246667 matches found
CVE-2026-10947
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10946
CVE-2026-10946 is a heap-buffer-overflow in Chrome's Media stack, fixed in Chrome 149.0.7827.53. The vulnerability could allow remote code execution inside a sandbox when a user is convinced to perform specific UI gestures on a crafted HTML page. Affected product: Google Chrome (pre-149.0.7827.53...
CVE-2026-10945
Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...
CVE-2026-10946
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10946
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10945
Summary: CVE-2026-10945 is a use-after-free in Google Chrome’s PDF handling prior to 149.0.7827.53. A remote attacker could lure a user into specific UI gestures to trigger execution of arbitrary code inside the browser sandbox via a crafted PDF file. The impact is high (arbitrary code execution ...
CVE-2026-10943
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10943
CVE-2026-10943 describes a use-after-free in WebRTC within Google Chrome prior to 149.0.7827.53, enabling a remote attacker to execute arbitrary code inside Chrome’s sandbox via a crafted HTML page. Affected software is Google Chrome (Chromium WebRTC component). The underlying root cause is a use...
CVE-2026-10941
Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10941
Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10941
CVE-2026-10941: Out-of-bounds memory access in Skia used by Google Chrome before version 149.0.7827.53 enables a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Severity: High. Affected software: Google Chrome (Skia component). Root cause: memory access outsi...
CVE-2026-10939
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10939
Chrome WebRTC use-after-free vulnerability (CVE-2026-10939) allows remote code execution in sandbox via a crafted HTML page on Chrome versions prior to 149.0.7827.53. The issue is caused by a use-after-free in WebRTC. A fix is available in Chrome 149.0.7827.53 and later; users should update to th...
CVE-2026-10936
This CVE describes a Type Confusion in V8 within Google Chrome prior to 149.0.7827.53 that allows a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Affected component: the V8 engine used by Chrome. Root cause: a type confusion in V8 handling, leading ...
CVE-2026-10935
CVE-2026-10935: Type Confusion in Google Chrome’s V8 engine (Chromium) prior to 149.0.7827.53. A crafted HTML page enables a remote attacker to execute arbitrary code inside the sandbox. Affected product: Google Chrome/Chromium with V8. Root cause: type confusion in V8. Impact: remote code execut...
CVE-2026-10935
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10935
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
CVE-2026-10928
CVE-2026-10928 affects Google Chrome in headless mode prior to 149.0.7827.53. The issue is described as a script injection via a crafted HTML page that could allow remote code execution. Affected component is the headless browser environment within Chrome/Chromium; root cause is a script-injectio...
CVE-2026-10928
Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-10928
Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...