VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2026-11107MedJun 4, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Downloads in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-11062MedJun 4, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in Extensions in Google Chrome prior to 149.0.7827.53 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: Medium)

  • CVE-2026-11031MedJun 4, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient validation of untrusted input in Password Manager in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via malicious network traffic. (Chromium security severity: Medium)

  • CVE-2026-9955MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9943MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9935MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9930MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9929MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9921MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Uninitialized Use in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin information via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9919MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in WebGL in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9913MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9911MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9907MedMay 28, 2026
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in Dawn in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9116MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in ServiceWorker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9115MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in Service Worker in Google Chrome on prior to 148.0.7778.179 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-9113MedMay 20, 2026
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8576MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in CORS in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-8567MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-8566MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in Payments in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-8563MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in IFrame Sandbox in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

Page 161 of 269