Chromium: CVE-2026-9907 Out of bounds read in Dawn

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-9930

An out of bounds write flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=501499832...

CVE-2026-9889

An out of bounds read and write flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=511727159...

CVE-2026-9874

An use after free flaw was found in the Dawn component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=500609038...

CVE-2026-9930

CVE-2026-9930 affects the Dawn component of Google Chrome on macOS. A crafted HTML page can trigger an out-of-bounds write in Dawn, allowing a remote attacker to perform an out-of-bounds memory write. The issue is tied to Chrome versions before 148.0.7778.216. No exploitation details are provided...

CVE-2026-9907

Out of bounds read in Dawn in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-9889

Out of bounds read and write in Dawn in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-9874

Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-9874

CVE-2026-9874 is a use-after-free in Chrome’s Dawn component (Chromium) that could allow a sandbox escape via a crafted HTML page. Affected product: Google Chrome (Dawn in Chromium). Version history: fixed in Chrome stable channel as of 148.0.7778.216 (Windows/Linux/macOS varied builds; subsequen...

PT-2026-44598

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description An out of bounds read and write issue in Dawn allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. of the United States. V8 is a set of open-source JavaScript engines included in it. Versions of Google Chrome on Android prior to 148.0.7778.216 contained a security vulnerability. This vulnerability stemmed from excessive reading and writin...

PT-2026-44616

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description An out of bounds read in Dawn allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. An out of bounds read occurs when a program reads data past the...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in Dawn, which could allow remote attackers to execute a sandbox...

Google Chrome 缓冲区错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a buffer overflow vulnerability. This vulnerability stemmed from excessive memory writes by the Dawn component, which could allow remote attackers to execute excessive memory writes...

ROS-20260520-73-0052

A vulnerability in the Dawn component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

ROS-20260520-73-0020

A vulnerability in the Dawn component of the Google Chrome browser is related to integer overflow. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information using a specially crafted HTML page...

ROS-20260520-73-0041

A vulnerability in the Dawn component of Google Chrome browser is related to a buffer overflow in dynamic memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...

ROS-20260520-73-0050

A vulnerability in the Dawn component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...

ROS-20260520-73-0061

A vulnerability in the Dawn component of the Google Chrome browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code using a specially crafted HTML page...

ROS-20260520-73-0036

A vulnerability in the Dawn component of Google Chrome browser is related to memory usage after release. Exploitation of the vulnerability could allow an attacker acting remotely to bypass the sandbox protection mechanism using a specially crafted HTML page...