EUVD-2026-33127

Insufficient validation of untrusted input in Media in Google Chrome on ChromeOS prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

EUVD-2026-33087

Use after free in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-9991

Inappropriate implementation in Media in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2026-8585

Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: Medium...

Chromium: CVE-2026-8535 Out of bounds read in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

CVE-2026-8544

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-8544

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Chromium: CVE-2026-7957 Out of bounds write in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-28017

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7979

Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7957

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by the American company Google. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability caused by improper handling in Media. This vulnerability could allow remote attackers to leak cross-source data through specially crafted HT...

PT-2026-38208

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in Media allows a remote attacker to perform UI spoofing, which is the act of mimicking a legitimate user interface to deceive users, via a crafted HTML...

PT-2026-38172

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description An inappropriate implementation in Media allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version 148.0.7778.96 or...

Astra Linux - уязвимость в chromium

Before version 88.0.4324.96, using the "After Free" feature in Google Chrome allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption through a crafted HTML page...

Astra Linux - уязвимость в chromium

The use of after-free in Media in Google Chrome before version 103.0.5060.53 allowed a remote attacker to perform arbitrary read/write operations through a crafted HTML page. Chromium security severity: High...

KLA91012 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A remote code execution vulnerability in media can be exploited remotely to execute...

DEBIAN-CVE-2026-7352

Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-7355

Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-7335

Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...