Chromium: CVE-2026-7963 Inappropriate implementation in ServiceWorker

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-7963

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2025:0344-1 Rating: important References: 1249388 Cross-References: CVE-2025-10200 CVE-2025-10201 Affected Products: openSUSE Backports SLE-15-SP6 An update that fixes two vulnerabilities is now available...

CVE-2020-26958

Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker. This could lead to a cross-site script inclusion vulnerability, or a Content Security Policy bypass. This vulnerability affects Firefox 83, Firefox ESR 78.5,...

UBUNTU-CVE-2019-5828

Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0.3770.80 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page...