CVE-2026-11634

Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11631

Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11631

Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11632

Use after free in TabStrip in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11631

Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11632

CVE-2026-11632 describes a use-after-free in the TabStrip component of Google Chrome, exploited when a user performs specific UI gestures that lead to code execution via a crafted HTML page. The vulnerability affects Chrome versions prior to 149.0.7827.103 and is described as a remote code execut...

CVE-2026-11630

Use after free in File Input in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-11629

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

PT-2026-47458

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the TabStrip component. This allows a remote attacker to execute arbitrary code via a crafted HTML page if a user is convinced to perform specific UI...

PT-2026-47498

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.103 Description A heap buffer overflow exists in the GPU component. This issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox...

PT-2026-47462

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the Autofill component on Windows. A remote attacker can exploit heap corruption—a condition where memory is improperly managed on the heap—by convinci...

PT-2026-47478

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue in Extensions allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use after...

PT-2026-47519

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An inappropriate implementation in Plugins allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page. Site isolation is a...

PT-2026-47515

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description Insufficient policy enforcement in Passwords allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page. Site isolation is ...

PT-2026-47510

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description Insufficient policy enforcement in the Network component allows a remote attacker who has compromised the utility process to leak cross-origin data through the use of a crafted HTML...

PT-2026-47507

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.103 Description A use after free issue in Ozone allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free is a condition where a program...

PT-2026-47524

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.103 Description A use after free issue exists in the Bluetooth component, which could allow a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free ...