VIR Vulnerability Intelligence Relay

Search

Found 3,333 results in 315ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-11067 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security…
CVE-2026-11066 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi…
CVE-2026-11063 critical 9.6 9.6 FIX debian debianwindows windows 2d ago Insufficient validation of untrusted input in WebNN in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
CVE-2026-11062 medium 4.3 4.3 FIX debian debianwindows windows 2d ago Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privil…
CVE-2026-11061 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Type Confusion in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11060 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Use after free in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: M…
CVE-2026-11059 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in Blink in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11058 high 7.5 7.5 FIX debian debianwindows windows google 2d ago Integer overflow in CredentialProvider in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform OS-level privilege escalation v…
CVE-2026-11057 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory vi…
CVE-2026-11056 critical 9.6 9.6 FIX debian debianwindows windows 2d ago Insufficient validation of untrusted input in SiteIsolation in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perfor…
CVE-2026-11055 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: M…
CVE-2026-11054 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11052 critical 9.6 9.6 FIX debian debianwindows windows 2d ago Type Confusion in GPU in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML …
CVE-2026-11051 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Out of bounds read in ANGLE in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromi…
CVE-2026-11050 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11049 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: M…
CVE-2026-11048 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted…
CVE-2026-11047 critical 9.6 9.6 FIX debian debianwindows windows 2d ago Inappropriate implementation in Base in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via …
CVE-2026-11046 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandb…
CVE-2026-11044 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Integer overflow in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium s…
CVE-2026-11043 critical 9.6 9.6 FIX debian debianwindows windows 2d ago Out of bounds write in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-11042 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted H…
CVE-2026-11041 high 8.8 8.8 FIX debian debianwindows windows 2d ago Insufficient validation of untrusted input in Media in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
CVE-2026-11040 high 8.3 8.3 FIX debian debianwindows windows google 2d ago Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-11039 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11038 medium 6.5 6.5 FIX macos macos linux-kerneldebian debian google 2d ago Insufficient policy enforcement in Subresource Integrity in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass content security policy via malicious network traffic. (Chromium s…
CVE-2026-11037 critical 9.6 9.6 FIX macos macos linux-kerneldebian debian google 2d ago Out of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)
CVE-2026-11036 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Inappropriate implementation in DOM in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11033 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Uninitialized Use in WebML in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium …
CVE-2026-11032 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Inappropriate implementation in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medi…
CVE-2026-11031 medium 4.3 4.3 FIX debian debianwindows windows 2d ago Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium securi…
CVE-2026-11030 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: Medium)
CVE-2026-11028 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 2d ago Use after free in Media in Google Chrome on Linux and ChromeOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via…
CVE-2026-11027 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Insufficient validation of untrusted input in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted H…
CVE-2026-11026 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Inappropriate implementation in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a cr…
CVE-2026-11009 critical 9.6 9.6 FIX debian debianwindows windows 2d ago Use after free in USB in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11006 medium 6.5 6.5 FIX debian debianwindows windows 2d ago Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11004 medium 5.3 5.3 FIX debian debianwindows windows 2d ago Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory …
CVE-2026-11003 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-11002 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Use after free in Autofill in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. …
CVE-2026-11001 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Inappropriate implementation in Payments in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted …
CVE-2026-11000 high 8.8 8.8 FIX linux-kerneldebian debianwindows windows google 2d ago Use after free in Fonts in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Med…
CVE-2026-10999 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Integer overflow in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from proces…
CVE-2026-10998 medium 4.0 4.0 FIX debian debianmacos macos linux-kernel google 2d ago Out of bounds read in Media in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to perform an out of bounds memory read via malicious network traffic. (Chromium s…
CVE-2026-10997 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control …
CVE-2026-10996 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Inappropriate implementation in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-10995 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Heap buffer overflow in TabStrip in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a …
CVE-2026-10994 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Uninitialized Use in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securit…
CVE-2026-10993 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Heap buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium secur…
CVE-2026-10992 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Insufficient data validation in Animation in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (C…
CVE-2026-10991 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted …
CVE-2026-10990 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-10989 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via …
CVE-2026-10988 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
CVE-2026-10987 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10986 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High)
CVE-2026-10985 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10983 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit…
CVE-2026-10982 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10981 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted…
CVE-2026-10980 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr…
CVE-2026-10979 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securi…
CVE-2026-10978 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
CVE-2026-10977 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium secur…
CVE-2026-10976 high 7.4 7.4 FIX debian debianwindows windows google 2d ago Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security…
CVE-2026-10975 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10974 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi…
CVE-2026-10973 high 7.4 7.4 FIX debian debianwindows windows google 2d ago Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10972 critical 9.6 9.6 FIX linux-kerneldebian debianwindows windows google 2d ago Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10971 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a s…
CVE-2026-10970 high 8.3 8.3 FIX macos macos linux-kerneldebian debian google 2d ago Insufficient validation of untrusted input in InterestGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo…
CVE-2026-10969 high 7.5 7.5 FIX macos macos linux-kerneldebian debian google 2d ago Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via…
CVE-2026-10968 high 7.4 7.4 FIX debian debianwindows windows google 2d ago Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via …
CVE-2026-10966 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:…
CVE-2026-10965 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Integer overflow in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10964 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10963 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10962 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Type Confusion in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10960 high 8.3 8.3 FIX macos macos linux-kerneldebian debian google 2d ago Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-10957 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10956 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-10955 high 8.8 8.8 FIX debian debianwindows windows 2d ago Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev…
CVE-2026-10954 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10949 high 8.3 8.3 FIX debian debianwindows windows 2d ago Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
CVE-2026-10948 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10947 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10946 high 7.5 7.5 FIX debian debianwindows windows 2d ago Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a…
CVE-2026-10945 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted…
CVE-2026-10943 high 8.8 8.8 FIX debian debianwindows windows 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10942 high 7.8 7.8 FIX debian debianwindows windows 2d ago Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High)
CVE-2026-10941 high 8.8 8.8 FIX debian debianwindows windows 2d ago Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: …
CVE-2026-10940 high 8.3 8.3 FIX debian debianwindows windows 2d ago Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (…
CVE-2026-10939 high 8.8 8.8 FIX debian debianmacos macos linux-kernel google 2d ago Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10938 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chr…
CVE-2026-10937 medium 6.5 6.5 FIX debian debianwindows windows google 2d ago Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10936 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10935 high 8.8 8.8 FIX macos macos linux-kerneldebian debian google 2d ago Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10933 high 8.3 8.3 FIX debian debianwindows windows google 2d ago Use after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM…
CVE-2026-10932 high 8.8 8.8 FIX debian debianwindows windows google 2d ago Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10931 critical 9.6 9.6 FIX debian debianwindows windows google 2d ago Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)