PT-2026-46819

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Blink allows a remote attacker to bypass the content security policy CSP, which is a security layer that helps detect and mitigate certain types of...

PT-2026-46433

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in V8, the open-source JavaScript and WebAssembly engine, allows a remote attacker to execute arbitrary code within a sandbox by enticing a user to open ...

PT-2026-46612

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Password Manager allows a remote attacker to leak cross-origin data, which is data from a different domain than the one that initiated the request...

PT-2026-46538

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the USB component on Windows allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corrupti...

PT-2026-46435

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebAuthentication. A remote attacker can potentially exploit heap corruption—a condition where memory allocation on the heap is corrupted—via a crafted...

PT-2026-46440

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...

PT-2026-46424

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Ozone allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free is a memory corruption flaw that occurs when an applicatio...

PT-2026-46431

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Ozone allows a remote attacker to execute arbitrary code through a crafted HTML page. Use after free is a memory corruption flaw that occurs when an applicatio...

PT-2026-46426

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the GPU allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape occurs when a process breaks o...

PT-2026-46606

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the FileSystem component allows a remote attacker who has already compromised the renderer process to bypass the same origin policy, which is a securi...

PT-2026-46537

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in WebAppInstalls allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page...

PT-2026-46669

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Paint allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from one...

PT-2026-46432

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46636

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in ANGLE Almost Native Graphics Layer Engine, an open-source graphics abstraction layer allows a remote attacker to leak cross-origin data by using a crafted HTML...

PT-2026-46497

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Dawn allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendatio...

PT-2026-46816

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Side-channel information leakage in Paint allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Side-channel leakage occurs when information is...

PT-2026-46661

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Media component allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the...

PT-2026-46576

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Base allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A sandbox esca...

PT-2026-46411

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Network component allows a remote attacker to execute arbitrary code when a user opens a specially crafted HTML page. Use after free is a memory corruption...

PT-2026-46565

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Document Object Model DOM, a programming interface for web documents, allows a remote attacker to bypass the same origin policy through the use of...