Chromium: CVE-2026-7917 Use after free in Fullscreen

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-27919

Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7908

Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7917

CVE-2026-7917 describes a use-after-free in Chrome’s Fullscreen handling on Windows, prior to version 148.0.7778.96. A remote attacker who has already compromised the renderer could potentially escape the sandbox via a crafted HTML page. The issue is tied to Google Chrome/Chromium security fixes ...

KLA91026 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A remote code execution...

PT-2025-47790

This vulnerability allowed a site to enter fullscreen, after a user click, without a full-screen notification toast appearing. Without this notification, users could potentially be misled about what site they were on if a malicious site renders a fake UI like a fake address bar...

EUVD-2022-48276

Malicious code in bioql PyPI...

EUVD-2023-58453

Malicious code in bioql PyPI...

PT-2025-46929

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 128.0.6613.84 Description A flaw exists in the Fullscreen implementation of Google Chrome. This issue could allow a remote attacker to perform UI spoofing through a specially designed HTML page. Recommendations...

PT-2023-4458 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 116.0.5845.96 Description: The issue is related to an inappropriate implementation in Fullscreen in Google Chrome on Android, which allowed a remote attacker to potentially spoof the contents of the Omnibox URL...

Google Chrome 安全漏洞

Google Chrome is a web browser by Google, Inc. A security vulnerability exists in Google Chrome prior to version 116.0.5845.96, which stems from an improper implementation of Fullscreen and allows remote attackers to obfuscate the security UI via a crafted HTML page...

Spoofing

A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

CVE-2023-25730

A background script invoking requestFullscreen and then blocking the main thread could force the browser into fullscreen mode indefinitely, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox 110, Thunderbird 102.8, and Firefox ESR 102.8...

CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-31738

When exiting fullscreen mode, an iframe could have confused the browser about the current state of fullscreen, resulting in potential user confusion or spoofing attacks. This vulnerability affects Thunderbird 91.10, Firefox 101, and Firefox ESR 91.10...

CVE-2022-22743

When navigating from inside an iframe while requesting fullscreen access, an attacker-controlled tab could have made the browser unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

Mozilla: Fullscreen could be enabled without displaying the security UI

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

Mozilla: Fullscreen could be enabled without displaying the security UI

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user. This vulnerability affects Firefox 83, Firefox ESR 78.5, and Thunderbird 78.5...

Google Chrome Security Bypass Vulnerability (CNVD-2020-29300)

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in the full-screen mode in Google Chrome versions prior to 83.0.4103.61. The vulnerability can be exploited by an attacker to bypass security restrictions with the help of a specially crafted website...