SUSE CVE-2026-12029

Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

EUVD-2026-36346

Out of bounds read in Video in Google Chrome on ChromeOS prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-12029

Use after free in Video in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-11198

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape v...

CVE-2026-8529

Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. Chromium security severity: High...

Chromium: CVE-2026-6359 Use after free in Video

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

SUSE CVE-2026-6302

Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6302

Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6302

Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6302

Chromium-based Google Chrome is affected by CVE-2026-6302 due to a use-after-free in the Video component. Versions before 147.0.7727.101 allow a remote attacker to execute arbitrary code in the sandbox via a crafted HTML page. Mitigation: update Chrome to 147.0.7727.101 or newer. Exploitation sta...

CVE-2026-6302

Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-6359

Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2026-6359

Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. Chromium security severity: High...

CVE-2026-6359

The CVE-2026-6359 vulnerability affects Google Chrome on Windows and stems from a Use‑After‑Free in the Video component. A remote attacker who has already compromised the renderer process could trigger out‑of‑bounds memory access via a crafted HTML page, underlining the impact of high severity. A...

KLA90990 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in ANGLE can be exploited...

CVE-2026-2757 Incorrect boundary conditions in the WebRTC: Audio/Video component

Incorrect boundary conditions in the WebRTC: Audio/Video component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...

CVE-2025-68906

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jegtheme JNews - Video jnews-video allows Reflected XSS.This issue affects JNews - Video: from n/a through = 11.0.2...

Beward N100 安全漏洞

Beward N100 is an IP video codec open source from Beward, Russia. A security vulnerability exists in Beward N100 version M2.1.6.04C014, which stems from a lack of authentication in the video access mechanism and could lead to unauthorized access to live video streams...

CVE-2025-34436

AVideo is affected by an IDOR in the file upload feature: versions prior to 20.1 allow any authenticated user to upload files into directories owned by other users because ownership checks are not enforced, despite authentication being required. The issue stems from lack of authorization for the ...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: Update Mozilla Thunderbird to version 140.5 bsc1253188 CVE-2025-13012: Race condition in the Graphics component. CVE-2025-13016: Incorrect boundary conditions in the JavaScript: WebAssembly component. CVE-2025-13017: Same-origin polic...