DEBIAN-CVE-2026-11656

Use after free in ServiceWorker in Google Chrome prior to 149.0.7827.103 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: High...

SUSE CVE-2026-11194

Inappropriate implementation in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

EUVD-2026-34426

Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-11285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTM...

CVE-2026-11234

Inappropriate implementation in FoldableAPIs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Low...

Linux Distros Unpatched Vulnerability : CVE-2026-9989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file...

CVE-2026-9910

Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

PT-2026-44556

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A use after free issue in Passwords on Windows allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is achieved through the u...

CVE-2026-7336

Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Chromium: CVE-2026-3939 Use after free in WebView

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2025-9132

CVE-2025-9132 concerns Google Chrome’s V8 engine: an out-of-bounds write can lead to heap corruption when processing crafted HTML pages. The vulnerability affects Chrome/Chromium prior to version 139.0.7258.138. Impact is described as potential arbitrary code execution/heap damage, with a High se...

Linux Distros Unpatched Vulnerability : CVE-2018-6092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow on 32-bit systems in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbo...

Linux Distros Unpatched Vulnerability : CVE-2017-5067

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An insufficient watchdog timer in navigation in Google Chrome prior to 58.0.3029.81 for Linux, Windows, and Mac allowed a remote attacker to spoof the contents ...

Linux Distros Unpatched Vulnerability : CVE-2020-15969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the user interfaces of Google Chrome and Microsoft Edge allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the user interfaces of Google Chrome and Microsoft Edge relates to the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information through a specially created...

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers allows attackers to execute arbitrary code.

The vulnerability of JavaScript script handlers in Google Chrome and Microsoft Edge browsers is related to type mixing errors. Exploiting this vulnerability allows a malicious actor to execute arbitrary code through a specially created web page...

The vulnerability of the Prompts component in Microsoft Edge and Google Chrome browsers allows a perpetrator to access confidential information.

The vulnerability of the Prompts component in Microsoft Edge and Google Chrome is related to improper security checks for standard elements. Exploiting this vulnerability can allow a malicious actor to gain access to confidential information remotely...

The vulnerability of the Service Worker API in the Google Chrome web browser allows a hacker to execute arbitrary code.

The vulnerability of the Service Worker API in the Google Chrome web browser relates to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through a specially created HTML page...

The vulnerability in the implementation of the WebRTC technology in Google Chrome browser allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the WebRTC technology implemented in Google Chrome browser is related to reading data beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially crafted HTML page...

SUSE CVE-2014-9647

Use-after-free vulnerability in PDFium, as used in Google Chrome before 40.0.2214.91, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted PDF document, related to fpdfsdk/src/fpdfview.cpp and fpdfsdk/src/fsdkmgr.cpp, a different vulnerabili...