CVE-2026-10892

Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-10892

CVE-2026-10892 is an out-of-bounds write in the GPU component of Google Chrome on Android, before version 149.0.7827.53, allowing a remote attacker to potentially escape the sandbox via a crafted HTML page. The issue affects Chrome for Android and is categorized as Critical. Public references sho...

CVE-2026-49187

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

EUVD-2026-34204

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

CVE-2026-49187 Hard-coded APK Resource Credentials & Scepters

The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse...

CVE-2026-49185 Instruction Injection via FieldX MDM

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

EUVD-2026-34199

The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec, allowing command/instruction injection...

CVE-2026-49185

The CVE-2026-49185 entry concerns FieldX MDM where the adb messaging topic passes unverified payloads directly into Runtime.exec(), enabling command/instruction injection. Affected component: adb messaging topic within FieldX MDM; root cause is unverified payloads executed via Runtime.exec(). Imp...

PT-2026-46817

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An integer overflow in WebView allows a local attacker to cause a denial of service by using a malicious file. An integer overflow occurs when an arithmetic operation attempt...

PT-2026-46608

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in WebView allows a remote attacker to potentially exploit heap corruption, which occurs when a program continues to use a pointer after it has been...

PT-2026-46625

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebView allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the...

PT-2026-46541

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in Serial. A remote attacker who has compromised the renderer process can potentially perform a sandbox escape by using a crafted HTML page. Use...

PT-2026-46564

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in Custom Tabs allows a local attacker to perform privilege escalation by using a crafted XML file. Recommendations Update to version...

PT-2026-46463

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in the Autofill component. A remote attacker who has already compromised the renderer process can potentially achieve a sandbox escape by using ...

PT-2026-46646

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in the GPU allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46539

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue in WebShare allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use...

PT-2026-46496

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description A use after free issue exists in SurfaceCapture. A remote attacker who has compromised the renderer process can potentially perform a sandbox escape by using a crafted HTML...

PT-2026-46654

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An inappropriate implementation in WebAPKs allows a remote attacker to perform domain spoofing through the use of a crafted WebAPK. Domain spoofing is a technique where an...

PT-2026-46142

CVE-2026-31324: Android zero-interaction privilege escalation. Active in-the-wild exploitation. Framework-level integer overflow. Mobile EDR isn't built for this class of bug. Patch fleets immediately. https://t.co/HVZEFoGjif cybersecurity bugbounty...

PT-2026-46421

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 149.0.7827.53 Description An out of bounds write in the GPU allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. An out of bounds write occurs when a program...