PT-2026-46661

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Media component allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the...

PT-2026-46576

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Base allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A sandbox esca...

PT-2026-46411

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Network component allows a remote attacker to execute arbitrary code when a user opens a specially crafted HTML page. Use after free is a memory corruption...

PT-2026-46565

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Document Object Model DOM, a programming interface for web documents, allows a remote attacker to bypass the same origin policy through the use of...

PT-2026-46663

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Canvas allows a remote attacker to execute arbitrary code inside a sandbox by utilizing a crafted HTML page. Use after free is a memory corruption flaw that...

PT-2026-46493

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46640

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

PT-2026-46476

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46742

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Incorrect security UI in the File Input component allows a remote attacker to perform UI spoofing via a crafted HTML page, provided they can convince a user to perform specific UI...

PT-2026-46525

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Workers allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from o...

PT-2026-46485

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the MimeHandlerView component. This allows a remote attacker to execute arbitrary code within a sandbox by inducing the user to open a specially crafted...

PT-2026-46456

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in Dawn allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. An out of bounds rea...

PT-2026-46749

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a securi...

PT-2026-46707

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in SVG allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by using...

PT-2026-46647

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Enterprise Reporting allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafte...

PT-2026-46648

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Skia allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendatio...

PT-2026-46737

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46683

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data, which is information from a different domain than the one serving the page, by using a crafted...

PT-2026-46595

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update to version...

PT-2026-46615

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in ANGLE Almost Native Graphics Layer Engine, an abstraction layer that allows OpenGL ES calls to be translated to other graphics APIs allows a remote attacker who...