CVE-2026-12455

CVE-2026-12455 describes a Use-After-Free in Chrome’s Tab Strip, where a remote attacker could trigger heap corruption by convincing a user to perform specific UI gestures on a crafted HTML page. The issue affects Google Chrome prior to version 149.0.7827.155. Several connected sources (EUVD, DEB...

CVE-2026-12454

Race in Safe Browsing in Google Chrome on Mac prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12451

Use after free in DigitalCredentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-12452

Use after free in Downloads in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-12450

Inappropriate implementation in Media in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-12448

CVE-2026-12448 affects WebView in Google Chrome on Android prior to 149.0.7827.155. The issue is an inappropriate implementation in WebView that allows a remote attacker to escalate privileges via a crafted HTML page. The vulnerability is tied to Chromium WebView behavior and is rated High severi...

CVE-2026-12448

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

CVE-2026-12447

CVE-2026-12447 affects Google Chrome/WebRTC (Chromium). The issue is a heap buffer overflow in WebRTC that allows remote code execution via a crafted HTML page, affecting builds prior to 149.0.7827.155. Impact is a sandbox escape/total compromise of the browser process, per the cited descriptions...

CVE-2026-12443

Use after free in Web Authentication in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12441

CVE-2026-12441 affects Google Chrome on Linux (File Input component). The issue is a use-after-free that can lead to heap corruption via a crafted HTML page, enabling a remote attacker to potentially exploit the vulnerability. Affected version range is prior to 149.0.7827.155; remediation is to u...

CVE-2026-12441

Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12440

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12439

CVE-2026-12439 describes a use-after-free in Google Chrome’s Digital Credentials handling, leading to potential heap corruption when processing a crafted HTML page. Affected product: Chrome (Chromium-based) before version 149.0.7827.155. Root cause: use-after-free in Digital Credentials component...

CVE-2026-12437

CVE-2026-12437 describes a use-after-free in WebShare for Google Chrome on Windows before 149.0.7827.155. A remote attacker who already has renderer compromise could exploit a crafted HTML page to attempt a sandbox escape. The vulnerability is rated Critical. Affected software is Google Chrome (W...

CVE-2026-12437

Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

PT-2026-50198

Inappropriate implementation in WebView in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to perform privilege escalation via a crafted HTML page. Chromium security severity: High...

PT-2026-50192

Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

PT-2026-50204

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A race condition in the Safe Browsing component of Google Chrome on Mac allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escap...

PT-2026-50201

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use-after-free issue exists in DigitalCredentials. This occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. A remote attack...

PT-2026-50205

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue exists in the Tab Strip component. This occurs when a program continues to use a pointer after it has been freed, which can lead to heap corruption a memory...