VYPR

Chrome

by Google

Source repositories

CVEs (5,374)

  • CVE-2026-8560MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-8559MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8552MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8537MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8528MedMay 14, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass Site Isolation via a crafted HTML page. (Chromium security severity: High)

  • CVE-2026-8014MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Preload in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-8013MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-8011MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in Search in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-8005MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. (Chromium security severity: Low)

  • CVE-2026-8004MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Low)

  • CVE-2026-7999MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Low)

  • CVE-2026-7986MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7983MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7979MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7972MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7969MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7961MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data via malicious network traffic. (Chromium security severity: Medium)

  • CVE-2026-7946MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7942MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

  • CVE-2026-7936MedMay 6, 2026
    risk 0.28cvss 4.3epss 0.00

    Object lifecycle issue in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Page 162 of 269