PT-2026-46491

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in the Media component, which allows a remote attacker to execute arbitrary code within a sandbox by utilizing a specially crafted HTML page. Type confusio...

PT-2026-46500

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Printing component allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a...

PT-2026-46523

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in ANGLE Almost Native Graphics Layer Engine, an open-source graphics abstraction layer allows a remote attacker to obtain potentially sensitive information from...

PT-2026-46484

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in ANGLE Almost Native Graphics Layer Engine, a compatibility layer between OpenGL ES and native graphics APIs. This flaw allows a remote attacker to...

PT-2026-46552

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in WebAppInstalls allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism that...

PT-2026-46543

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Extensions allows an attacker to bypass site isolation, which is a security mechanism that ensures websites are kept separate from one another, by...

PT-2026-46577

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows an attacker to bypass the same origin policy—a security mechanism that restricts how a document or script loaded from one origin can...

PT-2026-46567

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Subresource Integrity a security feature that ensures resources fetched from third-party servers are not manipulated allows a remote attacker to bypas...

PT-2026-46534

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read occurs in ANGLE on Windows. This allows a remote attacker who has already compromised the renderer process to access potentially sensitive information from the...

PT-2026-46571

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in Views, where a remote attacker could potentially exploit heap corruption—a condition where memory allocation on the heap is corrupted—via a crafted HTML...

PT-2026-46566

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds write occurs in Codecs, which could allow a remote attacker to potentially perform a sandbox escape by using a crafted video file. A sandbox escape is a technique used ...

PT-2026-46545

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Network component allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a securi...

PT-2026-46540

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in the Password Manager allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page. Site...

PT-2026-46569

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in ANGLE. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using a specially craft...

PT-2026-46559

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in the Network component allows a remote attacker to potentially exploit heap corruption through malicious network traffic. Use after free occurs when an...

PT-2026-46576

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Base allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A sandbox esca...

PT-2026-46574

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the GPU component allows a remote attacker who has compromised the renderer process to obtain potentially sensitive information from proces...

PT-2026-46531

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in the Autofill component. This allows a remote attacker who has already compromised the renderer process to potentially achieve a sandbox escape by using ...

PT-2026-46535

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read exists in Dawn, which allows a remote attacker to perform an out of bounds memory read by using a crafted HTML page. An out of bounds read occurs when a program...

PT-2026-46561

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Password Manager allows a remote attacker to leak cross-origin data, which is data from a different domain than the one that initiated the request...

PT-2026-46553

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A stack buffer overflow exists in Skia, a graphics library used by the browser. This issue allows a remote attacker to potentially cause stack corruption by inducing the user to open a...

PT-2026-46555

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Extensions allows an attacker to bypass navigation restrictions. This occurs when a user is convinced to install a crafted malicious extension...

PT-2026-46560

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Password Manager allows a remote attacker to perform UI spoofing via malicious network traffic. UI spoofing is a technique where an...

PT-2026-46570

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has already compromised the renderer process to potentially perform a sandbox escape. This...

PT-2026-46551

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in DevTools allows a remote attacker who has compromised the renderer process to bypass the same origin policy, which is a security mechanism...

PT-2026-46544

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read exists in WebGPU, which is a modern API for graphics and compute on the web. This issue allows a remote attacker to perform an out of bounds memory read by inducin...

PT-2026-46556

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Glic allows a remote attacker who has compromised the renderer process to leak cross-origin data through the use of a crafted HTML page...

PT-2026-46568

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An uninitialized use in Skia allows a remote attacker to leak cross-origin data, which is information from a different origin than the one that initiated the request, by using a crafted...

PT-2026-46532

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory...

PT-2026-46547

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient policy enforcement in Actor allows a remote attacker to bypass navigation restrictions by using a crafted HTML page. Recommendations Update to version 149.0.7827.53 or late...

PT-2026-46533

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read occurs in ANGLE, which is a compatibility layer between OpenGL ES and other graphics APIs. This issue allows a remote attacker who has already compromised the...

PT-2026-46565

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Document Object Model DOM, a programming interface for web documents, allows a remote attacker to bypass the same origin policy through the use of...

PT-2026-46528

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An integer overflow exists in ANGLE Almost Native Graphics Layer Engine, a compatibility layer between OpenGL ES and native graphics APIs. This issue allows a remote attacker who has...

PT-2026-46530

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Payments component allows a remote attacker to perform UI spoofing via a crafted HTML page, provided they can convince a user to perform specific ...

PT-2026-46575

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the Media component allows a remote attacker who has compromised the renderer process to execute arbitrary code inside a sandbox by using a...

PT-2026-46701

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Site Isolation allows a remote attacker who has compromised the renderer process to bypass site isolation by using a crafted HTML page. Site Isolation...

PT-2026-46546

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Link Preview feature allows a remote attacker who has already compromised the renderer process to bypass navigation restrictions by using a...

PT-2026-46609

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in Canvas allows a remote attacker to bypass the same origin policy, which is a security mechanism that restricts how a document or script loaded from on...

PT-2026-46587

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue in Blink allows a remote attacker to execute arbitrary code inside a sandbox by using a crafted HTML page. Use after free is a memory corruption flaw that occurs...

PT-2026-46582

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A use after free issue exists in WebRTC, which allows a remote attacker to execute arbitrary code within a sandbox by using a specially crafted HTML page. Use after free is a memory...

PT-2026-46598

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Chromoting on Windows allows a remote attacker who has compromised the network process to potentially perform a sandbox escape through...

PT-2026-46611

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Password Manager allows a remote attacker to leak cross-origin data, which is data from a different domain than the one that initiated the request...

PT-2026-46689

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in CSS allows a remote attacker to leak cross-origin data, which is information from a different domain than the one serving the page, by using a crafted...

PT-2026-46603

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An out of bounds read in V8 allows a remote attacker to obtain potentially sensitive information from process memory by using a crafted HTML page. An out of bounds read occurs when the...

PT-2026-46623

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in Codecs allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. A...

PT-2026-46626

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in the GPU component allows a remote attacker who has compromised the renderer process to leak cross-origin data through a crafted HTML page...

PT-2026-46584

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in SiteIsolation allows a remote attacker who has compromised the renderer process to potentially perform a sandbox escape via a crafted HTML...

PT-2026-46612

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description An inappropriate implementation in the Password Manager allows a remote attacker to leak cross-origin data, which is data from a different domain than the one that initiated the request...

PT-2026-46589

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description A type confusion issue exists in ANGLE, which could allow a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. Type confusion occurs when a program...

PT-2026-46594

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.53 Description Insufficient validation of untrusted input in ANGLE allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique used t...