Chromium: CVE-2026-9876 Use after free in WebGL

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Chromium: CVE-2026-9929 Inappropriate implementation in WebGL

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

EUVD-2026-33085

Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

EUVD-2026-33224

Inappropriate implementation in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

EUVD-2026-33171

Use after free in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

DEBIAN-CVE-2026-9880

Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

CVE-2026-9943

Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-9929

Inappropriate implementation in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...

CVE-2026-9917

CVE-2026-9917 involves an uninitialized use flaw in the WebGL component of Google Chrome for Android. The issue, reported as affecting Chrome on Android prior to version 148.0.7778.216, could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted H...

PT-2026-44585

Name of the Vulnerable Software and Affected Versions Google Chrome on Android versions prior to 148.0.7778.216 Description A use after free issue in WebGL allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw tha...

Google Chrome 输入验证错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a vulnerability related to input validation. This vulnerability stemmed from insufficient validation of untrusted inputs by the WebGL component, which could allow a remote attacker...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. In versions of Google Chrome on Android prior to 148.0.7778.216, there was a resource management vulnerability. This vulnerability stemmed from the WebGL component’s tendency to reuse resources after they were released, which could allow...

Google Chrome on Android 安全漏洞

Google Chrome on Android is a web browser in the Android operating system developed by Google Inc. Versions prior to 148.0.7778.216 of Google Chrome on Android had a security vulnerability. This vulnerability stemmed from the WebGL component not being initialized properly, which could allow remot...

chromium -- security fixes

Chrome Releases reports: This update includes 151 security fixes: 505077859 Critical CVE-2026-9872: Out of bounds write in GPU. 507365348 Critical CVE-2026-9873: Use after free in Network. 500609038 Critical CVE-2026-9874: Use after free in Dawn. 507508103 Critical CVE-2026-9875: Out of bounds re...

ROS-20260520-73-0053

A vulnerability in the WebGL component of the Google Chrome web browser is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

ROS-20260520-73-0034

A vulnerability in the WebGL component of the Google Chrome browser is related to writing beyond buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

@antv/g-mobile-webgl (>=1.0.0 <=1.1.1), @antv/g-plugin-3d (>=2.0.0 <=2.1.1) +7 more potentially affected by unknown CVE via @antv/g-shader-components (>=2.0.0 <=2.0.1-beta.0)

@antv/g-shader-components NPM version =2.0.0, =1.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =0.2.0, =0.1.0, =1.0.2, =1.0.8 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3961...

Astra Linux - уязвимость в firefox, thunderbird

A compromised web process was able to trigger out of bounds reads and writes in a more privileged process using manipulated WebGL textures. This vulnerability was fixed in Firefox 144, Firefox ESR 115.29, Firefox ESR 140.4, Thunderbird 144, and Thunderbird 140.4...

Imagination Graphics DDK 资源管理错误漏洞

Imagination Graphics DDK is a suite of GPU driver tools from Imagination UK. The Imagination Graphics DDK suffers from a resource management error vulnerability that stems from a write-release-after-reuse crash triggered when WebGPU content is loaded into the GPU GLES rendering process, which cou...

Chromium: CVE-2026-5291 Inappropriate implementation in WebGL

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...