CVE-2026-9872

Out of bounds write in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-9872

Google Chrome on Android prior to 148.0.7778.216 has an out-of-bounds write in the GPU component of Chromium, which could allow a remote attacker to escape the sandbox via a crafted HTML page. The issue is tracked as CVE-2026-9872 and is considered Critical. A fix is included in Chrome 148.0.7778...

CVE-2025-68712

SpSoft AppLock com.sp.protector.free 7.9.40 for Android allows a local attacker with physical access to bypass fingerprint or PIN authentication. Although the app integrates Android's biometric mechanisms, the lock is implemented with a custom overlay that fails to consistently enforce...

Brave Android 1.90.128 Security Fixes

Fix wallet provider binding issue as reported on HackerOne by shinchan69. Upgraded Chromium to 148.0.7778.217 — refer to Google Chrome advisories for inherited CVEs...

CVE-2025-68710

Easyelife App lock aka Fingerprint,Applock or locker.app.safe.applocker 1.9.2 for Android allows a local attacker with physical access to bypass the PIN lock. The lock is implemented as an overlay rather than by using Android's secure authentication APIs. By navigating cascading interface flows -...

PT-2026-44651

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An out of bounds read in WebGL allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. An out of bounds read occurs when the system reads...

PT-2026-44621

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An inappropriate implementation in the GPU allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

PT-2026-44570

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description A use after free issue exists in WebMIDI. A remote attacker who has compromised the renderer process can potentially perform a sandbox escape by using a crafted HTML page. U...

PT-2026-44566

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An inappropriate implementation in the input handling allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page...

PT-2026-44597

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description A use after free issue exists in WebView. This allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape by using a...

PT-2026-44627

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An out of bounds read in WebGL allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. An out of bounds read occurs when the system reads...

PT-2026-44695

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in WebAppInstalls allows a local attacker to execute arbitrary code via a malicious file. Recommendations Update Google Chrome on...

PT-2026-44685

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in WebShare allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafte...

PT-2026-44607

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description Insufficient validation of untrusted input in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted...

PT-2026-44564

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An uninitialized use in the GPU allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update...

PT-2026-44584

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An out of bounds read in WebGL allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. An out of bounds read occurs when a program rea...

PT-2026-44628

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An uninitialized use in the GPU allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendations Upda...

PT-2026-44629

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An uninitialized use in WebGL allows a remote attacker to leak cross-origin information, which is data from a different origin than the one that initiated the request, by...

PT-2026-44626

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An uninitialized use in WebGL allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update t...

PT-2026-44585

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description A use after free issue in WebGL allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw tha...