Skip to main content
CVE-2026-9880 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 enables a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that abuses insufficient input validation in WebGL. Chromium rates the underlying severity as Critical, and while no public exploit is identified at time of analysis, the EPSS score is low (0.04%, 14th percentile) and the CVSS:3.1 base is 8.3 due to high attack complexity and required user interaction. The flaw is part of a multi-stage exploit chain rather than a one-shot RCE.

Google Information Disclosure Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-10017 HIGH PATCH This Week

Sandbox escape in Google Chrome's Headless component prior to version 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is an out-of-bounds read (CWE-125) reported by the Chrome team itself; no public exploit is identified at the time of analysis and EPSS is very low (0.03%), but the high CVSS (8.3) reflects scope-changed sandbox escape impact.

Google Information Disclosure Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-10012 HIGH PATCH This Week

Sandbox escape in Google Chrome's Skia graphics library prior to version 148.0.7778.216 allows remote attackers who have already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free memory corruption issue rated High by Chromium, with a patch shipped through the Stable channel and no public exploit identified at time of analysis. EPSS probability is very low (0.03%) and the CVE is not on the CISA KEV list, indicating no observed in-the-wild exploitation despite the serious technical impact.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-10001 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a use-after-free in the PerformanceManager component triggered by a crafted HTML page. Exploitation requires user interaction (visiting a malicious page) and a pre-existing renderer compromise, and while no public exploit has been identified at time of analysis, EPSS rates exploitation probability as low (0.03%, 11th percentile). The flaw is rated High severity by Chromium and carries a CVSS 3.1 score of 8.3 due to the scope-changing nature of a sandbox escape.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-10000 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out via a use-after-free in the Passwords component, delivered through a crafted HTML page. Exploitation requires user interaction and high attack complexity, and no public exploit identified at time of analysis, though Google rates the underlying Chromium severity as High and a vendor patch is available.

Use After Free Memory Corruption Google Microsoft Denial Of Service +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9998 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 enables remote attackers who have already compromised the renderer process to break out of the browser sandbox via an integer overflow in the Skia graphics library. Exploitation requires a crafted HTML page and user interaction, and while a patch is available from Google, there is no public exploit identified at time of analysis and EPSS scoring (0.03%) indicates low near-term exploitation probability.

Google Buffer Overflow Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9997 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a use-after-free in the Input component. Chromium rates the severity as High and CVSS scores it 8.3, but EPSS estimates exploitation probability at only 0.03% (11th percentile) and no public exploit identified at time of analysis. The flaw is a chained-exploitation primitive rather than a standalone RCE, requiring an attacker to first achieve renderer code execution before leveraging this bug.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9994 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a use-after-free in the Core component. Google rates this Chromium severity as High, and a vendor patch is available; no public exploit identified at time of analysis, and EPSS is very low (0.03%, 11th percentile). Exploitation requires a chained renderer compromise plus user interaction, so it is a meaningful second-stage primitive rather than a one-shot drive-by RCE.

Use After Free Memory Corruption Google Microsoft Denial Of Service +3
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9993 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox by serving a crafted PDF file that triggers a use-after-free in the Views component. Chromium rates the severity as High and Google has shipped a fixed Stable channel build, but no public exploit is identified at time of analysis and EPSS exploitation probability is very low (0.03%, 11th percentile). The bug is a second-stage primitive - it requires an existing renderer compromise plus user interaction with a malicious PDF, which is the typical shape of a Chrome exploit chain.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9975 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 is possible through an out-of-bounds read and write vulnerability in the ANGLE graphics translation layer. An attacker who has already compromised the renderer process can leverage a crafted HTML page to break out of Chrome's sandbox and potentially execute code at a higher privilege level. No public exploit identified at time of analysis, and EPSS is very low at 0.03%, but Google rates the underlying Chromium severity as High.

Google Buffer Overflow Information Disclosure Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9974 HIGH PATCH This Week

Sandbox escape in Google Chrome's GPU process prior to version 148.0.7778.216 allows remote attackers who have already compromised the renderer process to break out of the Chromium sandbox via a crafted HTML page. The flaw is an out-of-bounds write (CWE-787) rated High by Chromium with CVSS 8.3, and while a vendor patch is available, no public exploit identified at time of analysis and EPSS is very low at 0.03%.

Google Memory Corruption Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9972 HIGH PATCH This Week

Sandbox escape in Google Chrome on macOS prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page targeting the Gamepad component. The flaw is rated High by Chromium and carries a CVSS 8.3 (AV:N/AC:H/PR:N/UI:R/S:C), but EPSS is only 0.03% (11th percentile) and no public exploit identified at time of analysis. The bug is a second-stage primitive in a multi-stage exploit chain rather than a standalone RCE.

Google Information Disclosure Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9966 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers an integer overflow in XML handling. The flaw is rated Chromium High severity with CVSS 8.3 and requires user interaction plus a chained renderer compromise; no public exploit identified at time of analysis and EPSS is very low at 0.03%.

Google Microsoft Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9951 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 enables remote attackers to break out of the renderer process sandbox by enticing a user to visit a crafted HTML page that triggers a use-after-free condition in the UI component. Chromium rates the severity as High, and a vendor patch is available; no public exploit identified at time of analysis and EPSS exploitation probability is currently very low (0.03%, 11th percentile).

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9949 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows before 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page leveraging a use-after-free in Core. The flaw is rated High by Chromium and carries CVSS 8.3, but EPSS is very low (0.03%) and no public exploit identified at time of analysis, so it is most relevant as the second stage of a multi-bug exploit chain rather than a standalone entry vector.

Use After Free Memory Corruption Google Microsoft Denial Of Service +3
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9948 HIGH PATCH This Week

Sandbox escape in Google Chrome on macOS before 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a use-after-free in the Views UI component. The flaw is rated High severity by Chromium and carries a CVSS 8.3 due to scope change, but EPSS is only 0.03% and there is no public exploit identified at time of analysis. Exploitation is realistic only as the second stage of a chained renderer compromise rather than a standalone drive-by attack.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9946 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 stems from a use-after-free condition in the ANGLE graphics translation layer that lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. Google rates this High severity and a vendor patch is available, but EPSS scoring (0.03%, 11th percentile) is low and no public exploit identified at time of analysis, suggesting it has not yet been weaponized broadly.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9937 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a use-after-free flaw in the UI component, triggered by a crafted HTML page. Chromium rates this High severity and a vendor patch is available, though no public exploit has been identified at time of analysis and EPSS exploitation probability is very low (0.03%, 11th percentile).

Use After Free Memory Corruption Google Microsoft Denial Of Service +3
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9936 HIGH PATCH This Week

Sandbox escape in Google Chrome on macOS prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the GPU/GFX sandbox via a crafted HTML page, leveraging a use-after-free condition. The flaw is rated High severity by Chromium (CVSS 8.3) and requires user interaction plus a chained renderer compromise; no public exploit identified at time of analysis and EPSS exploitation probability is very low (0.03%).

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9932 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the renderer sandbox via a use-after-free in the ANGLE graphics layer. Exploitation requires user interaction (visiting a crafted HTML page) and a pre-existing renderer compromise, so it functions as the second stage of an exploit chain rather than a standalone RCE. No public exploit identified at time of analysis and EPSS is very low (0.03%), but Chrome rates the underlying flaw as High severity.

Use After Free Memory Corruption Google Microsoft Denial Of Service +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9931 HIGH PATCH This Week

Sandbox escape in Google Chrome's GPU process prior to version 148.0.7778.216 lets a remote attacker who has already gained code execution inside the renderer process break out of Chrome's sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High by Chromium and carries CVSS 8.3 (AV:N/AC:H/PR:N/UI:R/S:C). EPSS is very low (0.03%), and there is no public exploit identified at time of analysis, but the bug is part of a stable-channel security release shipped by Google.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9925 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 enables remote attackers, who have already compromised the renderer process, to break out of the browser sandbox via a use-after-free flaw in the ANGLE graphics translation layer. Exploitation requires user interaction (visiting a crafted HTML page) and a prior renderer compromise, making this a second-stage primitive in a chained attack. EPSS is low at 0.03% and there is no public exploit identified at time of analysis, though Google rates the underlying Chromium severity as High.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9916 HIGH PATCH This Week

Out-of-bounds write in the ANGLE graphics translation layer in Google Chrome before 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to potentially escape the Chrome sandbox via a crafted HTML page. The flaw is rated High severity by Chromium and chained exploitation could lead to code execution outside the renderer sandbox, though no public exploit identified at time of analysis and EPSS estimates only a 0.03% near-term exploitation probability.

Google Memory Corruption Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9906 HIGH PATCH This Week

Sandbox escape in Google Chrome before 148.0.7778.216 enables a remote attacker who has already compromised the renderer process to break out of Chrome's sandbox through an out-of-bounds write in the GPU process triggered by a crafted HTML page. Google rates the Chromium security severity as High and a vendor patch is available, but no public exploit has been identified at time of analysis and EPSS exploitation probability is low at 0.03% (11th percentile).

Google Memory Corruption Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9905 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting a use-after-free in the Accessibility component. Chromium rates the severity as High and a vendor patch is available, but no public exploit has been identified at time of analysis and EPSS exploitation probability remains very low at 0.03%.

Use After Free Memory Corruption Google Microsoft Denial Of Service +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9904 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 stems from a use-after-free condition in the ANGLE graphics translation layer, triggered when a victim visits a crafted HTML page. Remote attackers can potentially break out of Chrome's renderer sandbox to gain broader access on the host system. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.03% (11th percentile), though the Chromium team rated severity as High.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9902 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page that triggers a use-after-free in the Accessibility component. Chromium rates the issue High severity and a vendor patch is available, though no public exploit identified at time of analysis and EPSS exploitation probability is currently low (0.03%, 11th percentile).

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9900 HIGH PATCH This Week

Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of Chrome's sandbox via a crafted HTML page. Rated High severity by Chromium with a CVSS of 8.3, the issue is patched but no public exploit has been identified at time of analysis, and EPSS exploitation probability is low (0.03%, 11th percentile).

Google Memory Corruption Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9899 HIGH PATCH This Week

Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High severity by Chromium with a CVSS score of 8.3, but EPSS exploitation probability is currently very low at 0.03% and no public exploit has been identified at time of analysis.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9895 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via an out-of-bounds read in the GPU process triggered by a crafted HTML page. Google rates the underlying issue as High severity, and while a vendor patch is shipped, EPSS shows only 0.03% (11th percentile) exploitation probability and no public exploit code or active exploitation has been identified at the time of analysis.

Google Information Disclosure Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9894 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of Chrome's sandbox via a use-after-free in the GPU process. Chrome rates the underlying memory corruption as High severity, and while no public exploit identified at time of analysis, the bug is part of a chained-exploit class historically weaponized against browsers. EPSS is very low (0.03%) reflecting the prerequisite of an already-compromised renderer rather than a direct one-shot RCE.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9893 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the Chromium sandbox via a crafted HTML page that triggers a use-after-free in the Skia graphics library. Google rated this Critical internally, though no public exploit identified at time of analysis and EPSS scores exploitation probability at just 0.03% (11th percentile). The flaw requires chaining with a separate renderer compromise, so it is a second-stage primitive rather than a single-shot RCE.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9892 HIGH PATCH This Week

Sandbox escape in Google Chrome on Android prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page exploiting an inappropriate implementation in the Skia graphics library. Chromium rates the underlying issue as Critical severity, though no public exploit is identified at time of analysis and EPSS is very low at 0.03%. This is a chain-stage bug - exploitation requires a pre-existing renderer compromise, making it valuable as the second link in a full Android browser exploit chain rather than a standalone vector.

Privilege Escalation Google Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9890 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page targeting the XR (WebXR) component. The flaw is a use-after-free rated Critical by Chromium and CVSS 8.3 (AV:N/AC:H/PR:N/UI:R/S:C); no public exploit identified at time of analysis and EPSS is low at 0.03%, but the bug forms a key link in a multi-stage browser exploit chain.

Use After Free Memory Corruption Google Microsoft Denial Of Service +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9889 HIGH PATCH This Week

Sandbox escape in Google Chrome on Android prior to 148.0.7778.216 allows a remote attacker to break out of the renderer sandbox by serving a crafted HTML page that triggers an out-of-bounds read and write in the Dawn WebGPU implementation. Chromium rates the underlying issue as Critical severity, and CVSS 8.3 with scope change reflects the cross-boundary impact, though EPSS is low at 0.03% and no public exploit has been identified at time of analysis.

Google Information Disclosure Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9877 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 enables a remote attacker who has already compromised the renderer process to break out of Chrome's sandbox via a use-after-free flaw in the ANGLE graphics translation layer. Exploitation requires user interaction with a crafted HTML page and is typically chained with a separate renderer-compromise bug. No public exploit identified at time of analysis, and EPSS is very low (0.03%), though Google rated the underlying issue Critical severity.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-10014 HIGH PATCH This Week

Sandbox escape in Google Chrome on Android prior to 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page that triggers a use-after-free in the WebMIDI component. Chromium rates the severity High, and a vendor patch is available; no public exploit is identified at time of analysis and EPSS is very low at 0.03%.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9988 HIGH PATCH This Week

Sandbox escape in Google Chrome on Linux prior to 148.0.7778.216 allows remote attackers to leverage a WebRTC use-after-free condition through a crafted HTML page to break out of the renderer sandbox. The flaw was reported by the Chrome security team and rated High severity by Chromium, with no public exploit identified at time of analysis and an EPSS score of 0.03% (10th percentile) suggesting low near-term exploitation likelihood. Successful exploitation requires user interaction (visiting a malicious page) and high attack complexity, but the scope-changing impact (S:C) and full CIA compromise make it a meaningful browser-targeted risk.

Google Use After Free Denial Of Service Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9970 HIGH PATCH This Week

Sandbox escape in Google Chrome's WebGL component (versions prior to 148.0.7778.216) allows a remote attacker who has already compromised the renderer process to break out of the sandbox via a crafted HTML page. The flaw is a use-after-free memory corruption issue rated High severity by Chromium, requiring user interaction (visiting a page) and a prior renderer compromise, making it a second-stage exploit primitive. No public exploit identified at time of analysis, and EPSS exploitation probability is very low at 0.03%.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9926 HIGH PATCH This Week

Sandbox escape in Google Chrome versions prior to 148.0.7778.216 leverages a heap buffer overflow in the ANGLE graphics translation layer, enabling attackers who have already compromised the renderer process to break out of Chrome's sandbox via a crafted HTML page. Chromium rates the severity as High and CVSS scores it at 8.3, though EPSS remains very low at 0.03% and no public exploit has been identified at time of analysis.

Google Heap Overflow Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9924 HIGH PATCH This Week

Sandbox escape in Google Chrome on Windows before 148.0.7778.216 lets a remote attacker who has already compromised the renderer process break out of the Chrome sandbox via a crafted HTML page that triggers a heap buffer overflow in ANGLE. The flaw carries CVSS 8.3 (High) and is rated Chromium-severity High, but EPSS is only 0.03% and there is no public exploit identified at time of analysis. Patched in the Stable channel update announced by Google on the Chrome Releases blog.

Google Heap Overflow Microsoft Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9915 HIGH PATCH This Week

Sandbox escape in Google Chrome's ANGLE graphics layer prior to version 148.0.7778.216 allows a remote attacker who has already compromised the renderer process to break out of the browser sandbox via a crafted HTML page. Rated High by Chromium with CVSS 8.3 (scope-changed) and CWE-122 heap buffer overflow; no public exploit identified at time of analysis and EPSS is very low (0.03%), but the vulnerability is in the second-stage chain typically combined with a renderer RCE.

Google Heap Overflow Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-9888 HIGH PATCH This Week

Sandbox escape in Google Chrome for Android versions prior to 148.0.7778.216 enables a remote attacker who has already compromised the renderer process to break out of the sandbox via a use-after-free flaw in the WebView component. Chromium rates the severity as Critical, and a vendor patch is available; no public exploit identified at time of analysis and EPSS is very low (0.03%, 10th percentile), but the chained-exploit potential against mobile users makes prompt patching important.

Google Use After Free Denial Of Service Memory Corruption Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.0%
CVE-2026-45756 HIGH PATCH GHSA This Week

Denial of service in the Symfony JsonPath component (json-path 7.3.0-7.4.11 and 8.0.0-8.0.11) lets remote attackers exhaust CPU and worker capacity when an application evaluates attacker-influenced JSONPath expressions server-side. The match()/search() filter functions compile caller-supplied patterns directly into preg_match() with no length cap, i-regexp restriction, or backtracking bound, so a crafted pattern like $[?search(@, "(a+)+$")] triggers catastrophic backtracking that pins a core for seconds per request. There is no public exploit identified at time of analysis and EPSS is very low (0.08%), but the pathological pattern is disclosed in the advisory and the fix is available in 7.4.12 and 8.0.12.

PHP Denial Of Service
NVD GitHub
CVSS 4.0
8.2
EPSS
0.1%
CVE-2026-44358 HIGH PATCH This Week

Untrusted search path in Espressif's shared-github-dangerjs GitHub Action prior to 1.0.1 allows a fork pull request, when processed by a pull_request_target workflow, to substitute attacker-controlled binaries and Node.js modules for the action's own code. Exploitation yields code execution inside the action container with access to repository secrets and write-scoped GITHUB_TOKEN, with no public exploit identified at time of analysis.

Node.js Information Disclosure
NVD GitHub VulDB
CVSS 3.1
8.2
EPSS
0.0%
CVE-2026-45344 HIGH PATCH This Week

Remote code execution in LinkAce self-hosted link archive versions prior to 2.5.6 allows unauthenticated remote attackers to inject arbitrary mail configuration variables into the application's .env file via the initial setup database configuration flow, leading to command execution when the application subsequently sends mail. The flaw, classified as CWE-74 injection, affects instances that have not yet completed the setup wizard and carries a CVSS 8.1 (High). No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Code Injection Linkace
NVD GitHub
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-9095 HIGH This Week

Authentication bypass in Casdoor (versions ≤2.362.0) allows remote attackers to replay captured SAML assertions to hijack any user account, including administrators, without credentials or MFA. The SAML service provider implementation lacks assertion ID caching, OneTimeUse condition enforcement, and any form of replay detection, making any intercepted assertion indefinitely reusable. No public exploit identified at time of analysis, but the vulnerability was disclosed via CERT/CC (VU#780781), indicating coordinated vendor notification.

Denial Of Service Casdoor
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-46828 HIGH This Week

Unauthorized data access and modification in Oracle Payroll (a module of Oracle E-Business Suite) versions 12.2.3 through 12.2.15 allows a low-privileged authenticated attacker with HTTP network access to read, create, delete, or modify any data accessible to the Oracle Payroll application. The flaw carries a CVSS 8.1 due to high confidentiality and integrity impact with low attack complexity, but no public exploit identified at time of analysis and it is not listed in CISA KEV. The advisory was published as part of Oracle's Critical Patch Update cycle (CPU May 2026).

Authentication Bypass Oracle
NVD
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-35277 HIGH This Week

Unauthorized data access and modification in Oracle REST Data Services (ORDS) versions 24.2.0 through 26.1.0 allows low-privileged remote attackers to read, create, modify, or delete any data accessible via the service. The flaw is network-reachable over HTTPS with low attack complexity (CVSS 8.1) and was disclosed by Oracle in the May 2026 Critical Patch Update. No public exploit has been identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Authentication Bypass Oracle
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-46232 HIGH PATCH This Week

Out-of-bounds read in the Linux kernel's HID PlayStation driver (dualshock4_parse_report) allows an adjacent attacker with a malicious or spoofed DualShock 4 controller to read up to ~2 KiB beyond the touch_reports array and have portions of that data emitted through evdev. The flaw stems from the driver trusting the device-supplied num_touch_reports field without bounds checking, enabling potential kernel memory disclosure and denial of service. EPSS is very low (0.02%, 5th percentile) and there is no public exploit identified at time of analysis, but an upstream fix is available.

Linux Information Disclosure
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
Prev Page 3 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy