CVE-2026-12026

CVE-2026-12026: Out-of-bounds read in Video on ChromeOS Chrome, before version 149.0.7827.115, allows a renderer-compromised attacker to read potentially sensitive process memory via a crafted HTML page. Affected product: Google Chrome on ChromeOS; root cause: memory read issue in the Video compo...

PT-2026-47471

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description An out-of-bounds read and write issue exists in V8, the JavaScript and WebAssembly engine used by Google Chrome. This flaw allows a remote attacker to execute arbitrary code inside the...

CVE-2026-10949

Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-10012

Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-9118

Use after free in XR in Google Chrome on Windows prior to 148.0.7778.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

PT-2026-41068

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.168 Description Script injection in the SanitizerAPI allows a remote attacker to inject arbitrary scripts or HTML, leading to Universal Cross-Site Scripting UXSS, which is a vulnerability...

Astra Linux - уязвимость в chromium

A out-of-bounds read in Blink within Google Chrome before version 146.0.7680.153 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...

Astra Linux - уязвимость в chromium

Using “after free” in Dawn in Google Chrome before version 146.0.7680.178 allowed a remote attacker to execute arbitrary code through a crafted HTML page. Chromium security severity: High...

CVE-2026-3545

Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

AZL-70607 CVE-2025-13227 affecting package nodejs 20.14.0-13

Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

AZL-70553 CVE-2025-13224 affecting package nodejs18 18.20.3-11

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2025-197892

Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2024-47254

Malicious code in bioql PyPI...

EUVD-2022-43222

Malicious code in bioql PyPI...

EUVD-2025-1958

Malicious code in bioql PyPI...

EUVD-2024-16024

Malicious code in bioql PyPI...

EUVD-2022-42617

Malicious code in bioql PyPI...

EUVD-2022-51542

Malicious code in bioql PyPI...

EUVD-2024-32403

Malicious code in bioql PyPI...