PT-2026-46651

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in Skia allows a remote attacker to potentially exploit heap corruption through a crafted HTML page. Heap corruption occurs when a program writes data outside the...

PT-2026-46656

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, b...

PT-2026-46815

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in CSS allows a remote attacker to leak cross-origin data by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-46614

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Dawn allows a remote attacker who has compromised the renderer process to execute arbitrary code inside a sandbox by using a crafted HTML page...

PT-2026-46574

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the GPU component allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from proces...

PT-2026-46617

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Media allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using a crafted HTML...

PT-2026-46517

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Views allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Use after free is ...

PT-2026-46438

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Dawn. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially crafte...

PT-2026-46412

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in ANGLE, which could allow a remote attacker to potentially exploit heap corruption through the use of a crafted HTML page. Type confusion occurs when a...

PT-2026-46491

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in the Media component, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Type confusio...

PT-2026-46505

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update to version...

PT-2026-46747

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in PointerLock allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page...

PT-2026-46708

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Media Session component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

PT-2026-46448

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in ANGLE. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially craft...

PT-2026-46547

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Actor allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or late...

PT-2026-46714

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Glic allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-46746

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Navigation allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site...

PT-2026-46695

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using ...

PT-2026-46509

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in DevTools allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism...

PT-2026-46666

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Paint allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by usi...