39 matches found
EUVD-2026-40635
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13947
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14008
CVE-2026-14008 describes an uninitialized-use flaw in WebXR within Google Chrome on Android (pre-150.0.7871.47). A crafted HTML page could cause the Chrome process to disclose potentially sensitive memory contents to remote attackers. The impact is information disclosure with a Medium severity pe...
CVE-2026-13947
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13947
Uninitialized Use in XR in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13947
CVE-2026-13947 concerns Google Chrome’s XR handling. The vulnerability is described as an uninitialized use in XR that affects Chrome prior to version 150.0.7871.47 . A remote attacker who had already compromised the renderer process could potentially read sensitive information from the process m...
Chromium: CVE-2026-9890 Use after free in XR
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
EUVD-2026-33137
Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
DEBIAN-CVE-2026-9890
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9890
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9890
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9890
CVE-2026-9890 is a use-after-free in Chrome’s XR component on Windows, prior to version 148.0.7778.216. A renderer process–compromised attacker could potentially escape the Chrome sandbox via a crafted HTML page, as described in multiple sources (EUVD-2026-33185, Red Hat, Debian, NVD). The Chrome...
CVE-2026-9890
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-9118
An use after free flaw was found in the XR component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=498702233...
PT-2026-44599
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in XR Extended Reality allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the us...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability, which stemmed from a reuse issue within WebXR. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox throug...
Chromium: CVE-2026-9118 Use after free in XR
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
CVE-2026-9118
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-9118
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
EUVD-2026-31164
Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...