker, Easy Redirect && Prevent Cryptojacking,...

Chromium, Google Chrome, Microsoft Edge. Opera: Multiple Vulnerabilities

Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Microsoft Edge is a browser that combines a minimal design with...

CVE-2025-34092

Rejected reason: Neither filed by Chrome nor a valid security vulnerability...

CVE-2025-34092

CVE-2025-34092 describes a cookie encryption bypass in Google Chrome’s AppBound mechanism caused by weak path validation in the elevation service. The vulnerability allows an attacker to impersonate Chrome by naming a binary chrome.exe and placing it on a similar path, enabling retrieval of the e...

CVE-2025-34092 Chrome Cookie Key Exposure via AppBound COM Path Validation Weakness

A cookie encryption bypass vulnerability exists in Google Chrome’s AppBound mechanism due to weak path validation logic within the elevation service. When Chrome encrypts a cookie key, it records its own executable path as validation metadata. Later, when decrypting, the elevation service compare...

Exploit for CVE-2025-4664

CVE-2025-4664 This repository contains a PoC for exploiting CV...

Grafana Labs < 11.6.2 Improper Input Validation (CVE-2025-1088)

The version of Grafana Labs installed on the remote host is affected by an improper input validation vulnerability as referenced in the CVE-2025-1088 advisory. In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to improper input...

CVE-2025-1088

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher...

UBUNTU-CVE-2025-1088

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher...