PT-2026-46781

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

PT-2026-46317

Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. In versions 4.9.0 through 5.0.0, an authenticated user with project-editor permissions can store arbitrary HTML/JavaScript in the ChartDatasetConfig.legend field. The...

PT-2026-46420

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the GFX component allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Use after free is a memory corruption flaw that...

PT-2026-46646

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46487

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue exists where a remote attacker can execute arbitrary code. This is achieved by convincing a user to perform specific UI gestures while interacting with a...

PT-2026-46715

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in the USB component allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corrupti...

PT-2026-46699

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Incorrect security UI in the Contact Picker allows a remote attacker to perform UI spoofing via a crafted HTML page. UI spoofing is a technique where an attacker mimics a...

PT-2026-46690

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Messages allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw...

PT-2026-46627

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description A use after free issue exists in the File Input component. A remote attacker can potentially perform a sandbox escape by convincing a user to perform specific UI gestures while...

PT-2026-46481

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description A use after free issue in the browser allows a remote attacker to potentially exploit heap corruption, which occurs when a program continues to use a pointer after it has been...

PT-2026-46488

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in the Input component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free i...

PT-2026-46449

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in WebShare allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTM...

PT-2026-46473

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data, which is information from a different domain than the one currently...

PT-2026-46454

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in Skia, a graphics library, which allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This ...

PT-2026-46429

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description A use after free issue in Passwords allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This occurs when a user is convinced to perform...

PT-2026-46658

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in the Autofill component. A remote attacker who has already compromised the renderer process can potentially achieve a sandbox escape by using ...

PT-2026-46836

Insufficient policy enforcement in History in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

PT-2026-46548

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker who has compromised the renderer process to perform domain spoofing by using a crafted HTML...

PT-2026-46479

Name of the Vulnerable Software and Affected Versions Google Chrome on iOS versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the Autofill feature allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that initiated the...

PT-2026-46482

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Core allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use aft...