PT-2026-46457

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Script injection in Headless mode allows a remote attacker to execute arbitrary code through a crafted HTML page. Recommendations Update to version 149.0.7827.53 or later...

PT-2026-46432

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46451

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in DevTools allows a remote attacker to bypass the same origin policy via malicious network traffic, provided they can convince a user to...

PT-2026-46447

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Viz allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a...

PT-2026-46468

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46435

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebAuthentication. A remote attacker can potentially exploit heap corruption—a condition where memory allocation on the heap is corrupted—via a crafted...

PT-2026-46456

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in Dawn allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. An out of bounds rea...

PT-2026-46439

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Type confusion occurs when a program accesses a...

PT-2026-46470

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Out of bounds memory access in Skia allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Out of bounds memory access occurs when a program...

PT-2026-46460

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in FileSystem allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Use after free is a memory corruption flaw that occur...

PT-2026-46438

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Dawn. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially crafte...

PT-2026-46433

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in V8, the open-source JavaScript and WebAssembly engine, allows a remote attacker to execute arbitrary code within a sandbox by enticing a user to open ...

PT-2026-46465

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Type confusion occurs when a program accesses a...

PT-2026-46475

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A heap buffer overflow occurs in the Media component. This issue allows a remote attacker to execute arbitrary code within a sandbox if a user is convinced to perform specific UI gestur...

PT-2026-46446

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape. This is...

PT-2026-46462

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the Audio component. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a...

PT-2026-46510

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to leak cross-origin data using a crafted video file...

PT-2026-46506

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Skia allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendations Update to version...

PT-2026-46521

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient data validation in the Animation component allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page...

PT-2026-46526

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Extensions allows an attacker to bypass discretionary access control—a type of security mechanism that restricts access to objects based on the identi...

PT-2026-46498

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Extensions allows a remote attacker who has compromised the renderer process to perform privilege escalation via a crafted HTML page...

PT-2026-46492

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46493

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. V8 is the open-source high-performance JavaScript a...

PT-2026-46483

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Actor component allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46507

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Chromoting allows a remote attacker to execute arbitrary code through malicious network traffic. Use after free occurs when an application continues to use a...

PT-2026-46499

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in InterestGroups allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML...

PT-2026-46527

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read exists in the Media component. This allows an attacker located on the local network segment to perform an out of bounds memory read by sending malicious network...

PT-2026-46515

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in the Media component allows a remote attacker to execute arbitrary code within a sandbox by using a malicious file. An integer overflow occurs when an arithmetic...

PT-2026-46512

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Dawn allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape occurs when a process...

PT-2026-46504

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46524

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A heap buffer overflow occurs in the TabStrip component. This issue allows a remote attacker to potentially exploit heap corruption—a condition where memory allocation in the heap is...

PT-2026-46518

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in V8 allows a remote attacker to potentially exploit heap corruption, which occurs when memory is allocated in the heap area is corrupted, via a crafted...

PT-2026-46489

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape i...

PT-2026-46522

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A heap buffer overflow in Skia allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. A heap buffer overflow occurs when ...

PT-2026-46514

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in Skia allows a remote attacker to leak cross-origin data through the use of a crafted HTML page. An out of bounds read occurs when a program reads data past the...

PT-2026-46517

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Views allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape through a crafted HTML page. Use after free is ...

PT-2026-46505

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Dawn allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. Recommendations Update to version...

PT-2026-46478

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A heap buffer overflow exists in the Video component. This issue allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by usi...

PT-2026-46486

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Glic allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory corruption flaw...

PT-2026-46509

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in DevTools allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism...

PT-2026-46502

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Dawn allows a remote attacker to leak cross-origin data, which is data from a different origin than the one that initiated the request, by using a crafted HTML...

PT-2026-46497

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Dawn allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page. Recommendatio...

PT-2026-46494

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in DevTools allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Recommendations Update to version 149.0.7827....

PT-2026-46525

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Workers allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from o...

PT-2026-46508

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in ANGLE allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out of bounds read occurs when a...

PT-2026-46503

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in ANGLE Almost Native Graphics Layer Engine allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page...

PT-2026-46516

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow in V8 allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. V8 is the open-source high-performance JavaScript and...

PT-2026-46511

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebXR, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Use after free is a memory...

PT-2026-46520

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in V8 allows a remote attacker to execute arbitrary code inside a sandbox. This is achieved by convincing a user to perform specific UI gestures while interacting...

PT-2026-46491

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in the Media component, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Type confusio...