threat
engine
.sh
Back
·
··:··
Home
/
Product
/
google chrome
Product
google chrome
500 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-8586
< 148.0.7778.168
Inappropriate implementation in Chromoting in Google Chrome prior to 148.0.7778.168 allowed a local attacker to bypass discretiona
5.5
MEDIUM
CVE-2026-8581
< 148.0.7778.168
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbo
8.8
HIGH
CVE-2026-8562
< 148.0.7778.168
Side-channel information leakage in Navigation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-or
4.3
MEDIUM
CVE-2026-8561
< 148.0.7778.168
Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via
5.4
MEDIUM
CVE-2026-8558
< 148.0.7778.168
Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a
8.8
HIGH
CVE-2026-8557
< 148.0.7778.168
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the rendere
7.5
HIGH
CVE-2026-8553
< 148.0.7778.168
Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process
3.1
LOW
CVE-2026-8551
< 148.0.7778.168
Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in s
8.8
HIGH
CVE-2026-8540
< 148.0.7778.168
Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-8538
< 148.0.7778.168
Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compr
5.3
MEDIUM
CVE-2026-8537
< 148.0.7778.168
Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cros
4.3
MEDIUM
CVE-2026-8533
< 148.0.7778.168
Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the rendere
8.3
HIGH
CVE-2026-8532
< 148.0.7778.168
Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-8529
< 148.0.7778.168
Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-8528
< 148.0.7778.168
Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who
4.3
MEDIUM
CVE-2026-8527
< 148.0.7778.168
Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to exec
8.8
HIGH
CVE-2026-8526
< 148.0.7778.168
Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-8524
< 148.0.7778.168
Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code insid
8.8
HIGH
CVE-2026-8523
< 148.0.7778.168
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process
8.3
HIGH
CVE-2026-8521
< 148.0.7778.168
Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via mali
7.5
HIGH
CVE-2026-8520
< 148.0.7778.168
Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a
8.3
HIGH
CVE-2026-8518
< 148.0.7778.168
Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-8516
< 148.0.7778.168
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who
5.3
MEDIUM
CVE-2026-8515
< 148.0.7778.168
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specifi
8.3
HIGH
CVE-2026-8514
< 148.0.7778.168
Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process
8.3
HIGH
CVE-2026-8512
< 148.0.7778.168
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in
8.3
HIGH
CVE-2026-8511
< 148.0.7778.168
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape vi
9.6
CRITICAL
CVE-2026-8509
< 148.0.7778.168
Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-8022
< 148.0.7778.96
Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to en
3.1
LOW
CVE-2026-8021
< 148.0.7778.96
Script injection in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specifi
4.2
MEDIUM
CVE-2026-8020
< 148.0.7778.96
Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the rend
5.3
MEDIUM
CVE-2026-8019
< 148.0.7778.96
Insufficient policy enforcement in WebApp in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing
5.4
MEDIUM
CVE-2026-8018
< 148.0.7778.96
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perfo
8.1
HIGH
CVE-2026-8017
< 148.0.7778.96
Side-channel information leakage in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin d
3.1
LOW
CVE-2026-8016
< 148.0.7778.96
Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-8015
< 148.0.7778.96
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via
5.4
MEDIUM
CVE-2026-8014
< 148.0.7778.96
Inappropriate implementation in Preload in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin dat
4.3
MEDIUM
CVE-2026-8013
< 148.0.7778.96
Insufficient validation of untrusted input in FedCM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cros
4.3
MEDIUM
CVE-2026-8012
< 148.0.7778.96
Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the re
5.4
MEDIUM
CVE-2026-8011
< 148.0.7778.96
Insufficient policy enforcement in Search in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin d
4.3
MEDIUM
CVE-2026-8010
< 148.0.7778.96
Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who
6.3
MEDIUM
CVE-2026-8009
< 148.0.7778.96
Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the ren
5.0
MEDIUM
CVE-2026-8008
< 148.0.7778.96
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to insta
5.4
MEDIUM
CVE-2026-8007
< 148.0.7778.96
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compr
7.5
HIGH
CVE-2026-8006
< 148.0.7778.96
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to in
5.4
MEDIUM
CVE-2026-8005
< 148.0.7778.96
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local networ
4.3
MEDIUM
CVE-2026-8004
< 148.0.7778.96
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to in
4.3
MEDIUM
CVE-2026-8003
< 148.0.7778.96
Insufficient validation of untrusted input in TabGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perfo
5.4
MEDIUM
CVE-2026-8002
< 148.0.7778.96
Use after free in Audio in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-8001
< 148.0.7778.96
Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compr
8.3
HIGH
CVE-2026-8000
< 148.0.7778.96
Insufficient validation of untrusted input in ChromeDriver in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote att
8.8
HIGH
CVE-2026-7999
< 148.0.7778.96
Inappropriate implementation in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensiti
4.3
MEDIUM
CVE-2026-7998
< 148.0.7778.96
Insufficient validation of untrusted input in Dialog in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had com
5.4
MEDIUM
CVE-2026-7997
< 148.0.7778.96
Insufficient validation of untrusted input in Updater in Google Chrome on Mac prior to 148.0.7778.96 allowed a local attacker to p
7.8
HIGH
CVE-2026-7996
< 148.0.7778.96
Insufficient validation of untrusted input in SSL in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compro
4.2
MEDIUM
CVE-2026-7995
< 148.0.7778.96
Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-7994
< 148.0.7778.96
Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform
7.8
HIGH
CVE-2026-7993
< 148.0.7778.96
Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacke
4.2
MEDIUM
CVE-2026-7992
< 148.0.7778.96
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attac
8.8
HIGH
CVE-2026-7991
< 148.0.7778.96
Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to
8.8
HIGH
CVE-2026-7990
< 148.0.7778.96
Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker
7.8
HIGH
CVE-2026-7989
< 148.0.7778.96
Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised
4.2
MEDIUM
CVE-2026-7988
< 148.0.7778.96
Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-7987
< 148.0.7778.96
Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-7986
< 148.0.7778.96
Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin
4.3
MEDIUM
CVE-2026-7985
< 148.0.7778.96
Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process t
8.3
HIGH
CVE-2026-7984
< 148.0.7778.96
Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer p
8.8
HIGH
CVE-2026-7983
< 148.0.7778.96
Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a craft
4.3
MEDIUM
CVE-2026-7982
< 148.0.7778.96
Uninitialized Use in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive i
6.5
MEDIUM
CVE-2026-7981
< 148.0.7778.96
Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive inf
8.1
HIGH
CVE-2026-7980
< 148.0.7778.96
Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sa
8.8
HIGH
CVE-2026-7979
< 148.0.7778.96
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data
4.3
MEDIUM
CVE-2026-7978
< 148.0.7778.96
Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-l
8.1
HIGH
CVE-2026-7977
< 148.0.7778.96
Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin pol
6.3
MEDIUM
CVE-2026-7976
< 148.0.7778.96
Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious ex
7.5
HIGH
CVE-2026-7975
< 148.0.7778.96
Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer proc
8.3
HIGH
CVE-2026-7974
< 148.0.7778.96
Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandb
8.8
HIGH
CVE-2026-7973
< 148.0.7778.96
Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a san
8.8
HIGH
CVE-2026-7972
< 148.0.7778.96
Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer proces
4.3
MEDIUM
CVE-2026-7971
< 148.0.7778.96
Inappropriate implementation in ORB in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass site isolation via
6.3
MEDIUM
CVE-2026-7970
< 148.0.7778.96
Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer pro
8.3
HIGH
CVE-2026-7969
< 148.0.7778.96
Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer pro
4.3
MEDIUM
CVE-2026-7968
< 148.0.7778.96
Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compr
3.1
LOW
CVE-2026-7967
< 148.0.7778.96
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had
8.3
HIGH
CVE-2026-7966
< 148.0.7778.96
Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who
3.1
LOW
CVE-2026-7965
< 148.0.7778.96
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had c
3.1
LOW
CVE-2026-7964
< 148.0.7778.96
Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had
4.2
MEDIUM
CVE-2026-7963
< 148.0.7778.96
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromise
8.3
HIGH
CVE-2026-7962
< 148.0.7778.96
Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbi
5.4
MEDIUM
CVE-2026-7961
< 148.0.7778.96
Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local
4.3
MEDIUM
CVE-2026-7960
< 148.0.7778.96
Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtai
5.3
MEDIUM
CVE-2026-7959
< 148.0.7778.96
Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised t
3.1
LOW
CVE-2026-7958
< 148.0.7778.96
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to
5.4
MEDIUM
CVE-2026-7957
< 148.0.7778.96
Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the
8.8
HIGH
CVE-2026-7956
< 148.0.7778.96
Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer pr
8.3
HIGH
CVE-2026-7955
< 148.0.7778.96
Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer proces
5.3
MEDIUM
CVE-2026-7954
< 148.0.7778.96
Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process
3.1
LOW
CVE-2026-7953
< 148.0.7778.96
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject
6.1
MEDIUM
CVE-2026-7952
< 148.0.7778.96
Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromise
4.2
MEDIUM
CVE-2026-7951
< 148.0.7778.96
Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a
8.8
HIGH
CVE-2026-7950
< 148.0.7778.96
Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/wr
5.4
MEDIUM
CVE-2026-7949
< 148.0.7778.96
Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer proc
3.1
LOW
CVE-2026-7948
< 148.0.7778.96
Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via
7.5
HIGH
CVE-2026-7947
< 148.0.7778.96
Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had co
4.2
MEDIUM
CVE-2026-7946
< 148.0.7778.96
Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote
4.3
MEDIUM
CVE-2026-7945
< 148.0.7778.96
Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compr
3.1
LOW
CVE-2026-7944
< 148.0.7778.96
Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker w
3.1
LOW
CVE-2026-7943
< 148.0.7778.96
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had comp
4.2
MEDIUM
CVE-2026-7942
< 148.0.7778.96
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafte
4.3
MEDIUM
CVE-2026-7941
< 148.0.7778.96
Insufficient validation of untrusted input in Mobile in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker t
4.4
MEDIUM
CVE-2026-7940
< 148.0.7778.96
Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious exten
8.8
HIGH
CVE-2026-7939
< 148.0.7778.96
Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary
5.4
MEDIUM
CVE-2026-7938
< 148.0.7778.96
Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-7937
< 148.0.7778.96
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to in
3.1
LOW
CVE-2026-7936
< 148.0.7778.96
Object lifecycle issue in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory
4.3
MEDIUM
CVE-2026-7935
< 148.0.7778.96
Inappropriate implementation in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing vi
5.4
MEDIUM
CVE-2026-7934
< 148.0.7778.96
Insufficient validation of untrusted input in Popup Blocker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who
4.2
MEDIUM
CVE-2026-7933
< 148.0.7778.96
Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memo
4.3
MEDIUM
CVE-2026-7932
< 148.0.7778.96
Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation
4.4
MEDIUM
CVE-2026-7931
< 148.0.7778.96
Insufficient validation of untrusted input in iOS in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker to perf
5.4
MEDIUM
CVE-2026-7930
< 148.0.7778.96
Insufficient validation of untrusted input in Cookies in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform
8.8
HIGH
CVE-2026-7929
< 148.0.7778.96
Use after free in MediaRecording in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage
7.5
HIGH
CVE-2026-7928
< 148.0.7778.96
Use after free in WebRTC in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code in
8.8
HIGH
CVE-2026-7927
< 148.0.7778.96
Type Confusion in Runtime in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-7926
< 148.0.7778.96
Use after free in PresentationAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code insi
8.8
HIGH
CVE-2026-7925
< 148.0.7778.96
Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privi
7.8
HIGH
CVE-2026-7924
< 148.0.7778.96
Uninitialized Use in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive inform
6.5
MEDIUM
CVE-2026-7923
< 148.0.7778.96
Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer pro
8.3
HIGH
CVE-2026-7922
< 148.0.7778.96
Use after free in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox
8.3
HIGH
CVE-2026-7921
< 148.0.7778.96
Use after free in Passwords in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code via a craf
8.8
HIGH
CVE-2026-7920
< 148.0.7778.96
Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process
8.3
HIGH
CVE-2026-7919
< 148.0.7778.96
Use after free in Aura in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process
8.3
HIGH
CVE-2026-7918
< 148.0.7778.96
Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process t
8.3
HIGH
CVE-2026-7917
< 148.0.7778.96
Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the
8.3
HIGH
CVE-2026-7916
< 148.0.7778.96
Insufficient data validation in InterestGroups in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromis
8.3
HIGH
CVE-2026-7915
< 148.0.7778.96
Insufficient data validation in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker to bypass na
4.3
MEDIUM
CVE-2026-7914
< 148.0.7778.96
Type Confusion in Accessibility in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised t
8.3
HIGH
CVE-2026-7913
< 148.0.7778.96
Insufficient policy enforcement in DevTools in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to perform
7.8
HIGH
CVE-2026-7912
< 148.0.7778.96
Integer overflow in GPU in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the rende
4.2
MEDIUM
CVE-2026-7911
< 148.0.7778.96
Use after free in Aura in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the render
8.3
HIGH
CVE-2026-7910
< 148.0.7778.96
Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process
9.6
CRITICAL
CVE-2026-7909
< 148.0.7778.96
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromise
3.1
LOW
CVE-2026-7908
< 148.0.7778.96
Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox es
9.6
CRITICAL
CVE-2026-7907
< 148.0.7778.96
Use after free in DOM in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-7906
< 148.0.7778.96
Use after free in SVG in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-7905
< 148.0.7778.96
Insufficient validation of untrusted input in Media in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker w
8.3
HIGH
CVE-2026-7904
< 148.0.7778.96
Out of bounds read in Fonts in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory r
4.3
MEDIUM
CVE-2026-7903
< 148.0.7778.96
Integer overflow in ANGLE in Google Chrome on Mac,Windows prior to 148.0.7778.96 allowed a remote attacker to potentially exploit
8.8
HIGH
CVE-2026-7902
< 148.0.7778.96
Out of bounds memory access in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code insi
8.8
HIGH
CVE-2026-7901
< 148.0.7778.96
Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-7900
< 148.0.7778.96
Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer p
8.3
HIGH
CVE-2026-7899
< 148.0.7778.96
Out of bounds read and write in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code ins
8.8
HIGH
CVE-2026-7898
< 148.0.7778.96
Use after free in Chromoting in Google Chrome on Linux prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code
8.8
HIGH
CVE-2026-7897
< 148.0.7778.96
Use after free in Mobile in Google Chrome on iOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage i
7.5
HIGH
CVE-2026-7896
< 148.0.7778.96
Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-7363
< 147.0.7727.138
Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrar
8.8
HIGH
CVE-2026-7361
< 147.0.7727.138
Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption vi
8.8
HIGH
CVE-2026-7360
< 147.0.7727.138
Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who
3.1
LOW
CVE-2026-7359
< 147.0.7727.138
Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer proces
8.8
HIGH
CVE-2026-7358
< 147.0.7727.138
Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a
8.8
HIGH
CVE-2026-7357
< 147.0.7727.138
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process
7.5
HIGH
CVE-2026-7356
< 147.0.7727.138
Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a cr
8.8
HIGH
CVE-2026-7355
< 147.0.7727.138
Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-7354
< 147.0.7727.138
Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a
8.8
HIGH
CVE-2026-7353
< 147.0.7727.138
Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer p
8.3
HIGH
CVE-2026-7352
< 147.0.7727.138
Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the rend
8.3
HIGH
CVE-2026-7351
< 147.0.7727.138
Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension t
3.1
LOW
CVE-2026-7350
< 147.0.7727.138
Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer proc
8.3
HIGH
CVE-2026-7349
< 147.0.7727.138
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitr
7.5
HIGH
CVE-2026-7348
< 147.0.7727.138
Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-7347
< 147.0.7727.138
Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via mali
8.1
HIGH
CVE-2026-7346
< 147.0.7727.138
Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds m
8.1
HIGH
CVE-2026-7345
< 147.0.7727.138
Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had
8.3
HIGH
CVE-2026-7344
< 147.0.7727.138
Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised
8.8
HIGH
CVE-2026-7343
< 147.0.7727.138
Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the rend
7.5
HIGH
CVE-2026-7342
< 147.0.7727.138
Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code
8.8
HIGH
CVE-2026-7341
< 147.0.7727.138
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-7340
< 147.0.7727.138
Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bound
4.3
MEDIUM
CVE-2026-7339
< 147.0.7727.138
Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corr
8.8
HIGH
CVE-2026-7338
< 147.0.7727.138
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially ex
7.5
HIGH
CVE-2026-7337
< 147.0.7727.138
Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-7336
< 147.0.7727.138
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-7335
< 147.0.7727.138
Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-7334
< 147.0.7727.138
Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corr
8.8
HIGH
CVE-2026-7333
< 147.0.7727.138
Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape v
9.6
CRITICAL
CVE-2026-6921
< 147.0.7727.116
Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape
8.3
HIGH
CVE-2026-6920
< 147.0.7727.116
Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the re
9.6
CRITICAL
CVE-2026-6919
< 147.0.7727.116
Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer pro
9.6
CRITICAL
CVE-2026-6364
< 147.0.7727.101
Out of bounds read in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive info
6.5
MEDIUM
CVE-2026-6363
< 147.0.7727.101
Type Confusion in V8 in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds memor
8.8
HIGH
CVE-2026-6362
< 147.0.7727.101
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform out of bounds m
4.3
MEDIUM
CVE-2026-6361
< 147.0.7727.101
Heap buffer overflow in PDFium in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who convinced a user
8.3
HIGH
CVE-2026-6360
< 147.0.7727.101
Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corr
8.8
HIGH
CVE-2026-6359
< 147.0.7727.101
Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the rend
8.8
HIGH
CVE-2026-6358
< 147.0.7727.101
Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds mem
8.8
HIGH
CVE-2026-6319
< 147.0.7727.101
Use after free in Payments in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to e
7.5
HIGH
CVE-2026-6318
< 147.0.7727.101
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-6317
< 147.0.7727.101
Use after free in Cast in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted
8.8
HIGH
CVE-2026-6316
< 147.0.7727.101
Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-6315
< 147.0.7727.101
Use after free in Permissions in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user t
8.8
HIGH
CVE-2026-6314
< 147.0.7727.101
Out of bounds write in GPU in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the GPU process
8.3
HIGH
CVE-2026-6313
< 147.0.7727.101
Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the
3.1
LOW
CVE-2026-6312
< 147.0.7727.101
Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromise
3.1
LOW
CVE-2026-6311
< 147.0.7727.101
Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromis
8.3
HIGH
CVE-2026-6310
< 147.0.7727.101
Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process
8.3
HIGH
CVE-2026-6309
< 147.0.7727.101
Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process
8.3
HIGH
CVE-2026-6308
< 147.0.7727.101
Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in s
7.5
HIGH
CVE-2026-6307
< 147.0.7727.101
Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a s
8.8
HIGH
CVE-2026-6306
< 147.0.7727.101
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-6305
< 147.0.7727.101
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside
8.8
HIGH
CVE-2026-6304
< 147.0.7727.101
Use after free in Graphite in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer pro
8.3
HIGH
CVE-2026-6303
< 147.0.7727.101
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-6302
< 147.0.7727.101
Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-6301
< 147.0.7727.101
Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a s
8.8
HIGH
CVE-2026-6300
< 147.0.7727.101
Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbo
8.8
HIGH
CVE-2026-6299
< 147.0.7727.101
Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a cra
8.8
HIGH
CVE-2026-6298
< 147.0.7727.101
Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive in
4.3
MEDIUM
CVE-2026-6297
< 147.0.7727.101
Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potential
8.3
HIGH
CVE-2026-6296
< 147.0.7727.101
Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox
9.6
CRITICAL
CVE-2026-5919
< 147.0.7727.55
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had
6.5
MEDIUM
CVE-2026-5918
< 147.0.7727.55
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised t
4.3
MEDIUM
CVE-2026-5915
< 147.0.7727.55
Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform a
8.1
HIGH
CVE-2026-5914
< 147.0.7727.55
Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious exte
8.8
HIGH
CVE-2026-5913
< 147.0.7727.55
Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory r
8.1
HIGH
CVE-2026-5912
< 147.0.7727.55
Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory wr
8.8
HIGH
CVE-2026-5911
< 147.0.7727.55
Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security polic
4.3
MEDIUM
CVE-2026-5910
< 147.0.7727.55
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-5909
< 147.0.7727.55
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-5908
< 147.0.7727.55
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-5907
< 147.0.7727.55
Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bound
8.1
HIGH
CVE-2026-5906
< 147.0.7727.55
Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the content
4.3
MEDIUM
CVE-2026-5905
< 147.0.7727.55
Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domai
6.5
MEDIUM
CVE-2026-5904
< 147.0.7727.55
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious exten
8.8
HIGH
CVE-2026-5903
< 147.0.7727.55
Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in
6.5
MEDIUM
CVE-2026-5902
< 147.0.7727.55
Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer proces
9.8
CRITICAL
CVE-2026-5901
< 147.0.7727.55
Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to in
6.5
MEDIUM
CVE-2026-5900
< 147.0.7727.55
Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protectio
4.3
MEDIUM
CVE-2026-5899
< 147.0.7727.55
Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convin
6.1
MEDIUM
CVE-2026-5898
< 147.0.7727.55
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing v
4.3
MEDIUM
CVE-2026-5897
< 147.0.7727.55
Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engag
4.3
MEDIUM
CVE-2026-5896
< 147.0.7727.55
Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specifi
6.1
MEDIUM
CVE-2026-5895
< 147.0.7727.55
Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of
5.4
MEDIUM
CVE-2026-5894
< 147.0.7727.55
Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restric
4.3
MEDIUM
CVE-2026-5893
< 147.0.7727.55
Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted
6.8
MEDIUM
CVE-2026-5892
< 147.0.7727.55
Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the
6.6
MEDIUM
CVE-2026-5891
< 147.0.7727.55
Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromise
4.3
MEDIUM
CVE-2026-5890
< 147.0.7727.55
Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information fr
5.3
MEDIUM
CVE-2026-5889
< 147.0.7727.55
Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information
4.3
MEDIUM
CVE-2026-5888
< 147.0.7727.55
Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive i
6.5
MEDIUM
CVE-2026-5887
< 147.0.7727.55
Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attack
4.3
MEDIUM
CVE-2026-5886
< 147.0.7727.55
Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sens
5.3
MEDIUM
CVE-2026-5885
< 147.0.7727.55
Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker t
6.5
MEDIUM
CVE-2026-5884
< 147.0.7727.55
Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had comp
8.8
HIGH
CVE-2026-5883
< 147.0.7727.55
Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandb
8.8
HIGH
CVE-2026-5882
< 147.0.7727.55
Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a
4.3
MEDIUM
CVE-2026-5881
< 147.0.7727.55
Policy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restric
6.5
MEDIUM
CVE-2026-5880
< 147.0.7727.55
Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromise
4.3
MEDIUM
CVE-2026-5879
< 147.0.7727.55
Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to ex
8.8
HIGH
CVE-2026-5878
< 147.0.7727.55
Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a craf
4.3
MEDIUM
CVE-2026-5877
< 147.0.7727.55
Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a
8.8
HIGH
CVE-2026-5876
< 147.0.7727.55
Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to leak cross-ori
6.5
MEDIUM
CVE-2026-5875
< 147.0.7727.55
Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML
4.3
MEDIUM
CVE-2026-5874
< 147.0.7727.55
Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in sp
9.6
CRITICAL
CVE-2026-5873
< 147.0.7727.55
Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code ins
8.8
HIGH
CVE-2026-5872
< 147.0.7727.55
Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandb
8.8
HIGH
CVE-2026-5871
< 147.0.7727.55
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-5870
< 147.0.7727.55
Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-5869
< 147.0.7727.55
Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive in
4.3
MEDIUM
CVE-2026-5868
< 147.0.7727.55
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code i
8.8
HIGH
CVE-2026-5867
< 147.0.7727.55
Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive in
4.3
MEDIUM
CVE-2026-5866
< 147.0.7727.55
Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandb
8.8
HIGH
CVE-2026-5865
< 147.0.7727.55
Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-5864
< 147.0.7727.55
Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive
4.3
MEDIUM
CVE-2026-5863
< 147.0.7727.55
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code ins
8.8
HIGH
CVE-2026-5862
< 147.0.7727.55
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code ins
8.8
HIGH
CVE-2026-5861
< 147.0.7727.55
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-5860
< 147.0.7727.55
Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-5859
< 147.0.7727.55
Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-5858
< 147.0.7727.55
Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a cr
8.8
HIGH
CVE-2026-5292
< 146.0.7680.177
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds mem
8.8
HIGH
CVE-2026-5291
< 146.0.7680.177
Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sen
6.5
MEDIUM
CVE-2026-5290
< 146.0.7680.177
Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer
9.6
CRITICAL
CVE-2026-5289
< 146.0.7680.177
Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer p
9.6
CRITICAL
CVE-2026-5288
< 146.0.7680.177
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the re
9.6
CRITICAL
CVE-2026-5287
< 146.0.7680.177
Use after free in PDF in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbo
8.8
HIGH
CVE-2026-5286
< 146.0.7680.177
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted
8.8
HIGH
CVE-2026-5285
< 146.0.7680.177
Use after free in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-5284
< 146.0.7680.177
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process
7.5
HIGH
CVE-2026-5283
< 146.0.7680.177
Inappropriate implementation in ANGLE in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to leak cross-origin data
6.5
MEDIUM
CVE-2026-5282
< 146.0.7680.177
Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds mem
8.1
HIGH
CVE-2026-5281
< 146.0.7680.177
Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process
8.8
HIGH
CVE-2026-5280
< 146.0.7680.177
Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a
8.8
HIGH
CVE-2026-5279
< 146.0.7680.177
Object corruption in V8 in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-5278
< 146.0.7680.177
Use after free in Web MIDI in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code
8.8
HIGH
CVE-2026-5277
< 146.0.7680.177
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the re
7.5
HIGH
CVE-2026-5276
< 146.0.7680.177
Insufficient policy enforcement in WebUSB in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially
6.5
MEDIUM
CVE-2026-5275
< 146.0.7680.177
Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code
8.8
HIGH
CVE-2026-5274
< 146.0.7680.177
Integer overflow in Codecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform arbitrary read/write via
8.8
HIGH
CVE-2026-5273
< 146.0.7680.177
Use after free in CSS in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbo
6.3
MEDIUM
CVE-2026-5272
< 146.0.7680.177
Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a cra
8.8
HIGH
CVE-2026-4680
< 146.0.7680.164
Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a sand
8.8
HIGH
CVE-2026-4679
< 146.0.7680.164
Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory wr
8.8
HIGH
CVE-2026-4678
< 146.0.7680.164
Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to execute arbitrary code inside a san
8.8
HIGH
CVE-2026-4677
< 146.0.7680.164
Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of b
8.8
HIGH
CVE-2026-4676
< 146.0.7680.164
Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to potentially perform a sandbox escape
8.8
HIGH
CVE-2026-4675
< 146.0.7680.164
Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memor
8.8
HIGH
CVE-2026-4674
< 146.0.7680.164
Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory acces
8.8
HIGH
CVE-2026-4673
< 146.0.7680.164
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds me
8.8
HIGH
CVE-2026-4464
< 146.0.7680.153
Integer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruptio
8.8
HIGH
CVE-2026-4463
< 146.0.7680.153
Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corr
8.8
HIGH
CVE-2026-4462
< 146.0.7680.153
Out of bounds read in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory
8.8
HIGH
CVE-2026-4461
< 146.0.7680.153
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2026-4460
< 146.0.7680.153
Out of bounds read in Skia in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform an out of bounds memory r
8.8
HIGH
CVE-2026-4459
< 146.0.7680.153
Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit
8.8
HIGH
CVE-2026-4458
< 146.0.7680.153
Use after free in Extensions in Google Chrome prior to 146.0.7680.153 allowed an attacker who convinced a user to install a malici
8.8
HIGH
CVE-2026-4457
< 146.0.7680.153
Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2026-4456
< 146.0.7680.153
Use after free in Digital Credentials API in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who had compromised t
8.8
HIGH
CVE-2026-4455
< 146.0.7680.153
Heap buffer overflow in PDFium in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corr
8.8
HIGH
CVE-2026-4454
< 146.0.7680.153
Use after free in Network in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruptio
8.8
HIGH
CVE-2026-4453
< 146.0.7680.153
Integer overflow in Dawn in Google Chrome on Mac prior to 146.0.7680.153 allowed a remote attacker to leak cross-origin data via a
4.3
MEDIUM
CVE-2026-4452
< 146.0.7680.153
Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.153 allowed a remote attacker to potentially exploit hea
8.8
HIGH
CVE-2026-4451
< 146.0.7680.153
Insufficient validation of untrusted input in Navigation in Google Chrome prior to 146.0.7680.153 allowed a remote attacker who ha
8.8
HIGH
CVE-2026-4450
< 146.0.7680.153
Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruptio
8.8
HIGH
CVE-2026-4449
< 146.0.7680.153
Use after free in Blink in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-4448
< 146.0.7680.153
Heap buffer overflow in ANGLE in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corru
8.8
HIGH
CVE-2026-4447
< 146.0.7680.153
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code in
8.8
HIGH
CVE-2026-4446
< 146.0.7680.153
Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-4445
< 146.0.7680.153
Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-4444
< 146.0.7680.153
Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack co
8.8
HIGH
CVE-2026-4443
< 146.0.7680.153
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code insi
8.8
HIGH
CVE-2026-4442
< 146.0.7680.153
Heap buffer overflow in CSS in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corrupt
8.8
HIGH
CVE-2026-4441
< 146.0.7680.153
Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption v
8.8
HIGH
CVE-2026-4440
< 146.0.7680.153
Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read
8.8
HIGH
CVE-2026-4439
< 146.0.7680.153
Out of bounds memory access in WebGL in Google Chrome on Android prior to 146.0.7680.153 allowed a remote attacker to potentially
8.8
HIGH
CVE-2026-3910
< 146.0.7680.75
Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code ins
8.8
HIGH
CVE-2026-3909
< 146.0.7680.80
Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory acce
8.8
HIGH
CVE-2026-3942
< 146.0.7680.71
Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing
4.3
MEDIUM
CVE-2026-3941
< 146.0.7680.71
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation
4.3
MEDIUM
CVE-2026-3940
< 146.0.7680.71
Insufficient policy enforcement in DevTools in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation
5.3
MEDIUM
CVE-2026-3939
< 146.0.7680.71
Insufficient policy enforcement in PDF in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass navigation rest
5.3
MEDIUM
CVE-2026-3938
< 146.0.7680.71
Insufficient policy enforcement in Clipboard in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised
4.3
MEDIUM
CVE-2026-3937
< 146.0.7680.71
Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoo
6.5
MEDIUM
CVE-2026-3936
< 146.0.7680.71
Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2026-3935
< 146.0.7680.71
Incorrect security UI in WebAppInstalls in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing v
6.5
MEDIUM
CVE-2026-3934
< 146.0.7680.71
Insufficient policy enforcement in ChromeDriver in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to bypass same o
6.5
MEDIUM
CVE-2026-3932
< 146.0.7680.71
Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navi
7.5
HIGH
CVE-2026-3931
< 146.0.7680.71
Heap buffer overflow in Skia in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory acc
8.8
HIGH
CVE-2026-3930
< 146.0.7680.71
Unsafe navigation in Navigation in Google Chrome on iOS prior to 146.0.7680.71 allowed a remote attacker to bypass navigation rest
5.3
MEDIUM
CVE-2026-3929
< 146.0.7680.71
Side-channel information leakage in ResourceTiming in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to leak cross
3.1
LOW
CVE-2026-3928
< 146.0.7680.71
Insufficient policy enforcement in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to
4.3
MEDIUM
CVE-2026-3927
< 146.0.7680.71
Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing
4.3
MEDIUM
CVE-2026-3926
< 146.0.7680.71
Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access
8.8
HIGH
CVE-2026-3925
< 146.0.7680.71
Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform U
4.3
MEDIUM
CVE-2026-3924
< 146.0.7680.71
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer
7.5
HIGH
CVE-2026-3923
< 146.0.7680.71
Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-3922
< 146.0.7680.71
Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corrup
8.8
HIGH
CVE-2026-3921
< 146.0.7680.71
Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corru
8.8
HIGH
CVE-2026-3920
< 146.0.7680.71
Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2026-3919
< 146.0.7680.71
Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicio
8.8
HIGH
CVE-2026-3918
< 146.0.7680.71
Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-3917
< 146.0.7680.71
Use after free in Agents in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-3916
< 146.0.7680.71
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbo
9.6
CRITICAL
CVE-2026-3915
< 146.0.7680.71
Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory
8.8
HIGH
CVE-2026-3914
< 146.0.7680.71
Integer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2026-3913
< 146.0.7680.71
Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corrup
8.8
HIGH
CVE-2026-3545
< 145.0.7632.159
Insufficient data validation in Navigation in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perfo
9.6
CRITICAL
CVE-2026-3544
< 145.0.7632.159
Heap buffer overflow in WebCodecs in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds m
8.8
HIGH
CVE-2026-3543
< 145.0.7632.159
Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out o
8.8
HIGH
CVE-2026-3542
< 145.0.7632.159
Inappropriate implementation in WebAssembly in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of b
8.8
HIGH
CVE-2026-3541
< 145.0.7632.159
Inappropriate implementation in CSS in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform an out of bounds
8.8
HIGH
CVE-2026-3540
< 145.0.7632.159
Inappropriate implementation in WebAudio in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to perform out of boun
8.8
HIGH
CVE-2026-3539
< 145.0.7632.159
Object lifecycle issue in DevTools in Google Chrome prior to 145.0.7632.159 allowed an attacker who convinced a user to install a
8.8
HIGH
CVE-2026-3538
< 145.0.7632.159
Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds m
8.8
HIGH
CVE-2026-3537
< 145.0.7632.159
Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exp
8.8
HIGH
CVE-2026-3536
< 145.0.7632.159
Integer overflow in ANGLE in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds
8.8
HIGH
CVE-2026-3063
< 145.0.7632.116
Inappropriate implementation in DevTools in Google Chrome prior to 145.0.7632.116 allowed an attacker who convinced a user to inst
5.4
MEDIUM
CVE-2026-3062
< 145.0.7632.116
Out of bounds read and write in Tint in Google Chrome on Mac prior to 145.0.7632.116 allowed a remote attacker to perform out of b
9.8
CRITICAL
CVE-2026-3061
< 145.0.7632.116
Out of bounds read in Media in Google Chrome prior to 145.0.7632.116 allowed a remote attacker to perform an out of bounds memory
9.1
CRITICAL
CVE-2026-2650
< 145.0.7632.109
Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corru
8.8
HIGH
CVE-2026-2649
< 145.0.7632.109
Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to potentially exploit heap corruption v
8.8
HIGH
CVE-2026-2648
< 145.0.7632.109
Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.109 allowed a remote attacker to perform an out of bounds memo
8.8
HIGH
CVE-2026-2441
< 145.0.7632.75
Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox
8.8
HIGH
CVE-2026-2323
< 145.0.7632.45
Inappropriate implementation in Downloads in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing
4.3
MEDIUM
CVE-2026-2322
< 145.0.7632.45
Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user
5.4
MEDIUM
CVE-2026-2321
< 145.0.7632.45
Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specif
8.8
HIGH
CVE-2026-2320
< 145.0.7632.45
Inappropriate implementation in File input in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user
6.5
MEDIUM
CVE-2026-2319
< 145.0.7632.45
Race in DevTools in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI g
7.5
HIGH
CVE-2026-2318
< 145.0.7632.45
Inappropriate implementation in PictureInPicture in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a
6.5
MEDIUM
CVE-2026-2317
< 145.0.7632.45
Inappropriate implementation in Animation in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to leak cross-origin d
6.5
MEDIUM
CVE-2026-2316
< 145.0.7632.45
Insufficient policy enforcement in Frames in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to perform UI spoofing
6.5
MEDIUM
CVE-2026-2315
< 145.0.7632.45
Inappropriate implementation in WebGPU in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially perform ou
8.8
HIGH
CVE-2026-2314
< 145.0.7632.45
Heap buffer overflow in Codecs in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corru
8.8
HIGH
CVE-2026-2313
< 145.0.7632.45
Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2026-1862
< 144.0.7559.132
Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2026-1861
< 144.0.7559.132
Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corr
8.8
HIGH
CVE-2026-1504
< 144.0.7559.110
Inappropriate implementation in Background Fetch API in Google Chrome prior to 144.0.7559.110 allowed a remote attacker to leak cr
6.5
MEDIUM
CVE-2026-0908
< 144.0.7559.59
Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit heap corruption v
8.8
HIGH
CVE-2026-0907
< 144.0.7559.59
Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a
9.8
CRITICAL
CVE-2026-0906
< 144.0.7559.59
Incorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to spoof the contents of the O
9.8
CRITICAL
CVE-2026-0905
< 144.0.7559.59
Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log fi
9.8
CRITICAL
CVE-2026-0904
< 144.0.7559.59
Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain s
5.4
MEDIUM
CVE-2026-0903
< 144.0.7559.59
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass d
5.4
MEDIUM
CVE-2026-0902
< 144.0.7559.59
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds m
8.8
HIGH
CVE-2026-0901
< 144.0.7559.59
Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to perform UI s
5.4
MEDIUM
CVE-2026-0900
< 144.0.7559.59
Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object
8.8
HIGH
CVE-2026-0899
< 144.0.7559.59
Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object
8.8
HIGH
CVE-2026-0628
< 143.0.7499.192
Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user t
8.8
HIGH
CVE-2025-14766
< 143.0.7499.146
Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2025-14765
< 143.0.7499.146
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2025-14373
< 143.0.7499.109
Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform d
4.3
MEDIUM
CVE-2025-14372
< 143.0.7499.109
Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a san
6.1
MEDIUM
CVE-2025-14174
>= 143.0.7499.41 and < 143.0.7499.110
Out of bounds memory access in ANGLE in Google Chrome on Mac prior to 143.0.7499.110 allowed a remote attacker to perform out of b
8.8
HIGH
CVE-2025-13992
< 139.0.7258.66
Side-channel information leakage in Navigation and Loading in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to by
4.7
MEDIUM
CVE-2025-13721
< 143.0.7499.40
Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via a crafted
7.5
HIGH
CVE-2025-13720
< 143.0.7499.40
Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to p
8.8
HIGH
CVE-2025-13640
< 143.0.7499.40
Inappropriate implementation in Passwords in Google Chrome prior to 143.0.7499.41 allowed a local attacker to bypass authenticatio
3.5
LOW
CVE-2025-13639
< 143.0.7499.40
Inappropriate implementation in WebRTC in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to perform arbitrary read
8.1
HIGH
CVE-2025-13638
< 143.0.7499.40
Use after free in Media Stream in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corru
8.8
HIGH
CVE-2025-13637
< 143.0.7499.40
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user t
4.3
MEDIUM
CVE-2025-13636
< 143.0.7499.40
Inappropriate implementation in Split View in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who convinced a user
4.3
MEDIUM
CVE-2025-13635
< 143.0.7499.40
Inappropriate implementation in Downloads in Google Chrome prior to 143.0.7499.41 allowed a local attacker to perform UI spoofing
4.4
MEDIUM
CVE-2025-13634
< 143.0.7499.40
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass ma
4.4
MEDIUM
CVE-2025-13633
< 143.0.7499.40
Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the re
8.8
HIGH
CVE-2025-13632
< 143.0.7499.40
Inappropriate implementation in DevTools in Google Chrome prior to 143.0.7499.41 allowed an attacker who convinced a user to insta
5.4
MEDIUM
CVE-2025-13631
< 143.0.7499.40
Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform
8.8
HIGH
CVE-2025-13630
< 143.0.7499.40
Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13230
< 142.0.7444.59
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13229
< 142.0.7444.59
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13228
< 142.0.7444.59
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13227
< 142.0.7444.59
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13226
< 142.0.7444.59
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13224
< 142.0.7444.175
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-13223
< 142.0.7444.175
Type Confusion in V8 in Google Chrome prior to 142.0.7444.175 allowed a remote attacker to potentially exploit heap corruption via
8.8
HIGH
CVE-2025-9479
< 133.0.6943.141
Out of bounds read in V8 in Google Chrome prior to 133.0.6943.141 allowed a remote attacker to potentially exploit heap corruption
4.3
MEDIUM
CVE-2025-13107
< 140.0.7339.80
Inappropriate implementation in Compositing in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofi
4.3
MEDIUM
CVE-2025-13102
< 134.0.6998.35
Inappropriate implementation in WebApp Installs in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to pe
4.3
MEDIUM
CVE-2025-13097
< 136.0.7103.59
Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially perform
5.4
MEDIUM
CVE-2024-9126
< 127.0.6533.88
Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engag
7.5
HIGH
CVE-2024-7021
< 124.0.6367.60
Inappropriate implementation in Autofill in Google Chrome on Windows prior to 124.0.6367.60 allowed a remote attacker to perform U
4.3
MEDIUM
CVE-2024-7017
< 126.0.6478.182
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform
7.5
HIGH
CVE-2024-13983
< 136.0.7103.59
Inappropriate implementation in Lens in Google Chrome on iOS prior to 136.0.7103.59 allowed a remote attacker to perform UI spoofi
6.3
MEDIUM
CVE-2024-13178
< 128.0.6613.84
Inappropriate implementation in Fullscreen in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform UI spoofin
4.3
MEDIUM
CVE-2024-11920
< 130.0.6723.92
Inappropriate implementation in Dawn in Google Chrome on Mac prior to 130.0.6723.92 allowed a remote attacker to perform out of bo
4.3
MEDIUM
CVE-2024-11919
< 129.0.6668.58
Inappropriate implementation in Intents in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker to perform UI
4.3
MEDIUM
CVE-2025-13042
< 142.0.7444.162
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.166 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2025-12729
< 142.0.7444.137
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convince
4.2
MEDIUM
CVE-2025-12728
< 142.0.7444.137
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convince
4.2
MEDIUM
CVE-2025-12727
< 142.0.7444.134
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.137 allowed a remote attacker to potentially exploit heap
8.8
HIGH
CVE-2025-12726
< 142.0.7444.134
Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compro
7.5
HIGH
CVE-2025-12725
< 142.0.7444.137
Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bo
8.8
HIGH
CVE-2025-12447
< 142.0.7444.59
Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user
4.2
MEDIUM
CVE-2025-12446
< 142.0.7444.59
Incorrect security UI in SplitView in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engag
4.2
MEDIUM
CVE-2025-12445
< 142.0.7444.59
Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a maliciou
6.5
MEDIUM
CVE-2025-12444
< 142.0.7444.59
Incorrect security UI in Fullscreen UI in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to e
4.2
MEDIUM
CVE-2025-12443
< 142.0.7444.59
Out of bounds read in WebXR in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory r
4.3
MEDIUM
CVE-2025-12441
< 142.0.7444.59
Out of bounds read in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform an out of bounds memory read
4.3
MEDIUM
CVE-2025-12440
< 142.0.7444.59
Inappropriate implementation in Autofill in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to
5.3
MEDIUM
CVE-2025-12439
< 142.0.7444.59
Inappropriate implementation in App-Bound Encryption in Google Chrome on Windows prior to 142.0.7444.59 allowed a local attacker t
5.5
MEDIUM
CVE-2025-12438
< 142.0.7444.59
Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exp
8.8
HIGH
CVE-2025-12437
< 142.0.7444.59
Use after free in PageInfo in Google Chrome prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in spe
7.5
HIGH
CVE-2025-12436
< 142.0.7444.59
Policy bypass in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to install a maliciou
5.9
MEDIUM
CVE-2025-12435
< 142.0.7444.59
Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofi
5.4
MEDIUM
CVE-2025-12434
< 142.0.7444.59
Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in spe
4.2
MEDIUM
CVE-2025-12433
< 142.0.7444.59
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform out of bounds memo
4.3
MEDIUM
CVE-2025-12432
< 142.0.7444.59
Race in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to potentially exploit heap corruption via a crafted
8.8
HIGH
CVE-2025-12431
< 142.0.7444.59
Inappropriate implementation in Extensions in Google Chrome prior to 142.0.7444.59 allowed an attacker who convinced a user to ins
6.5
MEDIUM
CVE-2025-12430
< 142.0.7444.59
Object lifecycle issue in Media in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a cra
7.5
HIGH
CVE-2025-12429
< 142.0.7444.59
Inappropriate implementation in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/wri
8.8
HIGH
CVE-2025-12428
< 142.0.7444.59
Type Confusion in V8 in Google Chrome prior to 142.0.7444.59 allowed a remote attacker to perform arbitrary read/write via a craft
8.8
HIGH
CVE-2025-12911
< 140.0.7339.80
Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofi
4.3
MEDIUM
CVE-2025-12910
< 140.0.7339.80
Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially se
6.2
MEDIUM
CVE-2025-12909
< 140.0.7339.80
Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin
5.3
MEDIUM
CVE-2025-12908
< 140.0.7339.80
Insufficient validation of untrusted input in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attack
5.4
MEDIUM
CVE-2025-12907
< 140.0.7339.80
Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execut
8.8
HIGH
CVE-2025-12906
< 140.0.7339.80
Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofi
5.4
MEDIUM
CVE-2025-12905
< 140.0.7339.80
Inappropriate implementation in Downloads in Google Chrome on Windows prior to 140.0.7339.80 allowed a remote attacker to bypass M
5.4
MEDIUM
CVE-2025-12036
< 142.0.7444.59
Out of bounds memory access in V8 in Google Chrome prior to 141.0.7390.122 allowed a remote attacker to perform out of bounds memo
8.8
HIGH
CVE-2025-11756
< 141.0.7390.107
Use after free in Safe Browsing in Google Chrome prior to 141.0.7390.107 allowed a remote attacker who had compromised the rendere
8.8
HIGH
CVE-2025-11460
< 141.0.7390.65
Use after free in Storage in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to execute arbitrary code via a crafte
8.8
HIGH
CVE-2025-11458
< 141.0.7390.65
Heap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory
8.1
HIGH
CVE-2025-11219
< 141.0.7390.54
Use after free in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds memory
3.1
LOW
CVE-2025-11216
< 141.0.7390.54
Inappropriate implementation in Storage in Google Chrome on Mac prior to 141.0.7390.54 allowed a remote attacker to perform domain
6.3
MEDIUM
CVE-2025-11215
< 141.0.7390.54
Off by one error in V8 in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform an out of bounds memory read v
4.3
MEDIUM
CVE-2025-11213
< 141.0.7390.54
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker who convinced
6.3
MEDIUM
CVE-2025-11212
< 141.0.7390.54
Inappropriate implementation in Media in Google Chrome on Windows prior to 141.0.7390.54 allowed a remote attacker who convinced a
6.3
MEDIUM
CVE-2025-11211
< 141.0.7390.54
Out of bounds read in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform out of bounds
7.5
HIGH
CVE-2025-11210
< 141.0.7390.54
Side-channel information leakage in Tab in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to
5.4
MEDIUM
CVE-2025-11209
< 141.0.7390.54
Inappropriate implementation in Omnibox in Google Chrome on Android prior to 141.0.7390.54 allowed a remote attacker to spoof the
8.2
HIGH
CVE-2025-11208
< 141.0.7390.54
Inappropriate implementation in Media in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who convinced a user to en
6.3
MEDIUM
CVE-2025-11207
< 141.0.7390.54
Side-channel information leakage in Storage in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to perform arbitrary
6.5
MEDIUM
CVE-2025-11206
< 141.0.7390.54
Heap buffer overflow in Video in Google Chrome prior to 141.0.7390.54 allowed a remote attacker to potentially perform a sandbox e
7.1
HIGH
CVE-2025-11205
< 141.0.7390.54
Heap buffer overflow in WebGPU in Google Chrome prior to 141.0.7390.54 allowed a remote attacker who had compromised the renderer
8.8
HIGH
CVE-2025-10892
< 140.0.7339.207
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption v
8.8
HIGH
CVE-2025-10891
< 140.0.7339.207
Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption v
8.8
HIGH
CVE-2025-10890
< 140.0.7339.207
Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin dat
9.1
CRITICAL
CVE-2025-10585
< 140.0.7339.185
Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via
9.8
CRITICAL
CVE-2025-10502
< 140.0.7339.185
Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corru
8.8
HIGH
CVE-2025-10501
< 140.0.7339.185
Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption
8.8
HIGH
CVE-2025-10500
< 140.0.7339.185
Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption v
8.8
HIGH
CVE-2025-10201
< 140.0.7339.127
Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacke
8.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin