EUVD-2026-23050

Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.101 contained a security vulnerability. This vulnerability stemmed from the Graphite component allowing for post-release reuse, which could enable remote attackers who have infiltrated the...

Out-of-bounds Read

Mozilla Firefox is vulnerable to out-of-bounds reads. The vulnerability exists in the Graphite component in getClassGlyph function in Silf.cpp due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of service condition...

Uninitialized Buffer Allocation

Mozilla Firefox is vulnerable to uninitialized buffer allocation vulnerability. The vulnerability exists in the Graphite component in the readglyph function in GlyphCache.cpp related to use of uninitialized memory. An unauthenticated, remote attacker can exploit this to have an unspecified impact...

Denial Of Service (DoS)

Mozilla Firefox is vulnerable to heap-based buffer overflow vulnerability. The vulnerability exists in the Graphite component in the decompress function in Decompressor.cpp due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this to cause a denial of...