11 matches found
Stable Channel Update for Desktop
The Stable channel has been updated to 149.0.7827.200/201 for Windows and Mac and 149.0.7827.200 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log Security Fixes and Rewards Note: Access to bug details and links may be kept...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS protections through a malicious file. Chromium security severity: High...
SUSE CVE-2026-11019
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11019
Inappropriate implementation in Payments in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform domain spoofing via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-11001
Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...
Google Chrome 安全漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a security vulnerability caused by improper implementations in the Payments component. This vulnerability could allow remote attackers with access to the renderer process to execute...
Astra Linux - уязвимость в chromium
Before version 88.0.4324.182, using the "after free" feature in Google Chrome allowed a remote attacker to potentially perform a sandbox escape through a crafted HTML page...
SUSE CVE-2026-8566
Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-8566
The CVE-2026-8566 entry concerns an insufficient policy enforcement flaw in the Payments component of Google Chrome on Android, arising from a policy enforcement bug in Chromium. The vulnerability allows a remote attacker to bypass discretionary access control through a crafted HTML page. Affecte...
CVE-2026-7993
CVE-2026-7993 affects Google Chrome on Android prior to 148.0.7778.96. The issue is insufficient validation of untrusted input in Payments, allowing a renderer-compromised attacker to spoof the Omnibox (URL bar) via a crafted HTML page. Affected component is Chrome’s Payments logic in Android, wi...
UBUNTU-CVE-2021-30540
Incorrect security UI in payments in Google Chrome on Android prior to 91.0.4472.77 allowed a remote attacker to perform domain spoofing via a crafted HTML page...