CVE-2026-8013

An insufficient validation of untrusted input flaw was found in the FedCM component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=497427430...

SUSE CVE-2026-8013

Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

Linux Distros Unpatched Vulnerability : CVE-2026-8013

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HT...

Astra Linux - уязвимость в chromium

Using “after free” in FedCM in Google Chrome before version 146.0.7680.165 allowed a remote attacker to execute arbitrary code within a sandbox through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Inappropriate implementation in FedCM in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

Astra Linux - уязвимость в chromium

In FedCM, out-of-bounds memory access in Google Chrome prior to version 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20427-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20427-1 advisory. Changes in chromium: - Chromium 146.0.7680.164 boo1260376 CVE-2026-4673: Heap buffer overflow in WebAudio CVE-2026-4674: Out of bounds read in C...

Chromium: CVE-2026-4680 Use after free in FedCM

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

KLA90953 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in CSS can be exploited ...

OPENSUSE-SU-2026:20427-1 Security update for chromium

This update for chromium fixes the following issues: Changes in chromium: - Chromium 146.0.7680.164 boo1260376 CVE-2026-4673: Heap buffer overflow in WebAudio CVE-2026-4674: Out of bounds read in CSS CVE-2026-4675: Heap buffer overflow in WebGL CVE-2026-4676: Use after free in Dawn CVE-2026-4677:...

Fedora 44 : chromium (2026-4d42fffb2b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4d42fffb2b advisory. Update to 146.0.7680.164 High CVE-2026-4673: Heap buffer overflow in WebAudio High CVE-2026-4674: Out of bounds read in CSS High CVE-2026-4675: Heap...

CVE-2026-4680

CVE-2026-4680 is a use-after-free in Chrome’s FedCM that allows remote code execution inside the sandbox via a crafted HTML page, before version 146.0.7680.165. The vulnerability affects Chrome, with a CVSS 3.1 base score of 8.8 (High) and requires user interaction (UI: Required) with network att...

CVE-2026-4680

Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-4680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

KLA90951 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in WebAudio can be exploited to cause denial of service. 2...

Google Chrome < 146.0.7680.164 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 146.0.7680.164. It is, therefore, affected by multiple vulnerabilities as referenced in the 202603stable-channel-update-for-desktop23 advisory. - Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a...

chromium -- security fixes

Chrome Releases reports: This update includes 8 security fixes: 485397284 High CVE-2026-4673: Heap buffer overflow in WebAudio. Reported by c6eed09fc8b174b0f3eebedcceb1e792 on 2026-02-18 488188166 High CVE-2026-4674: Out of bounds read in CSS. Reported by Syn4pse on 2026-02-27 488270257 High...

EUVD-2024-27139

Malicious code in bioql PyPI...

EUVD-2024-47976

Malicious code in bioql PyPI...