PT-2026-46747

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in PointerLock allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page...

PT-2026-46708

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Media Session component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

PT-2026-46448

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in ANGLE. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially craft...

PT-2026-46547

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Actor allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or late...

PT-2026-46666

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Paint allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by usi...

PT-2026-46678

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Password Manager allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafte...

PT-2026-46485

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the MimeHandlerView component. This allows a remote attacker to execute arbitrary code within a sandbox by inducing the user to open a specially crafted...

PT-2026-46483

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Actor component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46706

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Opaque Response Blocking ORB, a mechanism used to prevent cross-origin leaks of sensitive data, allows a remote attacker to bypass site isolation by...

PT-2026-46737

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46502

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Dawn allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that initiated the request, by using a crafted HTML...

PT-2026-46522

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A heap buffer overflow in Skia allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. A heap buffer overflow occurs when ...

PT-2026-46467

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Input allows a remote attacker who has compromised the renderer process to bypass site isolation using a crafted HTML page. Site isolation is a securi...

PT-2026-46411

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Network component allows a remote attacker to execute arbitrary code when a user opens a specially crafted HTML page. Use after free is a memory corruption...

PT-2026-46531

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the Autofill component. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using ...

PT-2026-46456

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in Dawn allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. An out of bounds rea...

PT-2026-46640

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

PT-2026-46466

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Passwords component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or scri...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a vulnerability related to input validation. This vulnerability stemmed from insufficient input validation in the Media component, which could allow remote attackers who have breached the...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 had a resource management vulnerability. This vulnerability stemmed from the reuse of the Extensions component after its release, which could allow remote attackers to execute arbitrary code...