| CVE-2026-10991 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted … |
| CVE-2026-10990 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… |
| CVE-2026-10989 |
unknown |
— |
— |
|
|
|
16h ago |
Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via … |
| CVE-2026-10988 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in Views in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-10987 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10986 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Integer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a malicious file. (Chromium security severity: High) |
| CVE-2026-10985 |
unknown |
— |
— |
|
|
|
16h ago |
Out of bounds read in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10984 |
unknown |
— |
— |
|
|
|
16h ago |
Inappropriate implementation in Accessibility in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity:… |
| CVE-2026-10983 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securit… |
| CVE-2026-10982 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebXR in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10981 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted… |
| CVE-2026-10980 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a cr… |
| CVE-2026-10979 |
unknown |
— |
— |
|
|
|
16h ago |
Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium securi… |
| CVE-2026-10978 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High) |
| CVE-2026-10977 |
unknown |
— |
— |
|
|
|
16h ago |
Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium secur… |
| CVE-2026-10976 |
unknown |
— |
— |
|
|
|
16h ago |
Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security… |
| CVE-2026-10975 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10974 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium securi… |
| CVE-2026-10973 |
unknown |
— |
— |
|
|
|
16h ago |
Uninitialized Use in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10972 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10971 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in Printing in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a s… |
| CVE-2026-10970 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Insufficient validation of untrusted input in InterestGroups in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbo… |
| CVE-2026-10969 |
high |
7.5 |
7.5 |
|
|
|
16h ago |
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via… |
| CVE-2026-10968 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in Dawn in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … |
| CVE-2026-10967 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in SurfaceCapture in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr… |
| CVE-2026-10966 |
unknown |
— |
— |
|
|
|
16h ago |
Inappropriate implementation in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity:… |
| CVE-2026-10965 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Integer overflow in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10964 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10963 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Integer overflow in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10962 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Type Confusion in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10961 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte… |
| CVE-2026-10960 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Uninitialized Use in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… |
| CVE-2026-10959 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Input in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… |
| CVE-2026-10958 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafte… |
| CVE-2026-10957 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Glic in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10956 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in MimeHandlerView in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Hi… |
| CVE-2026-10955 |
unknown |
— |
— |
|
|
|
16h ago |
Type Confusion in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security sev… |
| CVE-2026-10954 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Actor in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10953 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Core in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML… |
| CVE-2026-10952 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: … |
| CVE-2026-10951 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a… |
| CVE-2026-10950 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Hi… |
| CVE-2026-10949 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Heap buffer overflow in Video in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… |
| CVE-2026-10948 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10947 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10946 |
high |
7.5 |
7.5 |
|
|
|
16h ago |
Heap buffer overflow in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a… |
| CVE-2026-10945 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in PDF in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted… |
| CVE-2026-10944 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Hi… |
| CVE-2026-10943 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10942 |
high |
7.8 |
7.8 |
|
|
|
16h ago |
Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: High) |
| CVE-2026-10941 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: … |
| CVE-2026-10940 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (… |
| CVE-2026-10939 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10938 |
unknown |
— |
— |
|
|
|
16h ago |
Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chr… |
| CVE-2026-10937 |
unknown |
— |
— |
|
|
|
16h ago |
Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10936 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10935 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10934 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … |
| CVE-2026-10933 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM… |
| CVE-2026-10932 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10931 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10930 |
unknown |
— |
— |
|
|
|
16h ago |
Out of bounds read in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10929 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Heap buffer overflow in ANGLE in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craft… |
| CVE-2026-10928 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10927 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. … |
| CVE-2026-10926 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security severity: H… |
| CVE-2026-10925 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM… |
| CVE-2026-10924 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pa… |
| CVE-2026-10923 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: High) |
| CVE-2026-10922 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin p… |
| CVE-2026-10921 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… |
| CVE-2026-10920 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb… |
| CVE-2026-10919 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… |
| CVE-2026-10918 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chro… |
| CVE-2026-10917 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape … |
| CVE-2026-10916 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (… |
| CVE-2026-10915 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… |
| CVE-2026-10914 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… |
| CVE-2026-10913 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… |
| CVE-2026-10912 |
unknown |
— |
— |
|
|
|
16h ago |
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a … |
| CVE-2026-10911 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape … |
| CVE-2026-10910 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10909 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… |
| CVE-2026-10908 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte… |
| CVE-2026-10907 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Out of bounds write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10906 |
high |
7.5 |
7.5 |
|
|
|
16h ago |
Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via… |
| CVE-2026-10905 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (… |
| CVE-2026-10904 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: H… |
| CVE-2026-10903 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
| CVE-2026-10902 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2026-10901 |
high |
7.5 |
7.5 |
|
|
|
16h ago |
Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTM… |
| CVE-2026-10900 |
high |
7.5 |
7.5 |
|
|
|
16h ago |
Use after free in Passwords in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via … |
| CVE-2026-10899 |
high |
7.5 |
7.5 |
|
|
|
16h ago |
Use after free in Ozone in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a … |
| CVE-2026-10898 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Stack buffer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page… |
| CVE-2026-10897 |
unknown |
— |
— |
|
|
|
16h ago |
Inappropriate implementation in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Cri… |
| CVE-2026-10896 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Chrome for iOS in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2026-10895 |
high |
8.8 |
8.8 |
|
|
|
16h ago |
Use after free in Ozone in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2026-10894 |
high |
8.3 |
8.3 |
|
|
|
16h ago |
Use after free in Printing in Google Chrome on Linux prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT… |
| CVE-2026-10893 |
unknown |
— |
— |
|
|
|
16h ago |
Use after free in Chromoting in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical) |
| CVE-2026-10892 |
unknown |
— |
— |
|
|
|
16h ago |
Out of bounds write in GPU in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: C… |
