VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2026-8546MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8543MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:…

  • CVE-2026-8541MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8538MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8535MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity:…

  • CVE-2026-8516MedMay 14, 2026
    risk 0.34cvss 5.3epss 0.00

    Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium…

  • CVE-2026-8020MedMay 6, 2026
    risk 0.34cvss 5.3epss 0.00

    Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-7960MedMay 6, 2026
    risk 0.34cvss 5.3epss 0.00

    Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7955MedMay 6, 2026
    risk 0.34cvss 5.3epss 0.00

    Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-5890MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-5886MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2025-12440MedNov 10, 2025
    risk 0.34cvss 5.3epss 0.00

    Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:…

  • CVE-2025-12909MedNov 8, 2025
    risk 0.34cvss 5.3epss 0.00

    Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low)

  • CVE-2024-9966MedOct 15, 2024
    risk 0.34cvss 5.3epss 0.00

    Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2024-0333MedJan 10, 2024
    risk 0.34cvss 5.3epss 0.00

    Insufficient data validation in Extensions in Google Chrome prior to 120.0.6099.216 allowed an attacker in a privileged network position to install a malicious extension via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-11290MedJun 5, 2026
    risk 0.33cvss 5.0epss 0.00

    Integer overflow in WebView in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to cause a denial of service via a malicious file. (Chromium security severity: Low)

  • CVE-2026-11281MedJun 5, 2026
    risk 0.33cvss 5.0epss 0.00

    Integer overflow in Chromoting in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to obtain potentially sensitive information from process memory via a crafted ETW event. (Chromium security severity: Low)

  • CVE-2026-11276MedJun 5, 2026
    risk 0.33cvss 5.1epss 0.00

    Inappropriate implementation in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to bypass discretionary access control via malicious network traffic. (Chromium security severity: Low)

  • CVE-2026-9980MedMay 28, 2026
    risk 0.33cvss 5.0epss 0.00

    Insufficient validation of untrusted input in Printing in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9979MedMay 28, 2026
    risk 0.33cvss 5.0epss 0.00

    Insufficient validation of untrusted input in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: High)

Page 157 of 269