80 matches found
CVE-2026-14402
CVE-2026-14402 describes an uninitialized use in ANGLE within Google Chrome on Windows, prior to version 150.0.7871.46. The issue allows a remote attacker to potentially read sensitive data from a process's memory via a crafted HTML page. Affected component is ANGLE in Chrome’s Windows build; und...
CVE-2026-14402
Uninitialized Use in ANGLE in Google Chrome on Windows prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
EUVD-2026-40774
Heap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Low...
EUVD-2026-40611
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-14138
Inappropriate implementation in WebAppInstalls in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
CVE-2026-14055
CVE-2026-14055 affects Google Chrome on Windows before 150.0.7871.47, where insufficient validation of untrusted input in Device Trust could allow a remote attacker who compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The vulnerability is addressed by th...
CVE-2026-13920
Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
CVE-2026-13787
The CVE-2026-13787 entry concerns a use-after-free condition in Chromoting within Google Chrome on Windows, prior to version 150.0.7871.47 . This memory corruption issue enables a remote attacker to execute arbitrary code via malicious network traffic, as indicated by the NVD/Chromium advisories ...
PT-2026-54291
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 150.0.7871.47 Description A race condition in the WebRTC component on Windows allows a remote attacker to leak cross-origin data by using a specially crafted HTML page. WebRTC Web Real-Time Communication is a...
PT-2026-50190
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description A use after free issue in DigitalCredentials on Windows allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free occurs when an...
CVE-2026-12007
Use after free in Core in Google Chrome on Windows prior to 149.0.7827.115 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
EUVD-2026-35241
Use after free in Bluetooth in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...
Linux Distros Unpatched Vulnerability : CVE-2026-11680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Media in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted...
CVE-2026-11665
Out of bounds read in Dawn in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-11661
CVE-2026-11661 affects Google Chrome on Windows prior to 149.0.7827.103, with a use-after-free in Views that could allow a remote attacker (having renderer access) to escape the sandbox via a crafted HTML page. The Chromium/chrome update (149.0.7827.102/103 for Windows) addresses the issue; the s...
CVE-2026-11634
Use after free in Gamepad in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
CVE-2026-11631
Use after free in Aura in Google Chrome on Windows prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...
SUSE CVE-2026-11005
Out of bounds read in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...
EUVD-2026-34518
Insufficient validation of untrusted input in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the network process to potentially perform a sandbox escape via malicious network traffic. Chromium security severity: Medium...
EUVD-2026-34427
Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromium security severity: High...