VYPR

Chrome

by Google

Source repositories

CVEs (5,401)

  • CVE-2026-10005HigMay 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10003HigMay 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9123HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap buffer overflow in Chromecast in Google Chrome on Android, Linux, ChromeOS prior to 148.0.7778.179 allowed a local attacker to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: Medium)

  • CVE-2026-9117HigMay 20, 2026
    risk 0.49cvss 7.5epss 0.00

    Type Confusion in GFX in Google Chrome on Linux, ChromeOS prior to 148.0.7778.179 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: High)

  • CVE-2026-8585HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    Inappropriate implementation in Media in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-8557HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8547HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8521HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

  • CVE-2026-8510HigMay 14, 2026
    risk 0.49cvss 7.5epss 0.00

    Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-8007HigMay 6, 2026
    risk 0.49cvss 7.5epss 0.00

    Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-7976HigMay 6, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2026-7948HigMay 6, 2026
    risk 0.49cvss 7.5epss 0.00

    Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)

  • CVE-2026-7929HigMay 6, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7897HigMay 6, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-7357HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-7349HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)

  • CVE-2026-7343HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-7338HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. (Chromium security severity: High)

  • CVE-2026-6319HigApr 15, 2026
    risk 0.49cvss 7.5epss 0.00

    Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-6308HigApr 15, 2026
    risk 0.49cvss 7.5epss 0.00

    Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Page 108 of 271