Skip to main content

Chrome

3936 CVEs product

Monthly

CVE-2025-68710 LOW Monitor

PIN lock bypass in Easyelife App Lock 1.9.2 for Android allows a local attacker with physical device access to reach applications that were supposedly secured behind a PIN. The root cause is architectural: the lock is implemented as a UI overlay rather than through Android's native secure authentication APIs (BiometricPrompt, KeyguardManager), meaning it can be circumvented by triggering advertisement or browser intents that cause the app to navigate cascading activity flows, effectively routing around the overlay. EPSS is very low at 0.05% (16th percentile), no public exploit is confirmed in CISA KEV, and a researcher disclosure with likely proof-of-concept steps is publicly available on GitHub.

Google Information Disclosure Privilege Escalation N A Chrome
NVD GitHub
CVSS 3.1
2.4
EPSS
0.1%
CVE-2025-68708 LOW Monitor

PIN lock bypass in SailingLab AppLock 4.3.8 for Android exposes protected applications to anyone with brief physical device access. The root cause is architectural: the lock is implemented as a screen overlay rather than through Android's secure authentication APIs, meaning the underlying apps remain accessible via exposed intent routes triggered through advertisement or browser interactions. An attacker with physical access can navigate cascading UI flows to dismiss or circumvent the overlay entirely, gaining access to locked apps such as Chrome, resulting in information disclosure and unintended privilege escalation. No public exploit is confirmed in CISA KEV, but a researcher disclosure is publicly available on GitHub, and EPSS is negligible at 0.04% (11th percentile), consistent with the physical-access-only attack vector.

Information Disclosure Privilege Escalation Google N A Chrome
NVD GitHub
CVSS 3.1
2.4
EPSS
0.0%
CVE-2025-68711 LOW Monitor

Physical-access PIN lock bypass in AppLockZ 4.2.11 for Android exposes protected applications to unauthorized access without valid credentials. The root cause is architectural: the lock mechanism is implemented as a UI overlay rather than through Android's secure authentication APIs, leaving it vulnerable to circumvention via exposed activity routes reachable through advertisement or browser intents. An attacker with physical possession of the device can navigate cascading interface flows to evade lockscreen verification and access apps protected by AppLockZ (e.g., Chrome), resulting in information disclosure. No active exploitation is confirmed in CISA KEV, and the EPSS score of 0.04% reflects minimal real-world exploitation probability at this time.

Information Disclosure Privilege Escalation Google N A Chrome
NVD GitHub
CVSS 3.1
2.4
EPSS
0.0%
CVE-2026-9124 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome prior to 148.0.7778.179 exposes sensitive information to attackers who have already achieved renderer process compromise. The flaw stems from insufficient input validation (CWE-20) in Chrome's Input handling, enabling a crafted HTML page to exfiltrate data across origin boundaries. No active exploitation is confirmed - SSVC assigns exploitation status 'none' and the vulnerability is not listed in CISA KEV - but the confidentiality impact is rated High by CVSS, warranting prompt patching.

Information Disclosure Google Chrome
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-9123 HIGH PATCH This Week

Heap buffer overflow in the Chromecast component of Google Chrome on Android, Linux, and ChromeOS prior to version 148.0.7778.179 allows an adjacent-network attacker to execute arbitrary code within the renderer sandbox via malicious network traffic. Google's Chrome team reported the issue with a Medium severity rating, and no public exploit identified at time of analysis. The vulnerability requires adjacent network positioning rather than full internet-based access, limiting practical exploitation to attackers on the same local network segment.

Google Buffer Overflow RCE Heap Overflow Chrome
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-9122 MEDIUM PATCH This Month

Out-of-bounds read in the GPU process of Google Chrome on macOS prior to 148.0.7778.179 exposes potentially sensitive data from process memory to remote attackers. Exploitation requires a victim to visit a crafted HTML page (CVSS UI:R), limiting automation potential - consistent with SSVC's 'Automatable: no' determination. No public exploit identified at time of analysis and CISA has not added this to the Known Exploited Vulnerabilities catalog; Chrome's own severity rating is Medium.

Information Disclosure Google Buffer Overflow Chrome
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-9121 HIGH PATCH This Week

Heap corruption in Google Chrome's GPU component prior to version 148.0.7778.179 allows remote attackers to exploit an out-of-bounds read via a crafted HTML page, potentially leading to arbitrary code execution or information disclosure within the renderer context. The flaw carries a CVSS 8.8 (High) rating due to network reachability and high impact across confidentiality, integrity, and availability, though exploitation requires user interaction (visiting a malicious page). There is no public exploit identified at time of analysis, and CISA SSVC marks exploitation status as 'none', suggesting opportunistic rather than active targeting.

Information Disclosure Google Buffer Overflow Suse Red Hat +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9126 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 148.0.7778.179 allows a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page that triggers a use-after-free in the DOM implementation. The flaw requires user interaction (visiting a malicious page) but no authentication, and while Chromium rates its security severity as Medium, the CVSS 3.1 base score of 8.8 reflects high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Google RCE Denial Of Service Use After Free Memory Corruption +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9120 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 148.0.7778.179 stems from a use-after-free flaw in the WebRTC component, enabling a remote attacker to run arbitrary code when a victim visits a crafted HTML page. Chromium rates the severity as High and the CVSS 3.1 score is 8.8, but exploitation requires user interaction (UI:R); no public exploit identified at time of analysis.

Google RCE Denial Of Service Use After Free Memory Corruption +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9119 HIGH PATCH This Week

Heap buffer overflow in the WebRTC component of Google Chrome before 148.0.7778.179 allows remote attackers to execute arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. The flaw was reported by Chrome's internal security team, has a patched stable channel build available, and carries a CVSS 8.8 score with no public exploit identified at time of analysis. SSVC currently rates exploitation as 'none' but technical impact as 'total', reflecting full compromise of the affected process if triggered.

Google Buffer Overflow RCE Heap Overflow Suse +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9118 HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to 148.0.7778.179 stems from a use-after-free flaw in the XR (WebXR) component, enabling a remote attacker to run arbitrary code in the renderer process by enticing a user to visit a crafted HTML page. Chromium rates the issue High severity and CVSS scores it 8.8; no public exploit identified at time of analysis and SSVC reports exploitation status as none. A vendor patch is available via the Stable Channel update referenced in the Chrome Releases advisory.

Microsoft Google RCE Denial Of Service Use After Free +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9117 HIGH PATCH This Week

Sandbox escape in Google Chrome (Linux and ChromeOS) prior to 148.0.7778.179 allows a remote attacker who has already compromised the renderer process to break out via a crafted video file processed by the GFX component. The flaw is a type confusion (CWE-843) rated High severity by Chromium, with no public exploit identified at time of analysis and SSVC indicating exploitation has not been observed. It requires user interaction and chained exploitation of a prior renderer compromise, which raises the bar despite the High CVSS of 7.5.

Memory Corruption Information Disclosure Google Suse Red Hat +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-9116 MEDIUM PATCH This Month

ServiceWorker policy enforcement failure in Google Chrome prior to version 148.0.7778.179 enables unauthenticated remote attackers to leak cross-origin data by luring a victim to a crafted HTML page. The vulnerability stems from Chrome's ServiceWorker layer failing to adequately enforce isolation boundaries (CWE-693), allowing a malicious origin to read data it should not have access to under the same-origin policy. No public exploit identified at time of analysis, and the CVSS score of 4.3 reflects limited confidentiality impact; however, the zero-privilege, network-accessible attack vector means any Chrome user browsing a malicious page could be affected.

Information Disclosure Google Suse Red Hat Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-9115 MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Service Worker subsystem (all versions prior to 148.0.7778.179) allows remote unauthenticated attackers to read cross-origin data by luring a victim to a crafted HTML page. The flaw originates from insufficient policy enforcement (CWE-693) within the Service Worker layer, enabling unauthorized access to confidential data across origins. No public exploit code has been identified and no active exploitation is confirmed; Google has shipped a fix in stable channel version 148.0.7778.179.

Google Authentication Bypass Suse Red Hat Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-9114 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 148.0.7778.179 stems from a use-after-free condition in the QUIC networking stack, allowing remote attackers to execute arbitrary code within the browser sandbox via malicious network traffic. Exploitation requires user interaction (visiting a malicious site or processing attacker-controlled QUIC traffic), and no public exploit has been identified at time of analysis. Chromium rates this as High severity, and a vendor patch is available.

Google RCE Denial Of Service Use After Free Memory Corruption +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9113 MEDIUM PATCH This Month

Out-of-bounds memory read in the GPU component of Google Chrome on macOS exposes process memory to remote attackers via a crafted HTML page. Affected versions are all Chrome releases prior to 148.0.7778.179 on Mac; Windows and Linux are not identified as affected. No public exploit or active exploitation has been identified at time of analysis, and SSVC confirms exploitation status as none with non-automatable attack delivery.

Information Disclosure Google Buffer Overflow Suse Red Hat +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-9112 HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to version 148.0.7778.179 stems from a use-after-free condition in the GPU component, enabling a remote attacker to run arbitrary code within the renderer sandbox after the victim loads a crafted HTML page. Google has rated the issue High severity and shipped a fix; no public exploit identified at time of analysis and SSVC indicates exploitation status 'none' despite total technical impact.

Microsoft Google RCE Denial Of Service Use After Free +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-9110 MEDIUM PATCH This Month

UI spoofing in Google Chrome on Windows (prior to 148.0.7778.179) enables a remote attacker who has already achieved renderer process compromise to deceive end users through a crafted HTML page, exploiting CWE-451 (UI Misrepresentation of Critical Information). Affected users on Windows running any Chrome version below 148.0.7778.179 are exposed to potential phishing or credential-harvesting scenarios dressed up as legitimate browser UI. No public exploit code or CISA KEV listing exists at time of analysis, but the Chromium team assigned a Critical internal severity - a meaningful contrast with the NVD CVSS score of 4.2 - suggesting the spoofing potential carries downstream risk beyond what the base score reflects.

Microsoft Information Disclosure Google Suse Red Hat +1
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-9111 HIGH PATCH This Week

Remote code execution in Google Chrome on Linux before 148.0.7778.179 stems from a use-after-free flaw in the WebRTC component, allowing a remote attacker who lures a victim to a crafted HTML page to execute arbitrary code in the renderer process. Chromium rates the severity as Critical and a vendor patch is available, though there is no public exploit identified at time of analysis and SSVC indicates no observed exploitation. The CVSS 8.8 score reflects high impact across confidentiality, integrity, and availability with required user interaction (visiting a page).

Google RCE Denial Of Service Use After Free Memory Corruption +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-45727 PyPI HIGH PATCH GHSA This Week

Arbitrary directory deletion in CloakBrowser's cloakserve CDP multiplexer (pip package cloakbrowser <= 0.3.27) allows unauthenticated network attackers to delete directories accessible to the service user by supplying path traversal sequences in the fingerprint query parameter. The service binds to 0.0.0.0 by default, dramatically widening exposure, and no public exploit identified at time of analysis though the vulnerability is trivially reproducible from the published advisory.

Path Traversal Google Chrome
NVD GitHub
CVSS 4.0
8.8
EPSS
0.1%
CVE-2026-45351 PyPI MEDIUM PATCH GHSA This Month

Open WebUI versions up to 0.8.8 expose admin-configured system prompts to authenticated regular (non-admin) users through the /api/models API endpoint, allowing information disclosure of sensitive model instructions and internal configuration details. The vulnerability requires valid user authentication but no administrative privileges, enabling any authenticated user to retrieve confidential system prompts via a simple HTTP GET request. This is confirmed actively exploited in production deployments with a publicly available proof-of-concept.

Mozilla Apple Information Disclosure Google Chrome
NVD GitHub VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8587 HIGH PATCH This Week

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-8586 MEDIUM PATCH This Month

Discretionary access control bypass in Chrome Remote Desktop (Chromoting) allows adjacent network attackers to achieve limited confidentiality, integrity, and availability impact through a malicious file requiring user interaction. Google released Chrome 148.0.7778.168 to address this medium-severity flaw. EPSS score of 0.01% (1st percentile) and CISA SSVC assessment indicate low real-world exploitation probability with no observed exploitation activity. The adjacent network attack vector (AV:A) significantly constrains attacker positioning compared to typical remote vulnerabilities.

Google Authentication Bypass Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-8585 HIGH PATCH This Week

Out-of-bounds memory read in Google Chrome on iOS versions before 148.0.7778.168 enables remote attackers to access sensitive memory contents through a compromised renderer process. The vulnerability requires user interaction to visit a malicious webpage and exploitation of a prior renderer compromise. With EPSS at 0.03% and no known active exploitation, this represents a moderate risk primarily in targeted attack chains.

Google Information Disclosure Apple Suse Chrome
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8584 MEDIUM PATCH This Month

Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Apple Google Information Disclosure Suse Chrome
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-8583 MEDIUM PATCH This Month

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-8582 MEDIUM PATCH This Month

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-8581 HIGH PATCH This Week

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8580 CRITICAL PATCH Act Now

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
9.6
EPSS
0.1%
CVE-2026-8579 LOW PATCH Monitor

Out-of-bounds memory write in Google Chrome's Skia graphics library (versions prior to 148.0.7778.168) enables attackers with an already-compromised renderer process to escalate privileges via malicious print files. This represents a sandbox escape vulnerability requiring high attack complexity and user interaction (printing or opening a crafted print file). While CVSS rates this 3.1 (Low), the real-world risk depends on the attacker already having achieved renderer compromise — making this a second-stage attack vector. No active exploitation confirmed (EPSS 0.05%, not in CISA KEV), but vendor patch available as of Chrome 148.0.7778.168.

Google Information Disclosure Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8578 LOW PATCH Monitor

Google Chrome on Linux versions prior to 148.0.7778.168 suffers from an out-of-bounds read vulnerability in GPU processing that enables cross-origin data leakage. An attacker who has already compromised the renderer process can craft malicious HTML to read sensitive memory beyond allocated bounds, exposing data from other origins that should be isolated by the browser's same-origin policy. EPSS exploitation probability is very low (0.03%, 10th percentile) and no active exploitation or public POC has been identified. Google rates this Medium severity and released patch 148.0.7778.168 to address the issue.

Google Buffer Overflow Information Disclosure Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8577 HIGH PATCH This Week

Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8576 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome on Linux and ChromeOS allows remote attackers to read sensitive data from other origins via malicious HTML pages exploiting flawed CORS implementation. Affects versions prior to 148.0.7778.168. Google released a patch in their May 2026 stable channel update. EPSS score of 0.03% (10th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV). SSVC assessment indicates no current exploitation, non-automatable attack requiring user interaction, with partial technical impact limited to confidentiality breach.

Google Cors Misconfiguration Information Disclosure Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8575 HIGH PATCH This Week

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8574 HIGH PATCH This Week

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Microsoft Use After Free Memory Corruption Google +3
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8573 HIGH PATCH This Week

Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)

Microsoft Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8572 LOW PATCH Monitor

Cross-origin data leakage in Google Chrome on Android allows compromised renderer processes to access sensitive information from other sites via malicious HTML pages. Affects Chrome versions prior to 148.0.7778.168 on Android platforms. Attack requires high complexity (user interaction with crafted content) and prior renderer compromise, limiting practical exploitation. EPSS score of 0.03% (10th percentile) and SSVC assessment indicating no active exploitation align with the limited real-world risk profile despite the cross-origin information disclosure capability.

Google Information Disclosure Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8571 HIGH PATCH This Week

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8570 MEDIUM PATCH This Month

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Memory Corruption Google Red Hat Suse +1
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8569 HIGH PATCH This Week

Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)

Google Memory Corruption Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8568 LOW PATCH Monitor

Site Isolation bypass in Google Chrome prior to 148.0.7778.168 allows remote attackers who have already compromised the renderer process to access cross-site data via crafted HTML pages. The vulnerability affects Chrome's AI policy enforcement, enabling a second-stage attack after initial renderer compromise. Attack complexity is high, requiring both initial renderer compromise and user interaction. EPSS score of 0.02% indicates very low exploitation probability, and no active exploitation or public POC has been identified. Vendor patch is available in Chrome 148.0.7778.168.

Google Authentication Bypass Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8567 MEDIUM PATCH This Month

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)

Microsoft Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8566 MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome's Android payment implementation allows remote attackers to bypass access control restrictions through specially crafted HTML pages, affecting Chrome versions prior to 148.0.7778.168 on Android. The vulnerability requires user interaction (visiting a malicious page) but can be exploited remotely without authentication. EPSS exploitation probability is low (0.02%, 4th percentile), and a vendor-released patch is available. While tagged as an authentication bypass, the CVSS impact indicates only low integrity compromise with no confidentiality or availability impact.

Google Authentication Bypass Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8565 MEDIUM PATCH This Month

Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2026-8564 MEDIUM PATCH This Month

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.2
EPSS
0.1%
CVE-2026-8563 MEDIUM PATCH This Month

Navigation restrictions can be bypassed in Google Chrome for Windows versions prior to 148.0.7778.168 when attackers craft malicious HTML pages that exploit insufficient sandbox policy enforcement in iframe elements. User interaction (opening/visiting the crafted page) is required for exploitation. Google released a patched version addressing this medium-severity flaw. With EPSS exploitation probability at 0.02% (4th percentile) and no KEV listing, this represents a moderate-priority issue primarily affecting organizations running outdated Chrome versions on Windows systems.

Google Authentication Bypass Microsoft Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8562 MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome versions prior to 148.0.7778.168 enables remote attackers to extract sensitive information from other origins through side-channel attacks in the Navigation component. The vulnerability requires user interaction with a malicious HTML page and exploits timing or behavioral characteristics to bypass same-origin policy protections. EPSS score of 0.03% (10th percentile) indicates low observed exploitation probability, and no active exploitation or public proof-of-concept has been identified at time of analysis. Google has released a patch in Chrome 148.0.7778.168.

Google Information Disclosure Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8561 MEDIUM PATCH This Month

Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
5.4
EPSS
0.1%
CVE-2026-8560 MEDIUM PATCH This Month

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Heap Overflow Google Apple Buffer Overflow Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8559 MEDIUM PATCH This Month

Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Microsoft Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8557 HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption Privilege Escalation Google +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8556 LOW PATCH Monitor

Cross-origin data leakage in Google Chrome on Windows via ANGLE graphics library allows renderer-compromised attackers to steal sensitive data from other origins through specially crafted web pages. Affects Chrome versions prior to 148.0.7778.168 on Windows platforms. EPSS probability of 0.03% (10th percentile) indicates low observed exploitation likelihood, with CISA SSVC confirming no active exploitation and non-automatable attack chain. Vendor patch released in Chrome 148.0.7778.168 stable channel update. Attack requires successful renderer process compromise as prerequisite, combined with user interaction, creating a chained exploitation scenario rather than standalone vulnerability.

Google Authentication Bypass Microsoft Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8555 HIGH PATCH This Week

Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free Memory Corruption RCE +4
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8554 LOW PATCH Monitor

Out-of-bounds memory write in Google Chrome's ANGLE graphics library (Windows only) enables attackers who have already compromised the renderer process to corrupt memory via specially crafted HTML pages. Chrome 148.0.7778.168 patches this type confusion vulnerability. Despite high Chromium severity rating, CVSS 3.1 scores only 3.1 due to prerequisite renderer compromise, high attack complexity, and required user interaction. EPSS 0.03% (10th percentile) and SSVC indicating no known exploitation suggest limited real-world risk at time of analysis.

Google Microsoft Information Disclosure Memory Corruption Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8553 LOW PATCH Monitor

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free Memory Corruption Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8552 MEDIUM PATCH This Month

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Heap Overflow Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8551 HIGH PATCH This Week

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8550 MEDIUM PATCH This Month

Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-8549 HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8548 HIGH PATCH This Week

Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8547 HIGH PATCH This Week

Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Authentication Bypass Privilege Escalation Microsoft Google Red Hat +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-8546 MEDIUM PATCH This Month

Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Microsoft Information Disclosure Buffer Overflow Red Hat +2
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-8545 LOW PATCH Monitor

Cross-origin data leakage in Google Chrome versions prior to 148.0.7778.168 occurs when an attacker who has already compromised the renderer process exploits an object corruption flaw in the Compositing component. The vulnerability requires user interaction with a malicious HTML page and high attack complexity to leak sensitive cross-origin data. Google has released a patch in Chrome 148.0.7778.168, and with EPSS at 0.03% (10th percentile) and no evidence of active exploitation (SSVC: none), this represents a medium-priority targeted threat rather than widespread exploitation risk.

Google Authentication Bypass Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8544 HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8543 MEDIUM PATCH This Month

Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-8542 HIGH PATCH This Week

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free Memory Corruption Google +3
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8541 MEDIUM PATCH This Month

Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-8540 HIGH PATCH This Week

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Memory Corruption Google RCE Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8539 MEDIUM PATCH This Month

Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

Code Injection Google RCE Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.4
EPSS
0.0%
CVE-2026-8538 MEDIUM PATCH This Month

Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2026-8537 MEDIUM PATCH This Month

Google Chrome versions prior to 148.0.7778.168 leak cross-origin data through insufficient policy enforcement in the ViewTransitions API when users interact with specially crafted HTML pages. The vulnerability enables remote attackers to bypass same-origin policy protections and extract sensitive information from other origins without authentication, though exploitation requires user interaction (clicking a link or visiting a malicious page). With EPSS at 0.03% (10th percentile) and no confirmed active exploitation, this represents a moderate information disclosure risk primarily affecting organizations where targeted phishing could deliver malicious pages to Chrome users.

Google Cors Misconfiguration Information Disclosure Red Hat Suse +1
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8536 LOW PATCH Monitor

Site Isolation bypass in Google Chrome on macOS allows attackers who have already compromised the renderer process to leak limited cross-origin data via malicious HTML in ReadingMode. Affects Chrome versions prior to 148.0.7778.168 on Mac only. EPSS score of 0.02% (6th percentile) indicates very low predicted exploitation probability. No active exploitation detected (not in CISA KEV), no public POC identified. CVSS 3.1 assigns Low severity despite High vendor severity rating due to requiring both renderer compromise and user interaction, with impact limited to confidentiality only.

Google Authentication Bypass Chrome
NVD VulDB
CVSS 3.1
3.1
EPSS
0.0%
CVE-2026-8535 MEDIUM PATCH This Month

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity: High)

Google Information Disclosure Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-8534 HIGH PATCH This Week

Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Buffer Overflow Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8533 HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8532 HIGH PATCH This Week

Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8531 HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Heap Overflow Google Microsoft Buffer Overflow Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8530 HIGH PATCH This Week

Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free Memory Corruption Google +3
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8529 HIGH PATCH This Week

Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: High)

Heap Overflow Google RCE Buffer Overflow Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8528 MEDIUM PATCH This Month

Site Isolation bypass in Google Chrome versions prior to 148.0.7778.168 enables attackers who have already compromised the renderer process to break out of security sandboxes via specially crafted HTML pages. This represents an escalation path within Chrome's multi-process architecture, allowing cross-origin data access after initial renderer compromise. Vendor patch available as of May 2026 stable channel update. EPSS score of 0.02% (6th percentile) indicates minimal observed exploitation activity, and no CISA KEV listing or public POC exists at time of analysis, suggesting lower immediate priority despite the architectural significance of Site Isolation failures.

Google Authentication Bypass Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
4.3
EPSS
0.0%
CVE-2026-8527 HIGH PATCH This Week

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

RCE Google Red Hat Suse Chrome
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8526 HIGH PATCH This Week

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow RCE Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8525 HIGH PATCH This Week

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Heap Overflow Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8524 HIGH PATCH This Week

Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow RCE Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8558 HIGH PATCH This Week

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow RCE Red Hat +2
NVD VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-8523 HIGH PATCH This Week

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free Memory Corruption Red Hat +2
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8522 HIGH PATCH This Week

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-8521 HIGH PATCH This Week

Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption RCE Google +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-8520 HIGH PATCH This Week

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Race Condition Google Information Disclosure Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.3
EPSS
0.1%
CVE-2026-8519 HIGH PATCH This Week

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

Microsoft Google Buffer Overflow Red Hat Suse +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.1%
EPSS 0% CVSS 2.4
LOW Monitor

PIN lock bypass in Easyelife App Lock 1.9.2 for Android allows a local attacker with physical device access to reach applications that were supposedly secured behind a PIN. The root cause is architectural: the lock is implemented as a UI overlay rather than through Android's native secure authentication APIs (BiometricPrompt, KeyguardManager), meaning it can be circumvented by triggering advertisement or browser intents that cause the app to navigate cascading activity flows, effectively routing around the overlay. EPSS is very low at 0.05% (16th percentile), no public exploit is confirmed in CISA KEV, and a researcher disclosure with likely proof-of-concept steps is publicly available on GitHub.

Google Information Disclosure Privilege Escalation +2
NVD GitHub
EPSS 0% CVSS 2.4
LOW Monitor

PIN lock bypass in SailingLab AppLock 4.3.8 for Android exposes protected applications to anyone with brief physical device access. The root cause is architectural: the lock is implemented as a screen overlay rather than through Android's secure authentication APIs, meaning the underlying apps remain accessible via exposed intent routes triggered through advertisement or browser interactions. An attacker with physical access can navigate cascading UI flows to dismiss or circumvent the overlay entirely, gaining access to locked apps such as Chrome, resulting in information disclosure and unintended privilege escalation. No public exploit is confirmed in CISA KEV, but a researcher disclosure is publicly available on GitHub, and EPSS is negligible at 0.04% (11th percentile), consistent with the physical-access-only attack vector.

Information Disclosure Privilege Escalation Google +2
NVD GitHub
EPSS 0% CVSS 2.4
LOW Monitor

Physical-access PIN lock bypass in AppLockZ 4.2.11 for Android exposes protected applications to unauthorized access without valid credentials. The root cause is architectural: the lock mechanism is implemented as a UI overlay rather than through Android's secure authentication APIs, leaving it vulnerable to circumvention via exposed activity routes reachable through advertisement or browser intents. An attacker with physical possession of the device can navigate cascading interface flows to evade lockscreen verification and access apps protected by AppLockZ (e.g., Chrome), resulting in information disclosure. No active exploitation is confirmed in CISA KEV, and the EPSS score of 0.04% reflects minimal real-world exploitation probability at this time.

Information Disclosure Privilege Escalation Google +2
NVD GitHub
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome prior to 148.0.7778.179 exposes sensitive information to attackers who have already achieved renderer process compromise. The flaw stems from insufficient input validation (CWE-20) in Chrome's Input handling, enabling a crafted HTML page to exfiltrate data across origin boundaries. No active exploitation is confirmed - SSVC assigns exploitation status 'none' and the vulnerability is not listed in CISA KEV - but the confidentiality impact is rated High by CVSS, warranting prompt patching.

Information Disclosure Google Chrome
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Heap buffer overflow in the Chromecast component of Google Chrome on Android, Linux, and ChromeOS prior to version 148.0.7778.179 allows an adjacent-network attacker to execute arbitrary code within the renderer sandbox via malicious network traffic. Google's Chrome team reported the issue with a Medium severity rating, and no public exploit identified at time of analysis. The vulnerability requires adjacent network positioning rather than full internet-based access, limiting practical exploitation to attackers on the same local network segment.

Google Buffer Overflow RCE +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Out-of-bounds read in the GPU process of Google Chrome on macOS prior to 148.0.7778.179 exposes potentially sensitive data from process memory to remote attackers. Exploitation requires a victim to visit a crafted HTML page (CVSS UI:R), limiting automation potential - consistent with SSVC's 'Automatable: no' determination. No public exploit identified at time of analysis and CISA has not added this to the Known Exploited Vulnerabilities catalog; Chrome's own severity rating is Medium.

Information Disclosure Google Buffer Overflow +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's GPU component prior to version 148.0.7778.179 allows remote attackers to exploit an out-of-bounds read via a crafted HTML page, potentially leading to arbitrary code execution or information disclosure within the renderer context. The flaw carries a CVSS 8.8 (High) rating due to network reachability and high impact across confidentiality, integrity, and availability, though exploitation requires user interaction (visiting a malicious page). There is no public exploit identified at time of analysis, and CISA SSVC marks exploitation status as 'none', suggesting opportunistic rather than active targeting.

Information Disclosure Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 148.0.7778.179 allows a remote attacker to execute arbitrary code within the renderer sandbox via a crafted HTML page that triggers a use-after-free in the DOM implementation. The flaw requires user interaction (visiting a malicious page) but no authentication, and while Chromium rates its security severity as Medium, the CVSS 3.1 base score of 8.8 reflects high confidentiality, integrity, and availability impact. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Google RCE Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 148.0.7778.179 stems from a use-after-free flaw in the WebRTC component, enabling a remote attacker to run arbitrary code when a victim visits a crafted HTML page. Chromium rates the severity as High and the CVSS 3.1 score is 8.8, but exploitation requires user interaction (UI:R); no public exploit identified at time of analysis.

Google RCE Denial Of Service +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in the WebRTC component of Google Chrome before 148.0.7778.179 allows remote attackers to execute arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. The flaw was reported by Chrome's internal security team, has a patched stable channel build available, and carries a CVSS 8.8 score with no public exploit identified at time of analysis. SSVC currently rates exploitation as 'none' but technical impact as 'total', reflecting full compromise of the affected process if triggered.

Google Buffer Overflow RCE +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to 148.0.7778.179 stems from a use-after-free flaw in the XR (WebXR) component, enabling a remote attacker to run arbitrary code in the renderer process by enticing a user to visit a crafted HTML page. Chromium rates the issue High severity and CVSS scores it 8.8; no public exploit identified at time of analysis and SSVC reports exploitation status as none. A vendor patch is available via the Stable Channel update referenced in the Chrome Releases advisory.

Microsoft Google RCE +6
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Sandbox escape in Google Chrome (Linux and ChromeOS) prior to 148.0.7778.179 allows a remote attacker who has already compromised the renderer process to break out via a crafted video file processed by the GFX component. The flaw is a type confusion (CWE-843) rated High severity by Chromium, with no public exploit identified at time of analysis and SSVC indicating exploitation has not been observed. It requires user interaction and chained exploitation of a prior renderer compromise, which raises the bar despite the High CVSS of 7.5.

Memory Corruption Information Disclosure Google +3
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

ServiceWorker policy enforcement failure in Google Chrome prior to version 148.0.7778.179 enables unauthenticated remote attackers to leak cross-origin data by luring a victim to a crafted HTML page. The vulnerability stems from Chrome's ServiceWorker layer failing to adequately enforce isolation boundaries (CWE-693), allowing a malicious origin to read data it should not have access to under the same-origin policy. No public exploit identified at time of analysis, and the CVSS score of 4.3 reflects limited confidentiality impact; however, the zero-privilege, network-accessible attack vector means any Chrome user browsing a malicious page could be affected.

Information Disclosure Google Suse +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Same-origin policy bypass in Google Chrome's Service Worker subsystem (all versions prior to 148.0.7778.179) allows remote unauthenticated attackers to read cross-origin data by luring a victim to a crafted HTML page. The flaw originates from insufficient policy enforcement (CWE-693) within the Service Worker layer, enabling unauthorized access to confidential data across origins. No public exploit code has been identified and no active exploitation is confirmed; Google has shipped a fix in stable channel version 148.0.7778.179.

Google Authentication Bypass Suse +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 148.0.7778.179 stems from a use-after-free condition in the QUIC networking stack, allowing remote attackers to execute arbitrary code within the browser sandbox via malicious network traffic. Exploitation requires user interaction (visiting a malicious site or processing attacker-controlled QUIC traffic), and no public exploit has been identified at time of analysis. Chromium rates this as High severity, and a vendor patch is available.

Google RCE Denial Of Service +5
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Out-of-bounds memory read in the GPU component of Google Chrome on macOS exposes process memory to remote attackers via a crafted HTML page. Affected versions are all Chrome releases prior to 148.0.7778.179 on Mac; Windows and Linux are not identified as affected. No public exploit or active exploitation has been identified at time of analysis, and SSVC confirms exploitation status as none with non-automatable attack delivery.

Information Disclosure Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to version 148.0.7778.179 stems from a use-after-free condition in the GPU component, enabling a remote attacker to run arbitrary code within the renderer sandbox after the victim loads a crafted HTML page. Google has rated the issue High severity and shipped a fix; no public exploit identified at time of analysis and SSVC indicates exploitation status 'none' despite total technical impact.

Microsoft Google RCE +6
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

UI spoofing in Google Chrome on Windows (prior to 148.0.7778.179) enables a remote attacker who has already achieved renderer process compromise to deceive end users through a crafted HTML page, exploiting CWE-451 (UI Misrepresentation of Critical Information). Affected users on Windows running any Chrome version below 148.0.7778.179 are exposed to potential phishing or credential-harvesting scenarios dressed up as legitimate browser UI. No public exploit code or CISA KEV listing exists at time of analysis, but the Chromium team assigned a Critical internal severity - a meaningful contrast with the NVD CVSS score of 4.2 - suggesting the spoofing potential carries downstream risk beyond what the base score reflects.

Microsoft Information Disclosure Google +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome on Linux before 148.0.7778.179 stems from a use-after-free flaw in the WebRTC component, allowing a remote attacker who lures a victim to a crafted HTML page to execute arbitrary code in the renderer process. Chromium rates the severity as Critical and a vendor patch is available, though there is no public exploit identified at time of analysis and SSVC indicates no observed exploitation. The CVSS 8.8 score reflects high impact across confidentiality, integrity, and availability with required user interaction (visiting a page).

Google RCE Denial Of Service +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Arbitrary directory deletion in CloakBrowser's cloakserve CDP multiplexer (pip package cloakbrowser <= 0.3.27) allows unauthenticated network attackers to delete directories accessible to the service user by supplying path traversal sequences in the fingerprint query parameter. The service binds to 0.0.0.0 by default, dramatically widening exposure, and no public exploit identified at time of analysis though the vulnerability is trivially reproducible from the published advisory.

Path Traversal Google Chrome
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Open WebUI versions up to 0.8.8 expose admin-configured system prompts to authenticated regular (non-admin) users through the /api/models API endpoint, allowing information disclosure of sensitive model instructions and internal configuration details. The vulnerability requires valid user authentication but no administrative privileges, enabling any authenticated user to retrieve confidential system prompts via a simple HTTP GET request. This is confirmed actively exploited in production deployments with a publicly available proof-of-concept.

Mozilla Apple Information Disclosure +2
NVD GitHub VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Extensions in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Discretionary access control bypass in Chrome Remote Desktop (Chromoting) allows adjacent network attackers to achieve limited confidentiality, integrity, and availability impact through a malicious file requiring user interaction. Google released Chrome 148.0.7778.168 to address this medium-severity flaw. EPSS score of 0.01% (1st percentile) and CISA SSVC assessment indicate low real-world exploitation probability with no observed exploitation activity. The adjacent network attack vector (AV:A) significantly constrains attacker positioning compared to typical remote vulnerabilities.

Google Authentication Bypass Red Hat +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Out-of-bounds memory read in Google Chrome on iOS versions before 148.0.7778.168 enables remote attackers to access sensitive memory contents through a compromised renderer process. The vulnerability requires user interaction to visit a malicious webpage and exploitation of a prior renderer compromise. With EPSS at 0.03% and no known active exploitation, this represents a moderate risk primarily in targeted attack chains.

Google Information Disclosure Apple +2
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Inappropriate implementation in Views in Google Chrome on iOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Apple Google Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Insufficient policy enforcement in WebXR in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Out-of-bounds memory write in Google Chrome's Skia graphics library (versions prior to 148.0.7778.168) enables attackers with an already-compromised renderer process to escalate privileges via malicious print files. This represents a sandbox escape vulnerability requiring high attack complexity and user interaction (printing or opening a crafted print file). While CVSS rates this 3.1 (Low), the real-world risk depends on the attacker already having achieved renderer compromise — making this a second-stage attack vector. No active exploitation confirmed (EPSS 0.05%, not in CISA KEV), but vendor patch available as of Chrome 148.0.7778.168.

Google Information Disclosure Chrome
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Google Chrome on Linux versions prior to 148.0.7778.168 suffers from an out-of-bounds read vulnerability in GPU processing that enables cross-origin data leakage. An attacker who has already compromised the renderer process can craft malicious HTML to read sensitive memory beyond allocated bounds, exposing data from other origins that should be isolated by the browser's same-origin policy. EPSS exploitation probability is very low (0.03%, 10th percentile) and no active exploitation or public POC has been identified. Google rates this Medium severity and released patch 148.0.7778.168 to address the issue.

Google Buffer Overflow Information Disclosure +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

RCE Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome on Linux and ChromeOS allows remote attackers to read sensitive data from other origins via malicious HTML pages exploiting flawed CORS implementation. Affects versions prior to 148.0.7778.168. Google released a patch in their May 2026 stable channel update. EPSS score of 0.03% (10th percentile) indicates low observed exploitation probability. No active exploitation confirmed (not in CISA KEV). SSVC assessment indicates no current exploitation, non-automatable attack requiring user interaction, with partial technical impact limited to confidentiality breach.

Google Cors Misconfiguration Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Denial Of Service Microsoft Use After Free +5
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Integer overflow in Codecs in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)

Microsoft Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Cross-origin data leakage in Google Chrome on Android allows compromised renderer processes to access sensitive information from other sites via malicious HTML pages. Affects Chrome versions prior to 148.0.7778.168 on Android platforms. Attack requires high complexity (user interaction with crafted content) and prior renderer compromise, limiting practical exploitation. EPSS score of 0.03% (10th percentile) and SSVC assessment indicating no active exploitation align with the limited real-world risk profile despite the cross-origin information disclosure capability.

Google Information Disclosure Chrome
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Insufficient policy enforcement in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Memory Corruption Google +3
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. (Chromium security severity: Medium)

Google Memory Corruption Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Site Isolation bypass in Google Chrome prior to 148.0.7778.168 allows remote attackers who have already compromised the renderer process to access cross-site data via crafted HTML pages. The vulnerability affects Chrome's AI policy enforcement, enabling a second-stage attack after initial renderer compromise. Attack complexity is high, requiring both initial renderer compromise and user interaction. EPSS score of 0.02% indicates very low exploitation probability, and no active exploitation or public POC has been identified. Vendor patch is available in Chrome 148.0.7778.168.

Google Authentication Bypass Chrome
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Medium)

Microsoft Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Insufficient policy enforcement in Google Chrome's Android payment implementation allows remote attackers to bypass access control restrictions through specially crafted HTML pages, affecting Chrome versions prior to 148.0.7778.168 on Android. The vulnerability requires user interaction (visiting a malicious page) but can be exploited remotely without authentication. EPSS exploitation probability is low (0.02%, 4th percentile), and a vendor-released patch is available. While tagged as an authentication bypass, the CVSS impact indicates only low integrity compromise with no confidentiality or availability impact.

Google Authentication Bypass Red Hat +2
NVD VulDB
EPSS 0% CVSS 4.7
MEDIUM PATCH This Month

Inappropriate implementation in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium)

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 4.2
MEDIUM PATCH This Month

Incorrect security UI in Downloads in Google Chrome on Android and Mac prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Navigation restrictions can be bypassed in Google Chrome for Windows versions prior to 148.0.7778.168 when attackers craft malicious HTML pages that exploit insufficient sandbox policy enforcement in iframe elements. User interaction (opening/visiting the crafted page) is required for exploitation. Google released a patched version addressing this medium-severity flaw. With EPSS exploitation probability at 0.02% (4th percentile) and no KEV listing, this represents a moderate-priority issue primarily affecting organizations running outdated Chrome versions on Windows systems.

Google Authentication Bypass Microsoft +3
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Cross-origin data leakage in Google Chrome versions prior to 148.0.7778.168 enables remote attackers to extract sensitive information from other origins through side-channel attacks in the Navigation component. The vulnerability requires user interaction with a malicious HTML page and exploits timing or behavioral characteristics to bypass same-origin policy protections. EPSS score of 0.03% (10th percentile) indicates low observed exploitation probability, and no active exploitation or public proof-of-concept has been identified at time of analysis. Google has released a patch in Chrome 148.0.7778.168.

Google Information Disclosure Red Hat +2
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Incorrect security UI in Fullscreen in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

Information Disclosure Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Heap buffer overflow in SwiftShader in Google Chrome on Mac and iOS prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

Heap Overflow Google Apple +3
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Integer overflow in Internationalization in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Microsoft Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Cross-origin data leakage in Google Chrome on Windows via ANGLE graphics library allows renderer-compromised attackers to steal sensitive data from other origins through specially crafted web pages. Affects Chrome versions prior to 148.0.7778.168 on Windows platforms. EPSS probability of 0.03% (10th percentile) indicates low observed exploitation likelihood, with CISA SSVC confirming no active exploitation and non-automatable attack chain. Vendor patch released in Chrome 148.0.7778.168 stable channel update. Attack requires successful renderer process compromise as prerequisite, combined with user interaction, creating a chained exploitation scenario rather than standalone vulnerability.

Google Authentication Bypass Microsoft +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in GTK in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free +6
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Out-of-bounds memory write in Google Chrome's ANGLE graphics library (Windows only) enables attackers who have already compromised the renderer process to corrupt memory via specially crafted HTML pages. Chrome 148.0.7778.168 patches this type confusion vulnerability. Despite high Chromium severity rating, CVSS 3.1 scores only 3.1 due to prerequisite renderer compromise, high attack complexity, and required user interaction. EPSS 0.03% (10th percentile) and SSVC indicating no known exploitation suggest limited real-world risk at time of analysis.

Google Microsoft Information Disclosure +2
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Use after free in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Heap buffer overflow in GPU in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

Heap Overflow Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use after free in Google Lens in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Insufficient policy enforcement in Passwords in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High)

Authentication Bypass Privilege Escalation Microsoft +4
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Microsoft Information Disclosure +4
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Cross-origin data leakage in Google Chrome versions prior to 148.0.7778.168 occurs when an attacker who has already compromised the renderer process exploits an object corruption flaw in the Compositing component. The vulnerability requires user interaction with a malicious HTML page and high attack complexity to leak sensitive cross-origin data. Google has released a patch in Chrome 148.0.7778.168, and with EPSS at 0.03% (10th percentile) and no evidence of active exploitation (SSVC: none), this represents a medium-priority targeted threat rather than widespread exploitation risk.

Google Authentication Bypass Chrome
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free +5
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)

Google Information Disclosure Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Memory Corruption Google RCE +3
NVD VulDB
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

Code Injection Google RCE +3
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Google Chrome versions prior to 148.0.7778.168 leak cross-origin data through insufficient policy enforcement in the ViewTransitions API when users interact with specially crafted HTML pages. The vulnerability enables remote attackers to bypass same-origin policy protections and extract sensitive information from other origins without authentication, though exploitation requires user interaction (clicking a link or visiting a malicious page). With EPSS at 0.03% (10th percentile) and no confirmed active exploitation, this represents a moderate information disclosure risk primarily affecting organizations where targeted phishing could deliver malicious pages to Chrome users.

Google Cors Misconfiguration Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 3.1
LOW PATCH Monitor

Site Isolation bypass in Google Chrome on macOS allows attackers who have already compromised the renderer process to leak limited cross-origin data via malicious HTML in ReadingMode. Affects Chrome versions prior to 148.0.7778.168 on Mac only. EPSS score of 0.02% (6th percentile) indicates very low predicted exploitation probability. No active exploitation detected (not in CISA KEV), no public POC identified. CVSS 3.1 assigns Low severity despite High vendor severity rating due to requiring both renderer compromise and user interaction, with impact limited to confidentiality only.

Google Authentication Bypass Chrome
NVD VulDB
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Out of bounds read in Media in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted JPEG file. (Chromium security severity: High)

Google Information Disclosure Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Integer overflow in GPU in Google Chrome on Linux and ChromeOS prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Buffer Overflow Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Accessibility in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in XML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

RCE Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in WebML in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Heap Overflow Google Microsoft +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Network in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Denial Of Service Microsoft Use After Free +5
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap buffer overflow in Codecs in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted video file. (Chromium security severity: High)

Heap Overflow Google RCE +4
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

Site Isolation bypass in Google Chrome versions prior to 148.0.7778.168 enables attackers who have already compromised the renderer process to break out of security sandboxes via specially crafted HTML pages. This represents an escalation path within Chrome's multi-process architecture, allowing cross-origin data access after initial renderer compromise. Vendor patch available as of May 2026 stable channel update. EPSS score of 0.02% (6th percentile) indicates minimal observed exploitation activity, and no CISA KEV listing or public POC exists at time of analysis, suggesting lower immediate priority despite the architectural significance of Site Isolation failures.

Google Authentication Bypass Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

RCE Google Red Hat +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Heap Overflow Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Google Memory Corruption Buffer Overflow +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Google Denial Of Service Use After Free +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)

Denial Of Service Use After Free Memory Corruption +5
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

Race Condition Google Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

Microsoft Google Buffer Overflow +3
NVD VulDB
Prev Page 7 of 44 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy