2969 matches found
CVE-2026-13036
Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-13027
Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
CVE-2026-13024
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13036
Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
EUVD-2026-39046
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13031
Use after free in Blink in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-13024
CVE-2026-13024 : The issue is in Google Chrome’s Navigation logic, where insufficient validation of untrusted input in the renderer allows a remote attacker who has compromised the renderer process to bypass site isolation via a crafted HTML page. Affected product: Google Chrome (Chromium-based)....
CVE-2026-13024
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-13021
Google Chrome prior to 149.0.7827.197 contains an inappropriate implementation in DeviceBoundSessionCredentials that can allow a remote attacker to bypass the same-origin policy via a crafted HTML page. The CVE description notes a Chromium-based issue with High severity; updates to Chrome are ref...
CVE-2026-13033
CVE-2026-13033 affects Google Chrome’s Blink component, specifically Blink>InterestGroups. The vulnerability is described as an out-of-bounds read and write that could allow a remote attacker to execute arbitrary code via a crafted HTML page. Affected versions are Chrome prior to 149.0.7827.19...
CVE-2026-13028
CVE-2026-13028 is a use-after-free in WebGL of Google Chrome on Android, prior to version 149.0.7827.197, that could allow a remote attacker to sandbox-escape via a crafted HTML page. Severity is Critical (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H). The available connected documents reiterate...
PT-2026-52054
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description A use after free issue in Blink allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs...
PT-2026-52042
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.197 Description Insufficient validation of untrusted input in the Navigation component allows a remote attacker who has already compromised the renderer process to bypass site isolation. This is...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Reader Mode in Google Chrome on iOS prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page and a malicious server...
Astra Linux – Vulnerability in Chromium
Before version 90.0.4430.212, using Autofill in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in TabStrip in Google Chrome on Windows, prior to version 89.0.4389.114, allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
Astra Linux – Vulnerability in Chromium
A out-of-bounds read in Skia using Google Chrome before version 146.0.7680.153 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Fenced Frames in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to obtain potentially sensitive information from the system via a crafted HTML page. Chromium security severity: Medium...
Astra Linux – Vulnerability in Chromium
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...
Astra Linux – Vulnerability in Chromium
Before version 142.0.7444.59, reading outside the bounds in WebXR with Google Chrome allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: Medium...