VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2026-10981MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient validation of untrusted input in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted video file. (Chromium security severity: High)

  • CVE-2026-10980MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10979MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Out of bounds read in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10977MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Uninitialized Use in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10950MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10944MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient policy enforcement in Autofill in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10938MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10937MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10912MedJun 4, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient validation of untrusted input in Extensions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9996MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9981MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Inappropriate implementation in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9953MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9917MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Uninitialized Use in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9912MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Inappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9908MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9882MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Critical)

  • CVE-2026-10018MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-10008MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-10004MedMay 28, 2026
    risk 0.42cvss 6.5epss 0.00

    Insufficient validation of untrusted input in Passwords in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9122MedMay 20, 2026
    risk 0.42cvss 6.5epss 0.00

    Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Page 120 of 269