366880 matches found
CVE-2026-9995
The CVE-2026-9995 entry describes a use-after-free in Chrome’s WebXR component prior to version 148.0.7778.216. A crafted HTML page could allow a remote attacker to execute arbitrary code inside the browser sandbox. Affected product: Google Chrome (WebXR). Root cause: use-after-free in WebXR. Imp...
CVE-2026-9994
CVE-2026-9994 affects Google Chrome on Windows due to a use-after-free in Chrome’s Core, allowing a renderer-compromised attacker to potentially escape the sandbox via a crafted HTML page. The vulnerability is triggered by an issue in Core that existed prior to version 148.0.7778.216. Impact is h...
CVE-2026-9992
The CVE-2026-9992 entry concerns a use-after-free in the Network component of Google Chrome, exploited remotely via a crafted HTML page to achieve arbitrary code execution inside the sandbox. Affected software is Chrome prior to version 148.0.7778.216. The underlying cause is a use-after-free in ...
CVE-2026-9993
CVE-2026-9993 affects Google Chrome (Chromium-based) and its Views component. The flaw is a use-after-free in Views that could allow a remote attacker with renderer access to escape the sandbox via a crafted PDF file. Affected version range is Chrome prior to 148.0.7778.216. If exploiting, the im...
CVE-2026-9991
Affected product: Google Chrome on Windows. Issue: In the Media component, an inappropriate implementation allows a remote attacker who has gained a foothold in the renderer process to leak cross-origin data via a crafted HTML page. Root cause: improper media handling within Chromium’s Windows re...
CVE-2026-9989
The CVE-2026-9989 entry concerns Google Chrome’s Media component, with an inappropriate implementation that allowed a remote attacker to bypass the same-origin policy via a crafted video file. Affected software is Google Chrome prior to 148.0.7778.216; impact is the bypass of SOP, as described in...
CVE-2026-9990
CVE-2026-9990 affects Google Chrome on macOS in the WebAppInstalls component. The vulnerability is a use-after-free leading to potential heap corruption when a user is persuaded to perform specific UI gestures on a crafted HTML page. The issue is tied to Chromium code (upstream bug 513128608) and...
CVE-2026-9988
Technical details (affected product/version, root cause, mitigation) are not publicly available in the provided documents. Monitor for updates.
CVE-2026-9986
The CVE-2026-9986 entry concerns the Chromium-based Google Chrome component OptimizationGuide. Affected product: Google Chrome (OptimizationGuide in Chromium). The flaw is insufficient validation of untrusted input, exploitable when an attacker who has compromised the renderer process crafts an H...
CVE-2026-9985
The CVE-2026-9985 entry affects Google Chrome on ChromeOS, leveraging the Media component in Chromium. The root cause is insufficient validation of untrusted input within Media, allowing a remote attacker that already compromised the renderer process to read potentially sensitive memory contents ...
CVE-2026-9987
CVE-2026-9987 : In Chrome for Android, WebAppInstalls suffers insufficient validation of untrusted input, enabling a local attacker to execute arbitrary code via a malicious file. The issue is described across multiple sources as a Chromium/WebAppInstalls flaw with a High severity. The available ...
CVE-2026-9984
CVE-2026-9984 affects Google Chrome on Windows with a use-after-free in the UI of the Chromium-based browser, allowing remote code execution via a crafted HTML page. Root cause: use-after-free in the UI component. Affected products/versions: Chrome prior to 148.0.7778.216. Impact: arbitrary code ...
CVE-2026-9983
Moderate confidence CVE-2026-9983 affects Google Chrome’s Skia component. A type confusion flaw in Skia prior to Chrome 148.0.7778.216 could allow a remote attacker to run arbitrary code inside the browser sandbox via a crafted HTML page. From the connected sources, the issue is described as a ty...
CVE-2026-9981
CVE-2026-9981 affects Google Chrome’s Skia component (pre-148.0.7778.216). The vulnerability is an inappropriate implementation that could allow a remote attacker to extract potentially sensitive data from a process’s memory via a crafted HTML page. Impact is described as exposure of memory conte...
CVE-2026-9980
In Google Chrome (Chromium) Printing component, the vulnerability CVE-2026-9980 is caused by insufficient validation of untrusted input, allowing a remote attacker who has compromised the renderer process to bypass site isolation via a crafted HTML page. Impact is described as high severity; reme...
CVE-2026-9982
Affected software: Google Chrome (ANGLE component). Issue: insufficient validation of untrusted input in ANGLE allows a renderer process user to escalate to sandbox escape via a crafted HTML page. Severity: High (CVSS 3.1 base 8.3). Affected version window: prior to 148.0.7778.216; remediation: u...
CVE-2026-9979
CVE-2026-9979 affects Google Chrome: Insufficient validation of untrusted input in the Input component of Chromium before 148.0.7778.216. A remote attacker who has compromised the renderer process could bypass site isolation by presenting a crafted HTML page. The issue originates from an input va...
CVE-2026-9978
CVE-2026-9978: Use-after-free in the Glic component of Google Chrome (Chromium) allows remote code execution via a crafted HTML page. Affected: Google Chrome, prior to version 148.0.7778.216; root cause is a use-after-free in Glic. Impact: arbitrary code execution inside the sandbox with high sev...
CVE-2026-9977
Summary: CVE-2026-9977 affects Google Chrome on Android through the WebShare component where insufficient validation of untrusted input could let a renderer-process–compromised page escape the sandbox. The issue is in Chromium/WebShare, with impact described as high severity (C/H/I/A). Affected c...
CVE-2026-9974
CVE-2026-9974 concerns Google Chrome's GPU component in Chromium. The vulnerability is an out-of-bounds write in the GPU code that, if a renderer process is already compromised, could enable a sandbox escape via a crafted HTML page. Affected version range is Chrome prior to 148.0.7778.216. The do...
CVE-2026-9976
CVE-2026-9976 describes an inappropriate USB implementation in Google Chrome, affecting Chrome builds prior to 148.0.7778.216. A remote attacker could execute arbitrary code by presenting a crafted HTML page. The issue is documented across multiple feeds (NVD, ENISA EUVD, Red Hat, Debian tracker,...
CVE-2026-9975
CVE-2026-9975 describes an out-of-bounds read and write flaw in ANGLE used by Google Chrome, affecting Chrome builds prior to 148.0.7778.216. The vulnerability could allow a remote attacker who has already compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTM...
CVE-2026-9971
CVE-2026-9971 affects Google Chrome on iOS prior to version 148.0.7778.216 due to an inappropriate implementation in iOS. This allows a remote attacker to exploit UXSS by convincing a user to perform specific UI gestures on a crafted HTML page. The vulnerability impacts UX and script/HTML injecti...
CVE-2026-9973
CVE-2026-9973 is an out-of-bounds write in the V8 engine of Google Chrome. A remote attacker could execute arbitrary code inside the Chrome sandbox via a crafted HTML page on affected Chrome builds prior to 148.0.7778.216. Remediation is to update Chrome to 148.0.7778.216 or newer (Chrome stable ...
CVE-2026-9972
Summary: CVE-2026-9972 affects Google Chrome on macOS, specifically the Gamepad component. The issue is described as an uninitialized use in the Gamepad code, which could allow a remote attacker who has already compromised the renderer process to escape the Chrome sandbox via a crafted HTML page....
CVE-2026-9969
CVE-2026-9969 affects the ANGLE component in Google Chrome (Chromium-based). Description: Insufficient validation of untrusted input in ANGLE allows remote code execution via a crafted HTML page, with Chromium severity high. The public records indicate the issue exists in Chrome builds prior to 1...
CVE-2026-9970
The CVE-2026-9970 entry concerns a use-after-free in WebGL in Google Chrome’s Chromium-based renderer, leading to a potential sandbox escape via a crafted HTML page. Affected component: WebGL within the Chromium browser; root cause: use-after-free in the WebGL path (renderer process). Impact: rem...
CVE-2026-9968
CVE-2026-9968 describes an integer overflow in V8 of Google Chrome, affecting versions prior to 148.0.7778.216. This could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. Connected documents confirm the issue and cite upstream Chromium trackin...
CVE-2026-9965
CVE-2026-9965 affects Google Chrome (ANGLE component). An out-of-bounds write in ANGLE can allow a remote attacker to trigger heap corruption via a crafted HTML page. The vulnerability is rated High severity (CVSS 3.1: 8.8, Network vector, No privileges, User interaction required) and is associat...
CVE-2026-9966
CVE-2026-9966 affects Google Chrome on Windows prior to 148.0.7778.216 due to an integer overflow in the XML handling of the Chromium browser. The issue can allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The root cause i...
CVE-2026-9967
CVE-2026-9967 affects Google Chrome's GPU/Chromium component. Out-of-bounds write in the GPU code prior to version 148.0.7778.216 enables a remote attacker to potentially escape the sandbox via a crafted HTML page. Public references indicate a Chromium/Chrome update addressing this in the 148.0.7...
CVE-2026-9963
Uninitialized Use in iOS Google Chrome (on iOS) prior to version 148.0.7778.216 allows a remote attacker to trigger arbitrary code execution inside the Chrome sandbox via a crafted HTML page after convincing a user to perform specific UI gestures. Affected product: Google Chrome on iOS; root caus...
CVE-2026-9964
Use-after-free in Bluetooth within Google Chrome for Mac before 148.0.7778.216. An attacker can coerce a user to install a malicious extension, enabling arbitrary code execution via a crafted Chrome Extension. Affected software: Google Chrome on macOS; root cause: use-after-free in the Bluetooth ...
CVE-2026-9962
CVE-2026-9962 describes a use-after-free flaw in WebRTC within the Chromium-based Google Chrome browser. The issue allows a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page, with impact reported as high. Affected software: Google Chrome (WebRTC component in Chrom...
CVE-2026-9961
This CVE concerns a use-after-free in SurfaceCapture in Google Chrome prior to 148.0.7778.216, allowing a remote attacker to potentially cause heap corruption via a crafted HTML page. Root cause: use-after-free in SurfaceCapture. Impact: high severity (C:H/I:H/A:H). Mitigation: upgrade Chrome to ...
CVE-2026-9958
CVE-2026-9958: Use-after-free in PDFium within Google Chrome (pre-148.0.7778.216) allows a remote attacker to potentially exploit heap corruption via a crafted PDF file. Affected: Google Chrome/Chromium PDFium component. Root cause: use-after-free. Impact: high (per CVSS), with potential for impa...
CVE-2026-9960
The CVE-2026-9960 entry concerns an integer overflow in PDFium within Google Chrome prior to 148.0.7778.216. A remote attacker who gains renderer process access could trigger arbitrary code execution inside the sandbox by processing a crafted font file. Affected software: Chromium-based Chrome wi...
CVE-2026-9959
CVE-2026-9959 describes a race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 that allowed a remote attacker to leak cross-origin data via a crafted HTML page. The provided connected documents identify the affected software (Google Chrome on Windows) and the vulnerable component (W...
CVE-2026-9956
CVE-2026-9956: A use-after-free in Google Chrome on iOS (pre-148.0.7778.216) allows a remote attacker to trigger arbitrary code execution by convincing a user to perform specific UI gestures via a crafted HTML page. Affected product: Google Chrome on iOS. Root cause: use-after-free in the iOS bro...
CVE-2026-9955
CVE-2026-9955 affects Google Chrome on iOS prior to 148.0.7778.216 due to an inappropriate implementation in iOS, enabling a remote attacker to leak cross-origin data via a crafted HTML page. Affected product: Chrome for iOS. Root cause: inappropriate implementation summarized in the reports; no ...
CVE-2026-9957
CVE-2026-9957 describes a use-after-free in Google's Chrome PDF handling (Chromium) prior to version 148.0.7778.216. A crafted PDF could allow a remote attacker to execute arbitrary code inside Chrome’s sandbox. The public references confirm the vulnerability in the PDF component of Chromium with...
CVE-2026-9953
CVE-2026-9953 describes an out-of-bounds read in ANGLE used by Google Chrome (Chromium-based) prior to version 148.0.7778.216. The vulnerability allows a remote attacker to read potentially sensitive information from a process’s memory via a crafted HTML page. Affected component: ANGLE within Chr...
CVE-2026-9954
CVE-2026-9954 affects Google Chrome (Chromium TabStrip). A use-after-free in the TabStrip component prior to version 148.0.7778.216 allows a remote attacker to trigger heap corruption by convincing a user to perform specific UI gestures on a crafted HTML page. The vulnerability is documented acro...
CVE-2026-9952
Summary: CVE-2026-9952 is a use-after-free in WebAudio within Google Chrome. The issue affects Chromium-based WebAudio code and enables a remote attacker to execute arbitrary code inside a sandbox when a crafted HTML page is processed. The public description specifies “prior to 148.0.7778.216,” i...
CVE-2026-9951
CVE-2026-9951 describes a use-after-free in the UI of Google Chrome (Chromium) prior to version 148.0.7778.216. The underlying issue is a UI component use-after-free flaw that could enable a remote attacker to potentially perform a sandbox escape through a crafted HTML page, with the documented i...
CVE-2026-9949
CVE-2026-9949 affects Google Chrome on Windows, caused by a use-after-free in the Core component that could allow a remote attacker who compromised the renderer process to escape the sandbox via a crafted HTML page. Affected versions are prior to 148.0.7778.216; remediation is to upgrade to 148.0...
CVE-2026-9950
Technical details about CVE-2026-9950 are not publicly provided in the supplied documents. Monitor for updates from official advisories; no concrete affected products, versions, impact or remediation are disclosed here.
CVE-2026-9947
CVE-2026-9947 affects Google Chrome’s XML component in Chromium. It is a use-after-free vulnerability that could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. The issue is reported for Chrome versions prior to 148.0.7778.216; remediation is ...
CVE-2026-9948
The CVE-2026-9948 entry concerns a use-after-free in the Views component of Google Chrome on macOS, reported as pre-148.0.7778.216. The underlying issue is a use-after-free in the renderer process’s Views handling that could allow a remote attacker who crafts a page to escape the Chrome sandbox. ...
CVE-2026-9946
CVE-2026-9946 : A use-after-free in ANGLE within Google Chrome (Chromium) allows a remote attacker with a compromised renderer to potentially escape the sandbox via a crafted HTML page. Affected: ANGLE in Chrome prior to 148.0.7778.216. Impact: sandbox escape risk if exploited. Mitigation: upgrad...