CVE-2026-9933

CVE-2026-9933 affects Google Chrome (Input component) with a use-after-free in the Chromium UI input handling, potentially enabling heap corruption when a user is convinced to perform specific UI gestures via a crafted HTML page. The vulnerability is described as remote and high severity, with af...

CVE-2026-9932

CVE-2026-9932 : Use-after-free in the ANGLE component of Google Chrome (Windows). An attacker who already had code execution in the renderer could exploit the bug to escape the browser sandbox via a crafted HTML page. Affected product/version per documents: Chrome/Chromium prior to 148.0.7778.216...

CVE-2026-9931

This CVE-2026-9931 entry describes a use-after-free in Chrome's GPU component prior to version 148.0.7778.216. A remote attacker who already compromised the renderer process could potentially escape the Chrome sandbox via a crafted HTML page. The impact is High (CVSS 3.1: AV:N/AC:H/PR:N/UI:R/S:C/...

CVE-2026-9930

CVE-2026-9930 affects the Dawn component of Google Chrome on macOS. A crafted HTML page can trigger an out-of-bounds write in Dawn, allowing a remote attacker to perform an out-of-bounds memory write. The issue is tied to Chrome versions before 148.0.7778.216. No exploitation details are provided...

CVE-2026-9928

CVE-2026-9928 describes an out-of-bounds read in ANGLE used by Google Chrome on Windows, allowing a remote attacker to execute arbitrary code via a crafted HTML page. Affected component: ANGLE in Chromium-based Chrome. Root cause: out-of-bounds read in ANGLE leading to code execution. Impact: rem...

CVE-2026-9929

CVE-2026-9929 describes an inappropriate WebGL implementation in Google Chrome on Android prior to 148.0.7778.216, allowing a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability stems from WebGL component behavior in Chromium, with impact described as cross-origin...

CVE-2026-9927

Summary: CVE-2026-9927 concerns a use-after-free in the ANGLE component of Google Chrome. The issue affects Chrome builds prior to version 148.0.7778.216 and could allow a remote attacker to execute arbitrary code within the browser sandbox via a crafted HTML page. Affected software: ANGLE in Goo...

CVE-2026-9925

CVE-2026-9925 is a use-after-free in ANGLE within Google Chrome (Chromium) before 148.0.7778.216. A remote attacker who has compromised the renderer process could potentially escape the sandbox via a crafted HTML page. Affected component: ANGLE/Chromium graphics translation layer; vulnerable code...

CVE-2026-9926

CVE-2026-9926 describes a heap buffer overflow in the ANGLE component of Google Chrome, prior to 148.0.7778.216. A remote attacker who has already compromised the renderer process could potentially perform a sandbox escape via a crafted HTML page. The issue is tied to ANGLE in Chromium-based Chro...

CVE-2026-9922

CVE-2026-9922 affects Google Chrome on macOS, due to a use-after-free in the GPU component of Chromium. The flaw allows a remote attacker who has compromised the renderer process to run arbitrary code by processing a specially crafted HTML page. Impact is labeled High; affected version range is b...

CVE-2026-9924

CVE-2026-9924 is a heap buffer overflow in the ANGLE component of Google Chrome on Windows, fixed by updating to version 148.0.7778.216 or newer. The vulnerability affects the ANGLE path and could allow a remote attacker who has compromised a renderer process to escape the sandbox via a crafted H...

CVE-2026-9923

CVE-2026-9923 is a use-after-free in the Skia component of Google Chrome, exploited via a crafted HTML page to potentially trigger heap corruption. Affected: Chrome/Skia before version 148.0.7778.216. Impact: high (remote code execution/heap corruption as described). Mitigation: update Chrome to ...

CVE-2026-9919

CVE-2026-9919: Out of bounds read in WebGL in Google Chrome on Android (before 148.0.7778.216) allows a remote attacker to leak cross-origin data via a crafted HTML page. Root cause: WebGL out-of-bounds read. Impact: cross-origin data leakage. Exploitation status is not provided in the linked doc...

CVE-2026-9921

Summary: CVE-2026-9921 is a WebGL-related flaw in the Chromium-based Google Chrome browser for Android. The issue is described as an uninitialized use in WebGL that allows a remote attacker to leak cross-origin information via a crafted HTML page. Affected product/area: Google Chrome on Android, ...

CVE-2026-9920

Technical details such as affected products, components, and fixes are not publicly available in the provided documents for CVE-2026-9920; monitor for updates.

CVE-2026-9917

CVE-2026-9917 involves an uninitialized use flaw in the WebGL component of Google Chrome for Android. The issue, reported as affecting Chrome on Android prior to version 148.0.7778.216, could allow a remote attacker to read potentially sensitive information from a process’s memory via a crafted H...

CVE-2026-9918

Google Chrome Tint component contains an inappropriate implementation flaw that could allow a remote attacker to escape the sandbox via a crafted HTML page. Affected product: Google Chrome (Tint) prior to version 148.0.7778.216. Root cause: improper Tint implementation as described in multiple so...

CVE-2026-9916

CVE-2026-9916 affects the ANGLE component in Google Chrome prior to 148.0.7778.216. The issue is an out-of-bounds write in ANGLE that could allow a remote attacker who has already compromised the renderer process to attempt a sandbox escape via a crafted HTML page. The vulnerability is documented...

CVE-2026-9915

CVE-2026-9915 describes a heap buffer overflow in the ANGLE component of Google Chrome, prior to 148.0.7778.216. The issue could allow a remote attacker who already controls the renderer process to potentially escape the sandbox via a crafted HTML page. The description applies to Chrome/ANGLE wit...

CVE-2026-9914

CVE-2026-9914 concerns an ANGLE input-validation flaw in Google Chrome prior to 148.0.7778.216. The renderer process, if compromised, could be forced to escape the sandbox via a crafted HTML page. The issue is described as a high-severity, remote threat with impact on confidentiality, integrity, ...

CVE-2026-9913

This CVE (CVE-2026-9913) concerns an inappropriate implementation in ANGLE used by Google Chrome. The issue allows a remote attacker to potentially trigger out-of-bounds memory access via a crafted HTML page in Chrome builds affected by ANGLE, prior to version 148.0.7778.216. Root cause: ANGLE im...

CVE-2026-9910

CVE-2026-9910 involves an out-of-bounds memory access in ANGLE within Google Chrome/Chromium, prior to version 148.0.7778.216. This vulnerability could allow a remote attacker to execute arbitrary code inside the browser sandbox via a crafted HTML page. The CVE is referenced across multiple sourc...

CVE-2026-9912

CVE-2026-9912 affects Google Chrome on Android, due to an inappropriate implementation in the GPU component of Chromium. Versions prior to 148.0.7778.216 are susceptible; a remote attacker could read potentially sensitive information from a process’s memory via a crafted HTML page. The issue is a...

CVE-2026-9911

CVE-2026-9911 corresponds to an integer overflow in ANGLE used by Google Chrome/Chromium before 148.0.7778.216, enabling a remote attacker to trigger an out-of-bounds memory read via a crafted HTML page. The issue affects ANGLE within Chromium-based Chrome; impact is described as an out-of-bounds...

CVE-2026-9907

Affectected product/component: Google Chrome on Windows (Dawn). Issue: Out-of-bounds read in Dawn leading to potential cross-origin data leakage via a crafted HTML page. Root cause details are not explicitly provided beyond the out-of-bounds read in Dawn. Impact: remote attacker could leak cross-...

CVE-2026-9908

CVE-2026-9908 affects the ANGLE component in Google Chrome/Chromium prior to 148.0.7778.216. The vulnerability is an out-of-bounds read that could allow a remote attacker to obtain potentially sensitive information from a process’s memory via a crafted HTML page. Impact is described as high for d...

CVE-2026-9909

The CVE-2026-9909 issue is an integer overflow in Skia used by Google Chrome, leading to remote code execution if a renderer process is compromised via a crafted HTML page. Affected software is Chrome (Skia) prior to 148.0.7778.216. Impact described as arbitrary code execution inside the sandbox ...

CVE-2026-9906

CVE-2026-9906 is a GPU-related out-of-bounds write in Google Chrome prior to 148.0.7778.216. The flaw, affecting the Chromium GPU component, could allow a remote attacker who has compromised a renderer process to potentially escape the sandbox via a crafted HTML page. The Chrome update notes indi...

CVE-2026-9905

CVE-2026-9905 is a Use-after-free in Chrome’s Accessibility component on Windows, potentially enabling a sandbox escape via a crafted HTML page when the renderer is compromised. Multiple sources (NVD, ENISA EUVD-2026-33200, Red Hat, Debian, OSV) describe the issue with the same root cause and imp...

CVE-2026-9904

CVE-2026-9904 affects Google Chrome via a Use-After-Free in ANGLE, with the root cause in ANGLE’s memory management. A crafted HTML page could potentially escape the Chrome sandbox, as described in multiple sources. A fix is available in Chrome 148.0.7778.216 (and surrounding 148.0.7778.215/217 f...

CVE-2026-9903

CVE-2026-9903 : Insufficient validation of untrusted input in the Site Isolation component of Google Chrome (Chromium) prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to bypass site isolation via a crafted MHTML page. The impact is to weaken the b...

CVE-2026-9902

CVE-2026-9902 is a use-after-free in the Accessibility component of Google Chrome (Chromium) reported as affecting pre-148.0.7778.216. The issue could allow a remote attacker who has compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The associated connect...

CVE-2026-9899

Summary of CVE-2026-9899 : A use-after-free in ANGLE within Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page. The issue is in the ANGLE component of Chromium/Chrome, with an ex...

CVE-2026-9900

CVE-2026-9900 is an out-of-bounds write in ANGLE found in Google Chrome prior to 148.0.7778.216, potentially enabling a sandbox escape when a renderer process is compromised via a crafted HTML page. The issue affects ANGLE within Chromium/Chrome and is discussed in multiple sources (NVD, ENISA EU...

CVE-2026-9901

The CVE-2026-9901 issue affects the ANGLE component in Google Chrome (Chromium-based). Description confirms a use-after-free in ANGLE that could be triggered by a crafted HTML page, allowing remote code execution if a renderer process is compromised. The vulnerability is associated with Chrome ve...

CVE-2026-9898

CVE-2026-9898 affects Google Chrome’s GPU component on Android, with insufficient validation of untrusted input allowing potential sandbox escape if the renderer is compromised via a crafted HTML page. The issue targets Android users running Chrome before build 148.0.7778.216. Google released the...

CVE-2026-9896

CVE-2026-9896 is an out-of-bounds write in the V8 engine of Google Chrome, affecting Chrome versions prior to 148.0.7778.216. The vulnerability could allow a remote attacker to execute arbitrary code within the browser sandbox via a crafted HTML page. The issue is mapped across multiple feeds (NV...

CVE-2026-9897

CVE-2026-9897 is a use-after-free in the DOM of Google Chrome, allowing a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected software is Chrome prior to version 148.0.7778.216, with the Chromium-based root cause described in upstream issue 496271580. Th...

CVE-2026-9895

CVE-2026-9895 is a GPU-related out-of-bounds read in the Chromium-based Google Chrome browser. The vulnerability affects the GPU component and was exploitable by a renderer process compromise via a crafted HTML page, potentially enabling a sandbox escape. Affected versions are Chrome prior to 148...

CVE-2026-9894

CVE-2026-9894 describes a use-after-free in the GPU component of the Chromium-based Google Chrome browser. The vulnerability could allow a remote attacker who has already compromised the renderer process to potentially escape the browser sandbox via a crafted HTML page, with the documented impact...

CVE-2026-9893

Summary: CVE-2026-9893 is a use-after-free in the Skia component of Google Chrome. The issue allowed a remote attacker who had compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page. This is described in multiple sources as a high-severity, cross-origin ...

CVE-2026-9890

CVE-2026-9890 is a use-after-free in Chrome’s XR component on Windows, prior to version 148.0.7778.216. A renderer process–compromised attacker could potentially escape the Chrome sandbox via a crafted HTML page, as described in multiple sources (EUVD-2026-33185, Red Hat, Debian, NVD). The Chrome...

CVE-2026-9891

CVE-2026-9891 is a use-after-free vulnerability in Chrome’s Extensions component (Chromium) that affects pre-148.0.7778.216 builds. The issue arises when a renderer process is compromised, potentially enabling a sandbox escape via a crafted Chrome Extension. The vulnerability is discussed across ...

CVE-2026-9892

CVE-2026-9892 describes an Inappropriate implementation in Skia within Google Chrome on Android (pre-148.0.7778.216) that could allow a remote attacker who had already compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The connected EUVD-2026-33187 and RH:...

CVE-2026-9889

CVE-2026-9889 refers to an out-of-bounds read and write in the Dawn component of Google Chrome on Android, fixed in the Chrome update that reaches 148.0.7778.216 (and later). The vulnerability potentially allowed a remote attacker to escape the Chrome sandbox via a crafted HTML page. Affected pro...

CVE-2026-9888

The CVE-2026-9888 entry affects Google Chrome WebView on Android and is caused by a use-after-free in the WebView component, allowing a remote attacker who compromised the renderer process to potentially escape the sandbox via a crafted HTML page. The connected sources confirm the impact as a san...

CVE-2026-9887

CVE-2026-9887 is a use-after-free vulnerability in the Chromium-based Proxy component of Google Chrome, exploitable via a crafted PAC script to achieve remote code execution. The flaw affects Chrome before version 148.0.7778.216, and Google released a stable-channel fix in 148.0.7778.216/217 (Win...

CVE-2026-9885

CVE-2026-9885 concerns an upstream Chrome UI integrity issue: insufficient validation of untrusted input in the Mac UI could allow a renderer-compromised remote attacker to escape the sandbox via a crafted HTML page. Affected product: Google Chrome on macOS (before 148.0.7778.216). Root cause: in...

CVE-2026-9886

CVE-2026-9886 affects Google Chrome on macOS with versions prior to 148.0.7778.216. It is a use‑after‑free in the Chromium Base component that could allow a remote attacker to escape the browser sandbox via a crafted HTML page. The Chrome update 148.0.7778.216 (and related 148.0.7778.215/216 on o...

CVE-2026-9882

CVE-2026-9882 affects Google Chrome’s ANGLE component, where an integer overflow allows a remote attacker to leak cross-origin data via a crafted HTML page. Public reports/entries consistently describe the flaw as an integer overflow in ANGLE prior to Chrome 148.0.7778.216. The Chromium/Chrome se...