EUVD-2026-37532

Heap buffer overflow in WebRTC in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-11683

Use after free in WebCodecs in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

EUVD-2026-34586

Use after free in Compositing in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: Medium...

CVE-2026-10986

Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. Chromium security severity: High...

CVE-2026-10956

Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of WebML after its release, which could allow remote attackers to execute arbitrary code within a sandb...

CVE-2026-8532

Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 147.0.7727.138 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after the Codecs component was released, which could allow remote attackers to execute...

CVE-2026-6306

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. Chromium security severity: High...

CVE-2026-6300

Google Chrome (Chromium CSS engine) contains a use-after-free in CSS that allows remote code execution inside the sandbox via a crafted HTML page. Affected versions are prior to 147.0.7727.101; remediation is to upgrade to Chrome 147.0.7727.101 or newer as indicated by the referenced Chromium upd...

CVE-2026-5279

CVE-2026-5279 affects Google Chrome (V8) with object corruption in V8 that allowed remote code execution via a crafted HTML page in a sandbox. The Chromium security note lists this as High severity; the Chrome stable update fixes include 146.0.7680.178 (and prior 177/178 variants on different cha...

PT-2026-33141

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description A use after free issue in Codecs allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occur...

EUVD-2026-13265

OpenClaw versions prior to 2026.2.23 contain a path traversal vulnerability in the experimental applypatch tool that allows attackers with sandbox access to modify files outside the workspace directory by exploiting inconsistent enforcement of workspace-only checks on mounted paths. Attackers can...

LACK OF deadline CHECK COULD PROMPT DELAYED EXECUTION OF swap OPERATION

Lines of code Vulnerability details Impact The RewardHandler.sellRewards function is used by governance and trusted sellers to sell reward tokens for collateral tokens. This function ensures that none of the collateral should be decreased after the swap by checking their respective balances befor...

The vulnerability in the JavaScript V8 engine of Google Chrome’s browser allows a hacker to execute arbitrary code.

The vulnerability in the JavaScript V8 engine of Google Chrome’s Google Chrome browser is related to deficiencies in access control during the processing of the Array.prototype.indexOf method. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in a “sandbox”...