EUVD-2026-33137

Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability, which stemmed from a reuse issue within WebXR. This vulnerability could allow remote attackers to execute arbitrary code within a sandbox throug...

PT-2026-44599

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in XR Extended Reality allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the us...

PT-2026-41112

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.168 Description Insufficient policy enforcement in WebXR allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory vi...

WebXR Flaw Hits 4 Billion Chromium Users, Update Your Browser Now

Cybersecurity startup AISLE discovered a Medium severity flaw in the WebXR component of Chrome, Edge, and other Chromium browsers. Over 4 billion devices were at risk. Update now...

The vulnerability of the WebXR WebRTC component in Google Chrome, related to the use of memory after its release, allows a hacker to execute arbitrary code.

The vulnerability of the WebXR component in Google Chrome relates to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...