PT-2026-46688

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in DataTransfer allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Recommendations Update to version 149.0.7827.5...

PT-2026-46716

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in DevTools allows an attacker to bypass navigation restrictions. This occurs when a user is convinced to install a crafted malicious Chrome...

PT-2026-46717

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows an attacker to bypass discretionary access control—a type of security mechanism that restricts access to objects based on the identi...

PT-2026-46708

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Media Session component allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or...

PT-2026-46691

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Blink allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory corruption fla...

PT-2026-46680

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Side-channel information leakage in Forms allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. Side-channel leakage occurs when information is...

PT-2026-46696

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in XML allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is a vulnerability that enables the execution of arbitrary scripts ...

PT-2026-46724

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Workers allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism that restric...

PT-2026-46683

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data, which is information from a different domain than the one serving the page, by using a crafted...

PT-2026-46710

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in GWP-ASan allows a local attacker to obtain potentially sensitive information from process memory by using a malicious file. GWP-ASan is a sampled memory error...

PT-2026-46681

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Dawn. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially crafte...

PT-2026-46678

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Password Manager allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafte...

PT-2026-46695

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process memory by using ...

PT-2026-46723

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue in the XML component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted XML file. Type confusion occurs...

PT-2026-46679

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An object lifecycle issue in Dawn allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape occurs when a process breaks out of its...

PT-2026-46727

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the ServiceWorker component. This occurs when a user is convinced to install a malicious extension, allowing an attacker to execute arbitrary code throu...

PT-2026-46725

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used...

PT-2026-46722

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in MHTML MIME HTML, a web page archive format allows a remote attacker to leak cross-origin data. This occurs when a user is convinced to perform specifi...

PT-2026-46712

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in V8, the open-source JavaScript and WebAssembly engine. This allows an attacker to execute arbitrary code within a sandbox if a user is convinced to...

PT-2026-46707

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in SVG allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by using...

PT-2026-46720

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the Password Manager allows a remote attacker to bypass discretionary access control, which is a mechanism that restricts access to objects based on t...

PT-2026-46693

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in SVG allows a remote attacker to perform Universal Cross-Site Scripting UXSS, which is the ability to execute scripts across different origins, by usin...

PT-2026-46709

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in SVG allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by using...

PT-2026-46703

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Media component allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the...

PT-2026-46734

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Codecs allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Use after free is a memory...

PT-2026-46762

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page...

PT-2026-46747

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in PointerLock allows a remote attacker who has compromised the renderer process to perform UI spoofing using a crafted HTML page...

PT-2026-46756

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Extensions allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that...

PT-2026-46742

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Incorrect security UI in the File Input component allows a remote attacker to perform UI spoofing via a crafted HTML page, provided they can convince a user to perform specific UI...

PT-2026-46733

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Autofill component allows a remote attacker to potentially perform a sandbox escape via malicious network traffic. A sandbox escape is ...

PT-2026-46749

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a securi...

PT-2026-46745

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Navigation allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or...

PT-2026-46760

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Compositing allows a remote attacker who has compromised the renderer process to execute arbitrary code inside a sandbox by using a crafted HTML page...

PT-2026-46755

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Enterprise component allows a local attacker with physical access to the device to perform privilege escalation. Recommendations Update to version...

PT-2026-46761

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Web Bluetooth allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...

PT-2026-46743

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Fenced Frames allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page. Site isolation ...

PT-2026-46754

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the File Input component allows a remote attacker to perform UI spoofing. This is achieved by convincing a user to perform specific UI gestures while...

PT-2026-46759

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in FoldableAPIs allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism that...

PT-2026-46751

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the WebUI allows a remote attacker to perform domain spoofing by using a crafted domain name. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-46738

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in DevTools allows an attacker to leak cross-origin data. This occurs when a user is convinced to install a crafted malicious Chrome Extension...

PT-2026-46735

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Passwords component allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from process...

PT-2026-46748

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Incorrect security UI in the Tab Strip allows a remote attacker to perform domain spoofing, which is the act of disguising a website to appear as a different, trusted domain, by using a...

PT-2026-46736

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Safe Browsing allows a remote attacker to bypass discretionary access control, which is a security mechanism that restricts access to objects based on...

PT-2026-46732

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in ServiceWorker allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. ServiceWorker is a script that the browser ru...

PT-2026-46753

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Incorrect security UI in Tab Hover Cards allows a remote attacker to perform domain spoofing by using a crafted domain name. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-46744

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the PlatformIntegration component allows a remote attacker to execute arbitrary code via a malicious file, provided they can convince a user to perfor...

PT-2026-46412

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in ANGLE, which could allow a remote attacker to potentially exploit heap corruption through the use of a crafted HTML page. Type confusion occurs when a...

PT-2026-46426

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the GPU allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape occurs when a process breaks o...

PT-2026-46410

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out-of-bounds read and write issue exists in the ANGLE graphics engine. This flaw allows a remote attacker to potentially perform a sandbox escape and execute code on the operating...

PT-2026-46419

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Cast allows an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Use after free is a condition where ...