Mozilla Firefox < 149.0.2

The version of Firefox installed on the remote Windows host is prior to 149.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2026-25 advisory. - Memory safety bugs present in Firefox ESR 115.34.0, Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 an...

PT-2026-30824

Name of the Vulnerable Software and Affected Versions Mozilla Firefox versions prior to 149.0.2 Thunderbird versions prior to 149.0.2 Description A buffer overflow flaw exists in the WebGPU component of Mozilla Firefox and Thunderbird. Successful exploitation could allow a remote attacker to...

Mozilla Firefox和Mozilla Thunderbird 安全漏洞

Mozilla Firefox is an open source web browser.Mozilla Thunderbird is a set of e-mail client software separate from the Mozilla Application Suite. The software supports IMAP, POP mail protocols and HTML mail format. A buffer overflow vulnerability exists in Mozilla Firefox and Mozilla Thunderbird...

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

Google on Thursday released security updates for its Chrome web browser to address 21 vulnerabilities, including a zero-day flaw that it said has been exploited in the wild. The high-severity vulnerability, CVE-2026-5281 CVSS score: N/A, concerns a use-after-free bug in Dawn, an open-source and...

openSUSE 16 Security Update : chromium (openSUSE-SU-2026:20427-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20427-1 advisory. Changes in chromium: - Chromium 146.0.7680.164 boo1260376 CVE-2026-4673: Heap buffer overflow in WebAudio CVE-2026-4674: Out of bounds read in C...

Fedora 42 : chromium (2026-cc466cfb57)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-cc466cfb57 advisory. Update to 146.0.7680.164 High CVE-2026-4673: Heap buffer overflow in WebAudio High CVE-2026-4674: Out of bounds read in CSS High CVE-2026-4675: Heap...

Chromium: CVE-2026-4678 Use after free in WebGPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Fedora 44 : chromium (2026-4d42fffb2b)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4d42fffb2b advisory. Update to 146.0.7680.164 High CVE-2026-4673: Heap buffer overflow in WebAudio High CVE-2026-4674: Out of bounds read in CSS High CVE-2026-4675: Heap...

SUSE CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-4678

An use after free flaw was found in the WebGPU component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=491164019...

DEBIAN-CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

EUVD-2026-14684

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-4678

Technical details beyond the initial description are not provided in the connected documents. CVE-2026-4678 concerns a use-after-free in WebGPU in Google Chrome prior to 146.0.7680.165, enabling remote code execution via a crafted HTML page.

CVE-2026-4678

Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

Linux Distros Unpatched Vulnerability : CVE-2026-4678

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

KLA90951 Multiple vulnerabilities in Google Chrome

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Heap buffer overflow vulnerability in WebAudio can be exploited to cause denial of service. 2...