EUVD-2026-34755

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-11209

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

PT-2026-46430

Name of the Vulnerable Software and Affected Versions Google Chrome on Mac versions prior to 149.0.7827.53 Description A use after free issue exists where a remote attacker can execute arbitrary code. This is achieved by convincing a user to perform specific UI gestures while interacting with a...

CVE-2026-10000

Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10000

Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10000

Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

PT-2026-44556

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in Passwords on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the u...

CVE-2026-7921

CVE-2026-7921 corresponds to a use-after-free vulnerability in Google Chrome’s Passwords handling, exploited via a crafted HTML page to achieve remote code execution. Affected product: Google Chrome (Password management code path) prior to version 148.0.7778.96. Root cause: use-after-free in Pass...

CVE-2025-13640

Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authentication via physical access to the device. Chromium security severity: Low...

CVE-2020-9347

Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability via a crafted name that is mishandled by the Export Passwords feature. NOTE: the vendor disputes the significance of this report because they expect CSV risk mitigation to be provided by an external...

SUSE CVE-2023-5186

Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. Chromium security severity: High...

ZOHO ManageEngine Password Manager Pro Injection Vulnerability

Zoho ManageEngine Password Manager Pro is a password management software for storing, sharing and resetting passwords. A security vulnerability exists in Zoho ManageEngine Password Manager Pro. The vulnerability stems from improper handling of specially crafted names in the "Export Passwords"...

CVE-2020-9347

Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability via a crafted name that is mishandled by the Export Passwords feature. NOTE: the vendor disputes the significance of this report because they expect CSV risk mitigation to be provided by an external...