280 matches found
EUVD-2026-33106
Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...
DEBIAN-CVE-2026-9964
Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: High...
CVE-2026-10022
Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-9891
CVE-2026-9891 is a use-after-free vulnerability in Chrome’s Extensions component (Chromium) that affects pre-148.0.7778.216 builds. The issue arises when a renderer process is compromised, potentially enabling a sandbox escape via a crafted Chrome Extension. The vulnerability is discussed across ...
PT-2026-44578
Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A type confusion issue exists in V8, the JavaScript and WebAssembly engine. This allows an attacker to execute arbitrary code within a sandbox if a user is convinced to install a...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. In versions prior to 148.0.7778.216 for Mac, there was a resource management vulnerability. This vulnerability stemmed from the Bluetooth component reusing resources after release, which could allow attackers to execute a sandbox escape...
CVE-2026-8565
Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-8587
CVE-2026-8587 describes a use-after-free in Chrome’s Extensions on macOS that allows arbitrary code execution when a user is convinced to install a crafted (malicious) extension. Affected product: Google Chrome running on Mac. Vulnerable component: Extensions subsystem (use-after-free in extensio...
CVE-2026-8587
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-8587
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-8587
Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
EUVD-2026-30384
Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-8565
Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-8565
Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-8565
Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Medium...
EUVD-2026-28119
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...
EUVD-2026-27977
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-7976
Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-7958
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML UXSS via a crafted Chrome Extension. Chromium security severity: Medium...
CVE-2026-7949
Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. Chromium security severity: Medium...