CVE-2026-13281

CVE-2026-13281 involves an integer overflow in Mojo, the Chromium IPC framework used by Google Chrome. A remote attacker who has already compromised the renderer process could potentially achieve a sandbox escape via a malicious file. Affected software: Google Chrome prior to 149.0.7827.201. Root...

Astra Linux – Vulnerability in Chromium

The use of Mojo with “after free” in Google Chrome before version 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-12018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Mojo in Google Chrome on Windows prior to 149.0.7827.115 allowed a local attacker to perform OS-level privilege escalation via a...

CVE-2026-12018

CVE-2026-12018 affects Google Chrome on Windows: an “Inappropriate implementation” in Mojo allows local OS-level privilege escalation via a malicious file. The issue is tied to Chrome before build 149.0.7827.115. Impact is described as High severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,...

Linux Distros Unpatched Vulnerability : CVE-2025-10201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via...

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

CVE-2025-4609

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2018-16068

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Exploit for CVE-2025-2783

CVE-2025-2783 Simulated PoC for CVE-2025-2783 — a sandbox esca...

CVE-2025-2783

Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. Chromium security severity: High...

CVE-2024-9369

CVE-2024-9369: Insufficient data validation in Mojo within Google Chrome (Chromium) allowed a remote attacker, who had compromised the renderer process, to perform an out-of-bounds memory write via a crafted HTML page. The issue is confirmed in Chrome/Chromium and has high impact. Public fix/upda...

PT-2023-3715 · Google +2 · Google Chrome +2

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 115.0.5790.98 Description: The issue is related to an out of bounds memory access in the Mojo library of Google Chrome, which can potentially allow a remote attacker to exploit heap corruption via a crafted HTM...

SUSE CVE-2022-0797

Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

SUSE CVE-2022-3075

Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

CVE-2018-16068

Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

Google Chrome Mojo has an unspecified vulnerability

Google Chrome is the United States Google Google company developed a Web browser. Mojo is one of the Mojo Maven plain Old Java Object plug-ins. An unspecified vulnerability exists in Mojo in Google Chrome versions prior to 69.0.3497.81. No detailed vulnerability details are provided at this time...