CVE-2026-13283

The CVE-2026-13283 vulnerability affects Google Chrome on Android (Android builds) in the AdFilter component. It is caused by a use-after-free condition, allowing a remote attacker to trigger arbitrary code execution when a user is convinced to perform specific UI gestures on a crafted HTML page....

CVE-2026-13027

Use after free in FileSystem in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-13023

Uninitialized Use in GPU in Google Chrome prior to 149.0.7827.197 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-13033

Out of bounds read and write in BlinkInterestGroups in Google Chrome prior to 149.0.7827.197 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-12456

Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.155 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. Chromium security severity: High...

CVE-2026-12442

The CVE-2026-12442 entry describes a use-after-free in Passwords in Google Chrome on Android before version 149.0.7827.155, allowing a remote attacker to execute arbitrary code via a crafted HTML page (Chromium security severity: Critical). Connected sources confirm this vulnerability affects Chr...

PT-2026-50208

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.155 Description An inappropriate implementation in the Passwords component allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specific UI gestures on a...

Google Chrome < 149.0.7827.155 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 149.0.7827.155. It is, therefore, affected by multiple vulnerabilities as referenced in the 202606stable-channel-update-for-desktop01750511403 advisory. - Use after free in Extensions in Google Chrome prior to...

DEBIAN-CVE-2026-11657

Use after free in Payments in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

CVE-2026-11685

Inappropriate implementation in MediaCapture in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-11684

Insufficient policy enforcement in Network in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the utility process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-11669

Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

CVE-2026-11663

Use after free in Skia in Google Chrome prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11647

Use after free in Printing in Google Chrome on Android prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-11633

Use after free in Bluetooth in Google Chrome on Mac prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code via a malicious peripheral. Chromium security severity: Critical...

PT-2026-47520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the ServiceWorker component. This allows a remote attacker who has already compromised the renderer process to execute arbitrary code within a sandbox ...

CVE-2026-11204

An inappropriate implementation flaw was found in the Signin component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=505200733...

EUVD-2026-34764

Use after free in PDFium in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: Low...

EUVD-2026-34669

Use after free in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-34614

Side-channel information leakage in Forms in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...