16818 matches found
CVE-2026-5288
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-5290
CVE-2026-5290 is a use-after-free in Chrome/Chromium’s Compositing pathway that, if the renderer is already compromised, could enable a sandbox escape via a crafted HTML page. The vulnerability affects Chrome prior to version 146.0.7680.178; Google’s update to 146.0.7680.178 (and newer) fixes thi...
CVE-2026-5288
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-5290
Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-5289
CVE-2026-5289 affects Google Chrome prior to version 146.0.7680.178, describing a use-after-free in the Navigation component that could allow a remote attacker who already compromised the renderer process to escape the sandbox via a crafted HTML page. The vulnerability is categorized as High seve...
CVE-2026-5288
CVE-2026-5288 describes a use-after-free in WebView within Google Chrome on Android prior to 146.0.7680.178 that could allow a renderer-compromised attacker to potentially escape the sandbox via a crafted HTML page. The connected sources show Chromium/CEF/chromium package updates around version 1...
CVE-2026-5290
Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-5289
Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
CVE-2026-5273
Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Firefox
Sandbox escape due to incorrect boundary conditions in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Chromium
The use of free after WindowDialog in Google Chrome before version 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Firefox
Sandbox escape due to incorrect boundary conditions in the Graphics:CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...
Astra Linux – Vulnerability in Firefox
Sandbox escape due to incorrect boundary conditions in the DOM: Core & HTML component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox
Sandbox escape in the Storage: IndexedDB component. This vulnerability was fixed in Firefox 148, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox
Sandbox escape in the Messaging System component. This vulnerability was fixed in Firefox 147 and Thunderbird 147...
Astra Linux – Vulnerability in Firefox
Sandbox escape in the Graphics: WebRender component. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Chromium
Insufficient data validation in Navigation in Google Chrome prior to version 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
In Web Speech of Google Chrome, before version 146.0.7680.71, it was possible for a remote attacker to potentially perform a sandbox escape through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Firefox
Sandbox escape due to incorrect boundary conditions in the Telemetry component of the External Software. This vulnerability was fixed in Firefox 148, Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird 148, and Thunderbird 140.8...
Astra Linux – Vulnerability in Firefox
Sandbox escape due to integer overflow in the Graphics component. This vulnerability was fixed in Firefox 147, Firefox ESR 115.32, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...