CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

CVE-2026-10923

CVE-2026-10923 describes a use-after-free vulnerability in the WebAppInstalls component of Google Chrome on Android, affecting versions prior to 149.0.7827.53. The flaw allows a local attacker to execute arbitrary code by interacting with a malicious file, representing a memory corruption issue w...

CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

CVE-2026-10923

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. Chromium security severity: High...

CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10892

CVE-2026-10892 is an out-of-bounds write in the GPU component of Google Chrome on Android, before version 149.0.7827.53, allowing a remote attacker to potentially escape the sandbox via a crafted HTML page. The issue affects Chrome for Android and is categorized as Critical. Public references sho...

CVE-2026-49187 Hard-coded APK Resource Credentials & Scepters

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

CVE-2026-49187

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

EUVD-2026-34204

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

CVE-2026-49185 Instruction Injection via FieldX MDM

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

CVE-2026-49185

The CVE-2026-49185 entry concerns FieldX MDM where the adb messaging topic passes unverified payloads directly into Runtime.exec(), enabling command/instruction injection. Affected component: adb messaging topic within FieldX MDM; root cause is unverified payloads executed via Runtime.exec(). Imp...

EUVD-2026-34199

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

PT-2026-46613

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An integer overflow in the GPU component allows a remote attacker to potentially perform out of bounds memory access by using a crafted HTML page. Recommendations Update to...

PT-2026-46694

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebView allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46558

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Drag and Drop feature allows a remote attacker who has compromised the renderer process to potentially perform a sandbox...

PT-2026-46690

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in Messages allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw...

PT-2026-46541

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in Serial. A remote attacker who has compromised the renderer process can potentially perform a sandbox escape by using a crafted HTML page. Use...

PT-2026-46548

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker who has compromised the renderer process to perform domain spoofing by using a crafted HTML...