CVE-2026-5292

CVE-2026-5292 affects Google Chrome WebCodecs: an out-of-bounds memory read is possible via a crafted HTML page in Chrome versions before 146.0.7680.178. Multiple connected sources (Chromium/Chrome security notes and vendor advisories) corroborate that the WebCodecs component is the vulnerable su...

CVE-2026-5282

CVE-2026-5282 is an out-of-bounds read in Chrome’s WebCodecs before 146.0.7680.178 that could be triggered by a crafted HTML page, enabling a remote attacker to read memory. Affected: Google Chrome/WebCodecs. Root cause: memory read boundary violation in WebCodecs. Impact: confidentiality and ava...

CVE-2026-5282

Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2026-5282

Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2026-5282

Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2026-5282

Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. Chromium security severity: High...

CVE-2026-5280

Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-5280

Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-5280

Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-5280

Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-5280

CVE-2026-5280 affects Google Chrome’s WebCodecs component. A use-after-free in WebCodecs prior to 146.0.7680.178 allows a remote attacker to run arbitrary code in the sandbox via a crafted HTML page. The issue is acknowledged across multiple advisories (Chromium/Chrome updates and trackers). The ...

Astra Linux – Vulnerability in Chromium

A heap buffer overflow in WebCodecs in Google Chrome prior to version 145.0.7632.159 allowed a remote attacker to perform an out-of-bounds memory write through a crafted HTML page. Chromium security severity: High...

RHEL 10 : thunderbird (RHSA-2026:6342)

The remote Redhat Enterprise Linux 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:6342 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: firefox: thunderbird: Use-after-free in the JavaScript Engin...

Linux Distros Unpatched Vulnerability : CVE-2026-5292

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2026-5282

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML...

Linux Distros Unpatched Vulnerability : CVE-2026-5280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML pag...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A memory misreference vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a confusion in the instructions responsible for freeing memory in the WebCodecs component. An attacker cou...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. An out-of-bounds read vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the WebCodecs component to properly validate the boundaries of input data, which can be...

PT-2026-29470

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.178 Description A flaw exists in the WebCodecs component of Google Chrome, potentially allowing a remote attacker to trigger an out-of-bounds memory read. This can be achieved by tricking a user into...

PT-2026-29460

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 146.0.7680.178 Description A flaw exists in the WebCodecs component of Google Chrome, potentially allowing a remote attacker to trigger an out-of-bounds memory read through a specially crafted HTML page. This...