VYPR

Chromium

by Google

CVEs (10)

  • CVE-2026-9968HigMay 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10013HigMay 28, 2026
    risk 0.57cvss 8.8epss 0.00

    Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

  • CVE-2008-6994Aug 19, 2009
    risk 0.04cvss epss 0.10

    Stack-based buffer overflow in the SaveAs feature (SaveFileAsWithFilter function) in win_util.cc in Google Chrome 0.2.149.27 allows user-assisted remote attackers to execute arbitrary code via a web page with a long TITLE element, which triggers the overflow when the user saves…

  • CVE-2008-6995Aug 19, 2009
    risk 0.03cvss epss 0.05

    Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "%" (percent) character, which triggers a buffer over-read, as demonstrated…

  • CVE-2026-13946Jul 1, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in ScriptInjections in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-13808Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient data validation in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a local attacker to obtain potentially sensitive information from process memory via physical access to the device. (Chromium security severity: High)

  • CVE-2026-14066Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-13907Jul 1, 2026
    risk 0.00cvss epss 0.00

    Inappropriate implementation in iOSWeb in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-13847Jul 1, 2026
    risk 0.00cvss epss 0.00

    Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2010-3253Sep 7, 2010
    risk 0.00cvss epss 0.01

    The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.