VIR Vulnerability Intelligence Relay

Search

Found 1,045 results in 482ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-7995 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Mediu…
CVE-2026-7994 high 7.8 7.8 FIX debian debianwindows windows google 29d ago Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium securit…
CVE-2026-7992 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 29d ago Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute…
CVE-2026-7991 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch…
CVE-2026-7990 high 7.8 7.8 FIX debian debianwindows windows google 29d ago Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chrom…
CVE-2026-7988 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7987 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7985 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…
CVE-2026-7984 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML …
CVE-2026-7981 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 29d ago Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a malicious file. (Chromium security…
CVE-2026-7980 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7978 high 8.1 8.1 FIX debian debianmacos macoswindows windows google 29d ago Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. (Chromium se…
CVE-2026-7976 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Ch…
CVE-2026-7975 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. …
CVE-2026-7974 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7973 high 8.8 8.8 FIX debian debianwindows windows google 29d ago Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Med…
CVE-2026-7970 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-7967 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es…
CVE-2026-7963 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a …
CVE-2026-7957 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 29d ago Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr…
CVE-2026-7956 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…
CVE-2026-7951 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7948 high 7.5 7.5 FIX debian debianwindows windows google 29d ago Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
CVE-2026-7940 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome …
CVE-2026-7938 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7930 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security sev…
CVE-2026-7929 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML …
CVE-2026-7928 high 8.8 8.8 FIX debian debianwindows windows google 29d ago Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: …
CVE-2026-7927 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7926 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7925 high 7.8 7.8 FIX debian debianwindows windows google 29d ago Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Hi…
CVE-2026-7923 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-7922 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7921 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7920 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-7919 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr…
CVE-2026-7918 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro…
CVE-2026-7917 high 8.3 8.3 FIX debian debianwindows windows google 29d ago Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte…
CVE-2026-7916 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a…
CVE-2026-7914 high 8.3 8.3 FIX debian debianwindows windows google 29d ago Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cra…
CVE-2026-7913 high 7.8 7.8 FIX debian debianwindows windows google 29d ago Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severi…
CVE-2026-7911 high 8.3 8.3 FIX debian debianwindows windows google 29d ago Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML…
CVE-2026-7907 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7906 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7905 high 8.3 8.3 FIX debian debianwindows windows google 29d ago Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sand…
CVE-2026-7903 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 29d ago Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:…
CVE-2026-7902 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7901 high 8.8 8.8 FIX debian debianmacos macoswindows windows google 29d ago Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7900 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 29d ago Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
CVE-2026-7899 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H…
CVE-2026-7898 high 8.8 8.8 FIX debian debian linux-kernelwindows windows google 29d ago Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-7897 high 7.5 7.5 FIX debian debianmacos macoswindows windows google 29d ago Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML p…
CVE-2026-7896 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 29d ago Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-43187 high 8.8 8.8 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit 2a2b5932db6758 ("xfs: fix attr leaf header freemap.size underflow…
CVE-2026-43112 high 8.8 8.8 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath When cifs_sanitize_prepath is called with an empty string or a str…
CVE-2026-43099 high 7.5 7.5 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: ipv4: icmp: fix null-ptr-deref in icmp_build_probe() ipv6_stub->ipv6_dev_find() may return ERR_PTR(-EAFNOSUPPORT) when the IPv6 s…
CVE-2026-43093 high 7.8 7.8 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: xsk: tighten UMEM headroom validation to account for tailroom and min frame The current headroom validation in xdp_umem_reg() cou…
CVE-2026-43091 high 7.8 7.8 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrm_policy_fini() frees the policy_bydst hash tables after flushing the poli…
CVE-2026-43074 high 7.8 7.8 FIX slesdebian debian linux-kernel google 29d ago In the Linux kernel, the following vulnerability has been resolved: eventpoll: defer struct eventpoll free to RCU grace period In certain situations, ep_free() in eventpoll.c will kfree the epi->ep…
CVE-2026-43063 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfs_attri_recover_work xlog_recovery_iget* never set @ip to a valid pointer if they ret…
CVE-2026-43060 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: drop pending enqueued packets on removal Packets sitting in nfqueue might hold a reference to: - templates th…
CVE-2026-25679 high 8.0 FIX rocky rheldebian debian google 1mo ago Incorrect parsing of IPv6 host literals in net/url
CVE-2026-35414 high 8.0 FIX rhel slesdebian debian google 1mo ago Important: openssh security update
CVE-2026-35386 high 8.0 FIX rhel slesdebian debian google 1mo ago Important: openssh security update
CVE-2026-35385 high 8.0 FIX rhel slesdebian debian google 1mo ago Important: openssh security update
CVE-2026-43057 high 7.5 7.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: correctly handle tunneled traffic on IPV6_CSUM GSO fallback NETIF_F_IPV6_CSUM only advertises support for checksum offload o…
CVE-2026-43040 high 7.1 7.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak When processing Router…
CVE-2026-43030 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix regsafe() for pointers to packet In case rold->reg->range == BEYOND_PKT_END && rcur->reg->range == N regsafe() may retur…
CVE-2026-43028 high 7.1 7.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that …
CVE-2026-43027 high 7.8 7.8 FIX sles rheldebian debian google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_helper: pass helper to expect cleanup nf_conntrack_helper_unregister() calls nf_ct_expect_iterate_destroy…
CVE-2026-43016 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk->sk_socket in sk_psock_verdict_data_ready(). syzbot reported use-after-free of AF_UNIX soc…
CVE-2026-31774 high 7.1 7.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix slab-out-of-bounds read in io_bundle_nbufs() sqe->len is __u32 but gets stored into sr->len which is int. When …
CVE-2026-31716 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate rec->used in journal-replay file record check check_file_record() validates rec->total against the record size…
CVE-2026-31709 high 8.8 8.8 FIX sles rheldebian debian google 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl build_sec_desc() and id_mode_to_cifs_acl() derive a DACL poin…
CVE-2026-31708 high 8.1 8.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2_ioctl_query_info QUERY_INFO path smb2_ioctl_query_info() has two response-copy branches: PASSTH…
CVE-2026-31700 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net/packet: fix TOCTOU race on mmap'd vnet_hdr in tpacket_snd() In tpacket_snd(), when PACKET_VNET_HDR is enabled, vnet_hdr point…
CVE-2026-31694 high 7.8 7.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-control…
CVE-2026-31693 high 7.8 7.8 FIX debian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: cifs: some missing initializations on replay In several places in the code, we have a label to signify the start of the code wher…
CVE-2026-7363 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security s…
CVE-2026-7361 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-7359 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C…
CVE-2026-7358 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7357 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chro…
CVE-2026-7356 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7355 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7354 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: …
CVE-2026-7353 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag…
CVE-2026-7352 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-7350 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. …
CVE-2026-7349 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium se…
CVE-2026-7348 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7347 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
CVE-2026-7346 high 8.1 8.1 FIX debian debian linux-kernelmacos macos google 1mo ago Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Hi…
CVE-2026-7345 high 8.3 8.3 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox esc…
CVE-2026-7344 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr…
CVE-2026-7343 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
CVE-2026-7342 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity…
CVE-2026-7341 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7339 high 8.8 8.8 FIX debian debian linux-kernelmacos macos google 1mo ago Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-7338 high 7.5 7.5 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium securi…