CVE-2026-9942

Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

CVE-2026-8514

Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-8579

Insufficient validation of untrusted input in Skia in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted print file. Chromium security severity: Medium...

CVE-2026-8528

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. Chromium security severity: High...

CVE-2026-7970

CVE-2026-7970 affects Google Chrome’s TopChrome component. The issue is a use-after-free in TopChrome that, if a renderer process is compromised, could enable a sandbox escape via a crafted HTML page. Google Chrome 148.0.7778.96 and later addresses this by including fixes in the stable channel up...

CVE-2026-7945

Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...

SUSE CVE-2026-7360

Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-5880

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoo...

CVE-2026-5919

CVE-2026-5919 affects Google Chrome/Chromium: insufficient validation of untrusted input in WebSockets in the renderer, allowing a remote attacker who has compromised the renderer process to bypass the same-origin policy via a crafted HTML page. Public advisories cite affected Chrome/Chromium bui...

CVE-2026-5284

Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

PT-2024-4241 · Google +5 · Google Chrome +6

Name of the Vulnerable Software and Affected Versions: Google Chrome versions prior to 126.0.6478.54 Description: The issue is related to a type confusion vulnerability in the V8 JavaScript engine, allowing a remote attacker to perform an out of bounds memory write via a crafted HTML page. This c...

Exploit for Integer Overflow or Wraparound in Apple Ipados

PoC A collection of proof-of-concept codes from DARKNAVY. -...

SUSE CVE-2023-4354

Heap buffer overflow in Skia in Google Chrome prior to 116.0.5845.96 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2016-1687

The renderer implementation in Google Chrome before 51.0.2704.63 does not properly restrict public exposure of classes, which allows remote attackers to obtain sensitive information via vectors related to extensions...

SUSE CVE-2018-6127

Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page...

Android - Binder Driver Use-After-Free Exploit

The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: There is a use-after-free of the wait member in the binderthread struct in the binder driver at /drivers/android/binder.c. As described in the upstream commit:...

Android - Binder Driver Use-After-Free

The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: There is a use-after-free of the wait member in the binderthread struct in the binder driver at /drivers/android/binder.c. As described in the upstream commit:...

Android - Binder Driver Use-After-Free

Android - Binder Driver Use-After-Free The following issue exists in the android-msm-wahoo-4.4-pie branch of https://android.googlesource.com/kernel/msm and possibly others: There is a use-after-free of the wait member in the binderthread struct in the binder driver at /drivers/android/binder.c. ...

Android Kernel 4.8 - ptrace seccomp Filter Bypass

Android Kernel 4.8 - ptrace seccomp Filter Bypass / The seccomp.2 manpage http://man7.org/linux/man-pages/man2/seccomp.2.html documents: Before kernel 4.8, the seccomp check will not be run again after the tracer is notified. This means that, on older ker‐ nels, seccomp-based sandboxes must not...