OSV-2026-767 Heap-use-after-free in gf_sg_reset

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=513912488 Crash type: Heap-use-after-free READ 8 Crash state: gfsgreset gfsgdel fuzzscene.c...

ROS-20260515-73-0048

A vulnerability in the Skia graphics library of Google Chrome browser is associated with a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow a remote attacker to affect the confidentiality, integrity and availability of protected information...

CVE-2026-7900

Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7901

Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-7942

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7903

Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CLSA-2026-1777970160 gd: Fix of CVE-2021-40145

CVE-2021-40145: fix double free in gdImageGd2Ptr...

Astra Linux - уязвимость в firefox, thunderbird

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

Astra Linux - уязвимость в thunderbird

An outdated graphics library Angle likely contained vulnerabilities that could potentially be exploited. This vulnerability affects Thunderbird 78.9 and Firefox ESR 78.9...

Astra Linux - уязвимость в qtsvg-opensource-src, qt4-x11

In Qt 5.0.0 through 5.15.2, as well as in Qt 6.0.0 through 6.2.1, there is an out-of-bounds write in the function QtPrivate::QCommonArrayOps::growAppend, which is called from QPainterPath::addPath and QPathClipper::intersect...

CVE-2026-22166

CVE-2026-22166 pertains to GPU DDK components where a web page sending anomalous WebGPU content into the GPU GLES render process can trigger a write UAF crash in the GPU GLES user-space shared library (KEGLGetPoolBuffers). The exposed root cause is a write-after-free condition in KEGLGetPoolBuffe...

CVE-2026-22165

CVE-2026-22165 involves a flaw in a GPU DDK where a web page serving unusual WebGPU content loaded into the GPU GLES render process can trigger a write UAF in the GPU GLES user-space shared library. The root cause is described as UAF reads of GLES3Context::psDrawParams and GLES3Context::psMode an...

JLSEC-2026-362

SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...

JLSEC-2026-360

readheadertga in gdtga.c in the GD Graphics Library aka LibGD through 2.3.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted TGA file...

JLSEC-2026-361

The GD Graphics Library aka LibGD through 2.3.2 has an out-of-bounds read because of the lack of certain gdGetBuf and gdPutBuf return value checks...

CLSA-2026-1777541021 gd: Fix of CVE-2021-40145

CVE-2021-40145: Fix a double free in gdImageGd2Ptr in gdgd2.c in the GD Graphics Library...

CVE-2026-7359

Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7340

Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

UBUNTU-CVE-2026-6749

Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10...

CVE-2026-6296

Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...