chromium -- security fixes

Chrome Releases reports: This update includes 74 security fixes: 516501794 Critical CVE-2026-11628: Use after free in Ozone. 516674532 Critical CVE-2026-11629: Use after free in Ozone. 516677924 Critical CVE-2026-11630: Use after free in File Input. 516691130 Critical CVE-2026-11631: Use after fr...

CVE-2025-53844

creationtimestamp| type| source ---|---|--- 2026-05-14 00:08:08+00:00| seen| https://ccb.belgium.be/advisories/warning-multiple-critical-high-and-medium-vulnerabilities-fortinet-fortisandbox-fortios 2026-05-17 22:07:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mm3epeyxsy2u...

Fedora 44 : chromium (2026-f5ed344d5c)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-f5ed344d5c advisory. The updates include fixes for: Critical CVE-2026-7363: Use after free in Canvas Critical CVE-2026-7361: Use after free in iOS Critical CVE-2026-7344...

Fedora 43 : chromium (2026-af3f470d38)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-af3f470d38 advisory. The updates include fixes for: Critical CVE-2026-7363: Use after free in Canvas Critical CVE-2026-7361: Use after free in iOS Critical CVE-2026-7344...

Fedora 43 : chromium (2026-952f3c3d9e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-952f3c3d9e advisory. Update to 147.0.7727.55 Critical CVE-2026-5858: Heap buffer overflow in WebML Critical CVE-2026-5859: Integer overflow in WebML High CVE-2026-5860:...

PT-2026-4684

In many functions of ComputerEngine.java, there is a possible way to access URIs across users due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4703

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description A flaw exists in the PackageInstallerService.java component, specifically within the createSessionInternal function. This issue allows an application to potentially alter its ownership due to...

PT-2026-4707

Name of the Vulnerable Software and Affected Versions ManagedServices affected versions not specified Description An issue exists in the setPackageOrComponentEnabled function of ManagedServices.java related to improper input validation. This can result in a notification policy desync, potentially...

PT-2026-4712

Name of the Vulnerable Software and Affected Versions Chromium affected versions not specified Description An integer overflow in multiple functions within ubsan throwing runtime.cpp can cause a UBSan failure. This issue may lead to a remote denial of service without requiring additional executio...

PT-2026-4689

In executeRequest of ActivityStarter.java, there is a possible launch anywhere due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

PT-2026-4687

In multiple locations, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4688

In loadDescription of DeviceAdminInfo.java, there is a possible persistent package due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4693

In onStart of CompanionDeviceManagerService.java, there is a possible confused deputy due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4690

In multiple locations, there is a possible way to reset user-selected permissions selections due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4709

In startAnimation of StageCoordinator.java, there is a possible tapjacking issue due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4714

In multiple functions of ubsan throwing runtime.cpp, there is a possible persistent denial of service due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4715

In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause the system to crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4696

In multiple locations of AppOpsService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4698

In onChange of BiometricService.java, there is a possible way to enable fingerprint unlock due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-4711

In multiple functions of ubsan throwing runtime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...