90092 matches found
CVE-2026-10010
Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-10012
CVE-2026-10012: Use-after-free in Skia within Google Chrome before 148.0.7778.216 allows a compromised renderer to potentially escape the Chromium sandbox via a crafted HTML page. Affected: Skia component in Chrome (Chromium-based). Root cause: use-after-free bug in Skia identified upstream. Impa...
CVE-2026-10011
CVE-2026-10011 concerns an inappropriate implementation in the Skia component of Google Chrome before 148.0.7778.216, where a remote attacker who already had renderer access could leak cross-origin data via a crafted HTML page. The issue is tied to the Skia/Chromium stack and is described in mult...
CVE-2026-10012
Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-10010
Inappropriate implementation in Input in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...
CVE-2026-10009
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10008
CVE-2026-10008 concerns an uninitialized use flaw in the GPU component of the Chromium-based Google Chrome on Android. The issue allows a remote attacker to potentially read sensitive information from a process’s memory via a crafted HTML page. The public description cites the root cause as an un...
CVE-2026-10008
Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-10007
Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10009
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10008
Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
CVE-2026-10005
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-10005
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-10006
CVE-2026-10006 affects Google Chrome’s WebAudio component in Chromium before 148.0.7778.216. A race condition in WebAudio could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. The issue is labeled high severity with network attack vector, requ...
CVE-2026-10004
Google Chrome/Chromium Passwords component vulnerability: insufficient validation of untrusted input before version 148.0.7778.216 allows UI spoofing via a crafted HTML page. Impact is UI spoofing; no exploit details are provided in the documents. Remediation: update to Chrome 148.0.7778.216 or l...
CVE-2026-10006
Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10005
Google Chrome on macOS is affected by CVE-2026-10005 via a use-after-free in the WebAppInstalls component. The flaw allows a remote attacker to execute arbitrary code if the user is persuaded to perform certain UI gestures on a crafted HTML page; impact is high. A patch exists in Chrome version 1...
CVE-2026-10005
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-10004
Insufficient validation of untrusted input in Passwords in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: High...
CVE-2026-10001
Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...