VYPR

rpm package

opensuse/chromium&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/chromium&distro=openSUSE%20Tumbleweed

Vulnerabilities (4,053)

  • CVE-2026-10923HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: High)

  • CVE-2026-10922HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via malicious network traffic. (Chromium security severity: High)

  • CVE-2026-10921HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10920HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10919HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10918HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10917HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10916MedJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10915HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10914HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10913HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10912MedJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10911HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10910HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10909HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10908HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in FullScreen in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10907HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Out of bounds write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10906HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10905HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Use after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10904HigJun 4, 2026
    affected < 149.0.7827.53-2.1fixed 149.0.7827.53-2.1

    Inappropriate implementation in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Page 27 of 203