CVE-2026-7357

CVE-2026-7357 is a Use-After-Free in the GPU component of Google Chrome (Chromium) affecting versions prior to 147.0.7727.138. The issue can be exploited by a remote attacker who has already compromised the renderer process via a crafted HTML page, potentially leading to heap corruption and arbit...

CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7357

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2026-26183

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-7333

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

EUVD-2026-26158

Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

An out of bounds read flaw was found in the GPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=499891888 Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security...

Stable Channel Update for Desktop

The Stable channel has been updated to 147.0.7727.137/138 for Windows/Mac and 147.0.7727.137 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...

KLA91010 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in Canvas can be exploited remotely to execute arbitrar...

CVE-2026-31690

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

CVE-2026-31690

In the Linux kernel, the following vulnerability has been resolved: firmware: thead: Fix buffer overflow and use standard endian macros Addresses two issues in the TH1520 AON firmware protocol driver: 1. Fix a potential buffer overflow where the code used unsafe pointer arithmetic to access the...

Chromium: CVE-2026-6921 Race in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-31566

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix fence put before wait in amdgpuamdkfdsubmitib amdgpuamdkfdsubmitib submits a GPU job and gets a fence from amdgpuibschedule. This fence is used to wait for job completion. Currently, the code drops the fence...

Fedora 44 : cef (2026-83fdfd7e0e)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-83fdfd7e0e advisory. Update to 146.0.7680.177 + cef-146.0.11+g8e1262b High CVE-2026-5273: Use after free in CSS High CVE-2026-5272: Heap buffer overflow in GPU High...

Microsoft Edge (Chromium) < 147.0.3912.86 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 147.0.3912.86. It is, therefore, affected by multiple vulnerabilities as referenced in the April 24, 2026 advisory. - Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who ha...

USN-8180-5 linux-ibm, linux-ibm-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Drivers core; - Bluetooth drivers; - DMA engine subsystem; - GPU...

KLA91001 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Race condition vulnerability in GPU can be exploited to cause denial of service. 2. Use...

Ubuntu Pro Realtime 24.04 LTS : Linux kernel (Raspberry Pi Real-time) vulnerabilities (USN-8204-1)

"The remote Ubuntu Pro Realtime 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8204-1 advisory. Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly...