Skip to main content

Memory Corruption

15286 CVEs technique

Monthly

CVE-2026-14152 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's ANGLE graphics layer (versions prior to 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the renderer sandbox via a crafted HTML page. The flaw is a CWE-787 out-of-bounds read and write; Google's own Chromium team rated the security severity as Low, and there is no public exploit identified at time of analysis. EPSS estimates only a 0.17% (7th percentile) chance of exploitation, and the vulnerability is not listed in CISA KEV.

Memory Corruption Buffer Overflow Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14149 HIGH PATCH This Week

Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14148 MEDIUM PATCH This Month

Type confusion in the CSS processing engine of Google Chrome prior to 150.0.7871.47 enables remote attackers to read potentially sensitive data from renderer process memory by delivering a crafted HTML page to a victim. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms network delivery with no attacker privileges required, though a single user interaction - visiting the malicious page - is necessary. No public exploit code has been identified, CISA SSVC rates exploitation as none at time of analysis, and Chromium's own team classified severity as Low, suggesting limited practical memory disclosure value despite the NVD CVSS C:H rating.

Memory Corruption Information Disclosure Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14121 CRITICAL PATCH Act Now

Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Linux, fixed in 150.0.7871.47, lets a remote attacker corrupt memory via crafted network traffic and potentially run arbitrary code. The flaw is a CWE-416 use-after-free reported by Google's internal Chrome security team; there is no public exploit identified at time of analysis and it is not in CISA KEV. Note a signal conflict: NVD scores this 9.8 (Critical) while Chromium itself rated the security severity 'Low', and EPSS is only 0.20% (10th percentile).

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-14119 MEDIUM PATCH This Month

Type confusion in Chrome's Bluetooth stack on Windows (versions prior to 150.0.7871.47) enables an adjacent-network attacker to exfiltrate sensitive data from Chrome process memory by presenting a malicious Bluetooth peripheral. The CVSS 6.5 score reflects high confidentiality impact but no integrity or availability exposure; notably, Chromium's internal security team rated this Low severity, suggesting the memory regions accessible are constrained. No public exploit code and no CISA KEV listing exist at time of analysis, and exploitation is physically bounded by Bluetooth range.

Memory Corruption Information Disclosure Microsoft Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-14113 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome for Windows before 150.0.7871.47 lets an attacker who has already compromised the renderer process abuse a use-after-free in the Updater component via a crafted HTML page to break out of the browser sandbox. It is a second-stage bug that Chromium rated only Low severity despite the CVSS 9.6 score, with no public exploit identified at time of analysis and a low EPSS probability of 0.18% (8th percentile). Google has shipped a fixed Stable-channel build.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14111 HIGH PATCH This Week

Use after free in WebProtect in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-14108 HIGH PATCH This Week

Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14107 HIGH PATCH This Week

Remote code execution in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Scheduling component, letting a remote attacker run arbitrary code within the renderer sandbox when a victim opens a crafted HTML page. There is no public exploit identified at time of analysis and the vulnerability is not in CISA KEV; EPSS is low at 0.21% (12th percentile). Google rates the Chromium security severity as Low despite the NVD CVSS of 8.8, reflecting that code execution is confined to the sandbox rather than the host.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14103 MEDIUM PATCH This Month

Use-after-free in Chrome's SSL handling on ChromeOS exposes process memory contents to remote attackers who can serve a crafted HTML page. Only ChromeOS builds of Chrome prior to 150.0.7871.47 are affected - this is not a cross-platform flaw. SSVC rates exploitation status as none and technical impact as partial, and Chromium's own severity classification is Low, making this a routine patch-cycle priority rather than an emergency response item despite the CVSS 6.5 score.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-14102 HIGH PATCH This Week

Heap corruption via use-after-free in Google Chrome's Passwords component affects all desktop builds prior to 150.0.7871.47, letting a remote attacker who lures a victim to a crafted HTML page potentially achieve memory corruption and code execution in the renderer. The CVSS 3.1 vector (8.8) requires user interaction (visiting the page) but no privileges or authentication. No public exploit identified at time of analysis, and the low EPSS score (0.17%, 7th percentile) plus Chromium's own 'Low' severity rating suggest limited real-world exploitation likelihood despite the high CVSS.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14099 HIGH PATCH This Week

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Apple Denial Of Service Use After Free +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14094 HIGH PATCH This Week

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low)

Memory Corruption Google Microsoft Denial Of Service Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-14093 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Cast component (versions prior to 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page, exploiting a use-after-free (CWE-416) memory-corruption bug. Google's Chromium team rated the security severity as Low, and while NVD assigns a 9.6 CVSS reflecting full sandbox-escape impact, exploitation is gated behind a pre-existing renderer compromise. No public exploit was identified at time of analysis, EPSS is very low at 0.17% (7th percentile), and there is no CISA KEV listing.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14091 HIGH PATCH This Week

Use after free in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14067 HIGH PATCH This Week

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Apple Denial Of Service Use After Free +2
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-14064 HIGH PATCH This Week

Use after free in PageInfo in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-14048 MEDIUM PATCH This Month

Use-after-free in Chrome's Chromecast component exposes process memory to attackers on the same local network segment via a malicious peripheral, affecting all Chrome versions prior to 150.0.7871.47. The vulnerability carries a CVSS 3.1 score of 6.5 with high confidentiality impact (C:H), meaning successful exploitation leaks potentially sensitive data from the Chrome process heap. No public exploit or CISA KEV listing is identified at time of analysis, and Google has released a patch in the stable channel.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-14044 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's ANGLE graphics layer (versions prior to 150.0.7871.47) lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) and is second-stage: it is not directly exploitable from the open web without a prior renderer compromise. No public exploit has been identified at time of analysis, and its EPSS exploitation probability is low (0.17%, 7th percentile); notably, Google rated the Chromium security severity as Low despite the NVD CVSS of 9.6.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14043 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's GetUserMedia (media capture) implementation before version 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) reported by Google's own security team; despite an NVD CVSS of 9.6, Chromium rates its severity Low, and there is no public exploit identified at time of analysis with an EPSS of only 0.17% (7th percentile).

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-14040 HIGH PATCH This Week

Heap corruption in Google Chrome's BrowserTag component affects all desktop builds prior to 150.0.7871.47, where a use-after-free (CWE-416) can be triggered by a crafted Chrome extension. An attacker who convinces a victim to install a malicious extension can potentially exploit the freed-memory condition to corrupt the heap and execute code. No public exploit identified at time of analysis, and EPSS is low (0.12%, 2nd percentile), consistent with the Chromium team's own 'Low' severity rating despite the NVD CVSS of 8.8.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-14032 HIGH PATCH This Week

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2026-14027 HIGH PATCH This Week

Use-after-free in Google Chrome's SignIn component (versions prior to 150.0.7871.47) allows a remote attacker to trigger heap corruption and potentially achieve code execution after luring a victim to a crafted HTML page and performing specific UI gestures. No public exploit was identified at time of analysis, and with an EPSS of 0.17% (7th percentile) and Chromium-rated 'Low' severity, near-term mass exploitation appears unlikely despite the high 8.8 CVSS. The flaw is patched in the current stable channel and is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14025 HIGH PATCH This Week

Heap corruption in Google Chrome's Views UI framework on macOS (versions before 150.0.7871.47) lets a remote attacker who lures a victim to a crafted HTML page and coaxes them into specific UI gestures trigger a use-after-free, potentially achieving code execution in the renderer. Google rates the Chromium severity as Low, but the NVD CVSS is 8.8 (High), and no public exploit has been identified at time of analysis. EPSS is low at 0.21% (11th percentile), and the flaw is not in CISA KEV.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14024 HIGH PATCH This Week

Use-after-free in Google Chrome's Ozone component on Linux prior to 150.0.7871.47 lets a remote attacker trigger heap corruption after luring a user to a crafted HTML page and inducing specific UI gestures. Rated CVSS 8.8 with high confidentiality, integrity and availability impact, it is patched in the stable channel but requires user interaction (UI:R). No public exploit is identified at time of analysis and EPSS exploitation probability is low (0.21%, 11th percentile), and Google classifies the Chromium severity as Medium.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14018 HIGH PATCH This Week

Local privilege escalation in Google Chrome's Updater component on Windows (versions prior to 150.0.7871.47) allows a local attacker to escalate to OS-level privileges via a malicious file that triggers a use-after-free condition. Google rates the Chromium security severity as Medium, though the CVSS base score is 7.8 (High) because the Updater runs with elevated (SYSTEM) privileges. There is no public exploit identified at time of analysis and EPSS is very low (0.11%, 1st percentile), indicating negligible observed exploitation activity.

Memory Corruption Google Microsoft Denial Of Service Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-14006 HIGH PATCH This Week

Use after free in Navigation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-14005 HIGH PATCH This Week

Use after free in Omnibox in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-13967 HIGH PATCH This Week

Remote code execution in Google Chrome's V8 JavaScript engine (versions prior to 150.0.7871.47) allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. Exploitation requires user interaction (visiting a malicious page) but no authentication, and the flaw carries a CVSS 8.8 with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and EPSS is low (0.30%, 22nd percentile), indicating no evidence of widespread exploitation despite the high CVSS.

Memory Corruption RCE Buffer Overflow Google Suse
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13965 HIGH PATCH This Week

Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13918 HIGH PATCH This Week

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Apple Denial Of Service Use After Free +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-13915 HIGH PATCH This Week

Heap corruption in Google Chrome for iOS before 150.0.7871.47 lets a remote attacker who lures a user through specific in-page UI gestures on a crafted HTML page trigger a use-after-free (CWE-416), potentially leading to arbitrary code execution in the renderer. Rated Medium by the Chromium security team but scored CVSS 8.8 due to full confidentiality/integrity/availability impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS is low at 0.21% (11th percentile), consistent with a freshly patched browser bug that has no known weaponization.

Memory Corruption Google Apple Denial Of Service Use After Free +1
NVD
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-13899 HIGH PATCH This Week

Use after free in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13898 HIGH PATCH This Week

Sandboxed remote code execution in Google Chrome's Cast Receiver component affects all desktop builds prior to 150.0.7871.47, where a use-after-free (CWE-416) can be triggered by luring a victim to a crafted HTML page. Google rates the Chromium severity as Medium because the resulting code execution is confined to the browser sandbox, though NVD scores it CVSS 8.8; there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.27% (18th percentile).

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13888 HIGH PATCH This Week

Use-after-free in the Extensions component of Google Chrome before 150.0.7871.47 lets a remote attacker execute arbitrary code within the renderer sandbox when a victim opens a crafted HTML page. Chromium rated the security severity Medium, though the associated CVSS score is 8.8 (High) due to network vector and high impact; there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.26%. Google has shipped a fixed Stable channel build.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13885 HIGH PATCH This Week

Sandboxed remote code execution in Google Chrome for Android before 150.0.7871.47, stemming from a use-after-free in the Skia graphics library, lets a remote attacker run arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. Google rated the Chromium security severity as Medium, and no public exploit has been identified at time of analysis; the EPSS score is low (0.26%, 17th percentile), and the bug is not on CISA KEV. Exploitation requires user interaction (visiting the malicious page) but no authentication.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13883 CRITICAL PATCH Act Now

Type Confusion in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Information Disclosure Google Suse
NVD VulDB
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13880 CRITICAL PATCH Act Now

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13879 MEDIUM PATCH This Month

Use-after-free in Google Chrome's Bluetooth subsystem (all versions prior to 150.0.7871.47) enables an unauthenticated attacker within Bluetooth radio range to leak sensitive data from Chrome's process memory by operating a malicious Bluetooth peripheral. The CVSS vector (AV:A/PR:N/UI:N/C:H) confirms no attacker-side authentication is required and impact is confidentiality-only, with no integrity or availability loss. No public exploit code has been identified at time of analysis and CISA has not listed this in KEV; the Chromium security team rated this Medium severity, consistent with the bounded adjacency-only attack vector.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2026-13878 CRITICAL PATCH Act Now

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13873 MEDIUM PATCH This Month

Out-of-bounds read in Chrome's Layout engine prior to 150.0.7871.47 allows remote attackers to leak potentially sensitive data from the renderer process memory by serving a crafted HTML page. User interaction is required - the victim must visit the malicious page - limiting automated mass exploitation. No public exploit code has been identified at time of analysis, and CISA SSVC rates exploitation status as none with partial technical impact, placing real-world urgency below what the CVSS 6.5 score alone might suggest.

Memory Corruption Buffer Overflow Google Suse
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-13870 HIGH PATCH This Week

Sandboxed remote code execution in the WebView component of Google Chrome for Android before 150.0.7871.47 lets a remote attacker run arbitrary code within the renderer sandbox when a victim loads a crafted HTML page. Rated CVSS 8.8 (network vector, no privileges, requires user interaction), the flaw is a CWE-416 use-after-free, but code execution is confined to the sandbox and would require a separate escape to reach the host. No public exploit identified at time of analysis, and EPSS is low at 0.26% (17th percentile), indicating limited near-term mass-exploitation pressure despite the high base score.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13869 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Device component on Windows (versions prior to 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page, exploiting a use-after-free (CWE-416). Google rates the Chromium security severity as Medium, reflecting that it is a second-stage bug requiring prior renderer compromise, though the NVD CVSS of 9.6 is inflated by the sandbox scope change. There is no public exploit identified at time of analysis and EPSS is low (0.21%), indicating no current sign of widespread exploitation.

Memory Corruption Google Microsoft Denial Of Service Use After Free +1
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13861 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome before 150.0.7871.47 lets an attacker who has already compromised the renderer process break out of the browser sandbox and reach the host via a crafted HTML page, exploiting a use-after-free (CWE-416) in the Core component. Google-assigned Chromium severity is Medium, though the NVD CVSS is 9.6 due to the cross-boundary scope change. No public exploit identified at time of analysis, and EPSS is low (0.21%, 11th percentile), indicating it is not yet a mass-exploitation target.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13855 HIGH PATCH This Week

Remote code execution in Google Chrome on Linux (versions prior to 150.0.7871.47) stems from a use-after-free in the Ozone platform layer, allowing a remote attacker who lures a victim into performing specific UI gestures on a crafted HTML page to execute arbitrary code in the browser context. Rated High by Chromium and CVSS 7.5, exploitation is gated by required user interaction and high attack complexity. There is no public exploit identified at time of analysis, and the EPSS probability is low at 0.26% (17th percentile).

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-13854 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Linux (versions prior to 150.0.7871.47) stems from a use-after-free in Ozone, Chrome's platform abstraction layer for windowing and graphics. An attacker who has already compromised the renderer process can leverage a crafted HTML page to break out of the browser sandbox and gain code execution at the higher-privileged browser-process level. There is no public exploit identified at time of analysis, and the EPSS score is low (0.21%, 11th percentile), consistent with a second-stage bug that requires a prior renderer compromise rather than a directly weaponizable single-shot flaw.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13853 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Journeys (browsing history) component, allowing a remote attacker who has already compromised the renderer process to break out of the sandbox and gain broader code execution on the host via a crafted HTML page. Rated High severity by Chromium and CVSS 9.6, a fix is available from vendor; no public exploit identified at time of analysis and EPSS exploitation probability is low (0.21%, 11th percentile). Exploitation is meaningful only as the second stage of a chain, since it presupposes prior renderer compromise.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13848 HIGH PATCH This Week

Remote code execution in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Forms component, letting a remote attacker who lures a victim to a crafted HTML page corrupt memory and execute arbitrary code within the browser's renderer sandbox. Chromium rates the flaw High severity, CVSS 8.8, requiring only that the user visit a malicious page; there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.26%, 17th percentile). A vendor patch is available in the June 2026 Stable channel release.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13846 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome for macOS before 150.0.7871.47 lets an attacker who has already compromised the renderer process break out of the browser sandbox by exploiting a use-after-free in the USB subsystem via a crafted HTML page. Rated High by Chromium and CVSS 9.6, it functions as a second-stage escalation primitive rather than a standalone entry point. There is no public exploit identified at time of analysis, and EPSS is low at 0.21% (11th percentile).

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13845 HIGH PATCH This Week

Arbitrary code execution in Google Chrome's DOM implementation lets a remote attacker run code within the renderer sandbox by luring a victim to a crafted HTML page. All desktop Chrome builds before 150.0.7871.47 are affected; Chromium rates the flaw High severity. No public exploit has been identified and EPSS probability is low (0.26%), but the vendor patch is already available and should be applied promptly.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13844 HIGH PATCH This Week

Local OS-level privilege escalation in Google Chrome on Windows (versions prior to 150.0.7871.47) arises from a use-after-free in the Chrome Updater component, letting a local attacker who can plant a malicious file on the system elevate to higher OS privileges. Google rates the Chromium severity as High and has released a fixed Stable channel build; there is no public exploit identified and it is not listed in CISA KEV. EPSS is low at 0.13% (3rd percentile), consistent with a bug that requires local access and user interaction rather than mass remote exploitation.

Memory Corruption Google Microsoft Denial Of Service Use After Free +2
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-13832 HIGH PATCH This Week

Sandbox escape in Google Chrome's Headless component (versions prior to 150.0.7871.47) lets a remote attacker who has already compromised the renderer process break out of the browser sandbox by serving a crafted HTML page. Rated High by Chromium and CVSS 8.3, it is a CWE-416 use-after-free with no public exploit identified at time of analysis; EPSS is low at 0.21% (11th percentile) and CISA SSVC records no known exploitation.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13831 HIGH PATCH This Week

Out-of-bounds read/write (use-after-free) in Google Chrome's GPU component lets a remote attacker who has already compromised the renderer process run arbitrary code - though still confined inside the sandbox - by serving a crafted HTML page to a Chrome build prior to 150.0.7871.47. Google rates the Chromium severity High and has shipped a fixed Stable-channel build; there is no public exploit identified at time of analysis and EPSS puts near-term exploitation probability at just 0.26%.

Memory Corruption Google Buffer Overflow Use After Free RCE +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-13830 HIGH PATCH This Week

Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Linux allows an adjacent-network attacker to run arbitrary code by sending malicious network traffic to a vulnerable client before version 150.0.7871.47. The flaw is a use-after-free memory-corruption issue rated High by Chromium and carries a CVSS 8.8. There is no public exploit identified at time of analysis, it is not in CISA KEV, and EPSS is low (0.24%, 15th percentile), indicating no observed exploitation activity yet.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-13827 HIGH PATCH This Week

Local privilege escalation in Google Chrome's Updater component on macOS versions prior to 150.0.7871.47 lets an attacker abuse a use-after-free (CWE-416) via a malicious file to gain the elevated privileges under which the updater runs. Google rates the Chromium severity as High, and the CVSS 3.1 base score is 7.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS is low at 0.13% (3rd percentile), consistent with the SSVC exploitation status of 'none'.

Memory Corruption Google Denial Of Service Use After Free Privilege Escalation +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.1%
CVE-2026-13823 HIGH PATCH This Week

Use after free in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13821 HIGH PATCH This Week

Remote code execution in Google Chrome desktop versions prior to 150.0.7871.47 stems from a use-after-free in the Canvas component, letting a remote attacker run arbitrary code within the renderer sandbox when a victim opens a crafted HTML page. The flaw carries a CVSS 8.8 (High) rating and requires user interaction (visiting a malicious page), but no authentication. There is no public exploit identified at time of analysis, and EPSS is low at 0.26% (17th percentile).

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13815 HIGH PATCH This Week

Remote code execution in Google Chrome's Blink rendering engine (versions prior to 150.0.7871.47) allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High by Chromium and 8.8 (CVSS 3.1); it requires user interaction (visiting a malicious page) and no privileges. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, with a low EPSS of 0.26% (17th percentile).

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13814 HIGH PATCH This Week

Heap corruption via a use-after-free in the Views UI component of Google Chrome allows a remote attacker who serves a crafted HTML page and lures a user into performing specific UI gestures to potentially execute code in the browser process. All desktop Chrome builds prior to 150.0.7871.47 are affected; Google rates the Chromium severity as High and has shipped a fix. No public exploit identified at time of analysis, and EPSS is low (0.21%, 11th percentile).

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-13811 HIGH PATCH This Week

Renderer-process remote code execution in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Input Method Editor (IME) component, letting a remote attacker run arbitrary code within the browser's sandbox when a victim visits a crafted HTML page. Rated High by Chromium and CVSS 8.8, it requires user interaction (visiting a page) but no authentication. No public exploit identified at time of analysis, and the EPSS score is low (0.26%, 17th percentile), indicating no evidence of widespread exploitation yet.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13807 HIGH PATCH This Week

Remote code execution in Google Chrome on iOS prior to 150.0.7871.47 stems from a use-after-free in the browser's Import component, allowing a remote attacker who lures a victim into opening a malicious file and performing specific UI gestures to execute arbitrary code. Rated High by Chromium and CVSS 7.5, the flaw has no public exploit identified at time of analysis and a low EPSS of 0.24% (15th percentile), consistent with its high attack complexity and required user interaction. A vendor patch is available in the June 2026 Stable channel update.

Memory Corruption Google Apple Denial Of Service Use After Free +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.2%
CVE-2026-13805 HIGH PATCH This Week

Remote code execution in Google Chrome for macOS prior to 150.0.7871.47 stems from a use-after-free in the GFX (graphics) component, allowing a remote attacker to run arbitrary code after a victim opens a crafted HTML page. Chromium rates the severity High and the CVSS is 8.8, but exploitation requires user interaction (visiting a malicious page). There is no public exploit identified at time of analysis and EPSS is low (0.26%, 17th percentile), indicating no observed weaponization yet.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13804 HIGH PATCH This Week

Sandbox escape in Google Chrome's Chromecast component (versions before 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the browser sandbox and reach the host via a crafted HTML page. Rooted in a use-after-free (CWE-416) memory-corruption bug rated High by Chromium, it carries a CVSS 8.3 driven by a scope change and full CIA impact, but requires a pre-existing renderer compromise, high attack complexity, and user interaction. No public exploit identified at time of analysis, and the low EPSS (0.21%) plus SSVC 'exploitation: none' indicate it is not currently being exploited.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13803 HIGH PATCH This Week

Sandbox escape in Google Chrome desktop before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process escalate out of the sandbox via a crafted HTML page that triggers a type-confusion bug (CWE-843) in the Tabs component. Exploitation is gated behind prior renderer compromise and user interaction, and the flaw is rated High by Chromium with a CVSS 8.3 due to scope change and total impact. There is no public exploit identified at time of analysis, EPSS is low (0.23%, 13th percentile), and CISA SSVC lists exploitation as none.

Memory Corruption Information Disclosure Google Suse
NVD VulDB
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-13802 HIGH PATCH This Week

Remote code execution in Google Chrome (Views UI component) prior to 150.0.7871.47 allows a remote attacker to execute arbitrary code by luring a victim to a crafted HTML page and inducing specific UI gestures that trigger a use-after-free. Rated High by Chromium and CVSS 7.5, the flaw is elevated in complexity by its requirement for user interaction, and no public exploit has been identified at time of analysis; EPSS probability is low at 0.26%.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-13799 HIGH PATCH This Week

Heap corruption in Google Chrome's QUIC networking stack (versions prior to 150.0.7871.47) stems from a use-after-free that a remote attacker can trigger through crafted network traffic, potentially leading to arbitrary code execution in the affected browser process. Google rated the Chromium security severity as High and has shipped a fixed Stable-channel build; there is no public exploit identified at time of analysis and CISA's SSVC records exploitation status as 'none'. EPSS is low (0.19%, 9th percentile), indicating no observed weaponization despite a total technical-impact rating.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-13792 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome for macOS versions prior to 150.0.7871.47 stems from a use-after-free in the Touchbar component, letting a remote attacker who lures a victim to a crafted HTML page potentially break out of the renderer sandbox. Reported through Google's internal Chrome security process and rated High by Chromium, it carries a CVSS 9.6 due to scope change and full CIA impact, though there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.21%. SSVC assesses current exploitation as none, indicating this is a patch-now-but-not-panic item.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13789 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's GPU process (versions prior to 150.0.7871.47) lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. Rated High by Chromium and CVSS 9.6 due to a scope-changing (S:C) full-impact outcome, this is a use-after-free (CWE-416) memory-corruption bug. No public exploit identified at time of analysis; EPSS is low (0.21%, 11th percentile) and CISA SSVC lists exploitation as none, so it is a serious-but-not-yet-exploited patch priority.

Memory Corruption Denial Of Service Use After Free Google
NVD VulDB
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13788 HIGH PATCH This Week

Remote code execution in Google Chrome for Android before 150.0.7871.47 stems from a use-after-free in the Fullscreen component, letting a remote attacker who lures a victim to a crafted HTML page corrupt memory and run arbitrary code in the renderer. Chromium rates the flaw Critical, though CVSS scores it 8.8 because exploitation requires the victim to open the malicious page. There is no public exploit identified at time of analysis, and the EPSS probability is low (0.26%, 17th percentile), with CISA SSVC showing no known exploitation.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13787 HIGH PATCH This Week

Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Windows affects all desktop builds prior to 150.0.7871.47, where a use-after-free (CWE-416) lets a remote attacker corrupt memory via malicious network traffic. Google rates the Chromium severity Critical, and a vendor patch is available, but there is no public exploit identified at time of analysis and EPSS is low at 0.24%. High attack complexity (AC:H) means the memory-corruption race is non-trivial to win reliably, tempering the CVSS 8.1 score.

Memory Corruption Google Microsoft Denial Of Service Use After Free +2
NVD VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-13786 HIGH PATCH This Week

Remote code execution in Google Chrome's Ozone platform-abstraction layer prior to 150.0.7871.47 lets a remote attacker execute arbitrary code by luring a victim to a crafted HTML page. The flaw is a use-after-free (CWE-416) rated Critical by Chromium and CVSS 8.8, requiring the victim to visit a malicious page (UI:R) but no privileges. No public exploit has been identified at time of analysis and EPSS probability is low (0.26%), but the memory-corruption class and 'total' technical impact make it a high-priority browser patch.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.8
EPSS
0.3%
CVE-2026-13785 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS before 150.0.7871.47 stems from a use-after-free in the browser's Bluetooth component, letting a remote attacker who lures a user into specific UI gestures on a crafted HTML page corrupt memory and break out of the renderer sandbox. Rated Critical by Chromium and CVSS 9.6, though no public exploit has been identified and EPSS is low (0.22%, 13th percentile). A vendor fix is available and CISA SSVC currently marks exploitation as 'none'.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
9.6
EPSS
0.2%
CVE-2026-13784 HIGH PATCH This Week

Use-after-free in Google Chrome's Views UI framework prior to 150.0.7871.47 lets a remote attacker trigger heap corruption after luring a user to a crafted HTML page and performing specific UI gestures, potentially achieving code execution in the renderer/browser process. Chromium rates the flaw Critical, though the CVSS is 8.8 due to required user interaction. No public exploit identified at time of analysis, and EPSS is low (0.22%, 13th percentile); SSVC lists exploitation as none but technical impact as total.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-13783 HIGH PATCH This Week

Use-after-free in Google Chrome's Views UI framework, fixed in 150.0.7871.47, lets a remote attacker who lures a victim into performing specific UI gestures on a crafted HTML page trigger heap corruption and potentially achieve code execution in the browser process. Chromium rates the flaw Critical, though the CVSS is 8.8 due to required user interaction; there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.22%.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2026-13782 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop versions prior to 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the sandbox and gain broader code execution on the host via a crafted HTML page. Chromium rates the underlying use-after-free as Critical, though there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.21%). A vendor patch is available and the flaw is a classic second-stage chain component rather than a standalone entry point.

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-13779 HIGH PATCH This Week

Remote code execution in Google Chrome on ChromeOS (versions prior to 150.0.7871.47) stems from a use-after-free in the Chromoting (Chrome Remote Desktop) component, letting a remote attacker corrupt memory and execute arbitrary code through malicious network traffic. Google rates the Chromium severity as Critical, and CVSS scores it 8.1 with a high attack complexity. As of this analysis there is no public exploit identified and it is not listed in CISA KEV; EPSS is low at 0.24% (15th percentile), and SSVC records exploitation status as none.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-13778 HIGH PATCH This Week

Local arbitrary code execution in Google Chrome for macOS (versions prior to 150.0.7871.47) stems from a use-after-free in the WebUSB implementation, which Chromium rates Critical. A local attacker who can present a malicious USB peripheral to a victim who authorizes it can corrupt renderer memory and run attacker-controlled code within the browser's context. There is no public exploit identified at time of analysis, and EPSS is low (0.16%, 5th percentile), reflecting limited likelihood of widespread opportunistic exploitation.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
7.8
EPSS
0.2%
CVE-2026-13776 CRITICAL PATCH Act Now

Sandbox escape via type confusion in Google Chrome's Dawn WebGPU implementation allows an attacker who already controls a compromised renderer process to break out of the browser sandbox using a crafted HTML page, affecting all Chrome desktop builds prior to 150.0.7871.47. Rated Critical by Chromium and CVSS 9.8, though the score assumes no prior privilege; realistically it is the second stage of an exploit chain. A vendor patch is available and no public exploit has been identified at time of analysis (EPSS 0.24%, 15th percentile).

Memory Corruption Information Disclosure Google Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-13775 CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop prior to 150.0.7871.47 stems from a use-after-free in the GPU process, letting a remote attacker who has already compromised the renderer break out of the browser sandbox via a crafted HTML page. Google rates the Chromium severity as Critical, and a fix is available in the Stable channel update. There is no public exploit identified at time of analysis, and EPSS exploitation probability is low at 0.22% (13th percentile).

Memory Corruption Denial Of Service Use After Free Google Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.2%
CVE-2026-13774 HIGH PATCH This Week

Arbitrary code execution in Google Chrome desktop versions prior to 150.0.7871.47 stems from a use-after-free flaw in the Extensions component, which Chromium rated Critical severity. An attacker who convinces a victim to install a malicious extension can trigger the dangling-pointer condition through a crafted extension to run arbitrary code in the affected process. There is no public exploit identified at time of analysis, EPSS is low (0.16%, 6th percentile), and CISA/SSVC records no observed exploitation.

Memory Corruption Google Denial Of Service Use After Free RCE +1
NVD VulDB
CVSS 3.1
8.1
EPSS
0.2%
CVE-2026-57585 PyPI HIGH PATCH This Week

Denial of service in the msgpack-python serialization library (versions prior to 1.2.1) lets remote attackers crash a process via an out-of-bounds read when an application reuses an Unpacker instance after a previously raised error was caught. Sending malformed MessagePack data that triggers an error, then feeding further data to the same Unpacker, can drive the process to a SEGV. No public exploit has been identified at time of analysis, and EPSS data was not provided, but the CVSS 3.1 score of 7.5 (availability-only) reflects a straightforward, unauthenticated crash condition.

Memory Corruption Python Use After Free Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.3%
CVE-2026-44628 HIGH CISA Act Now

Denial of service in OFFIS DCMTK's DICOM worklist server (wlmscpfs) allows a remote, unauthenticated attacker to crash the service with a single crafted DICOM query when the server is provisioned with a valid Called AE Title, a storage directory, the expected lockfile, and at least one matching worklist record. The flaw stems from a type-confusion condition (CWE-843) and carries a CVSS 4.0 base score of 8.7 driven entirely by high availability impact (VA:H). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, though it was reported through the ICS-CERT/ICSMA medical-advisory channel.

Memory Corruption Denial Of Service Dcmtk Toolkit
NVD GitHub
CVSS 4.0
8.7
EPSS
0.4%
CVE-2026-10655 MEDIUM PATCH This Month

Use-after-free in Zephyr's asynchronous SNTP client (sntp_close_async, v4.2.0-v4.4.0) can be triggered remotely by any network peer or off-path attacker capable of dropping or delaying UDP NTP responses, exploiting a race between the system workqueue thread and the socket-service poll thread. The most probable outcome is a crash of the networking subsystem thread (denial of service); where the freed net_context pool slot is rapidly reallocated, memory corruption is possible. The vulnerability is on the normal SNTP timeout path, making it reliably and periodically triggerable when NET_CONFIG_SNTP_INIT_RESYNC is enabled. No public exploit code and no CISA KEV listing have been identified at time of analysis.

Memory Corruption Buffer Overflow Denial Of Service Use After Free Zephyr
NVD GitHub
CVSS 3.1
5.9
EPSS
0.2%
CVE-2026-14178 MEDIUM This Month

Heap-use-after-free in openGauss 7.0.0-RC1 and RC2 allows a database user with SQL execution privileges to crash the backend process by crafting a to_timestamp() call with NLS parameters that triggers the seqscan+sort execution path. The nls_fmt_str pointer is stored in session context but allocated within SeqScan's expression memory context, which is freed upon scan completion; subsequent access by timestamp_out() via CheckNlsFormat() dereferences the dangling pointer. The practical impact is denial of service through backend process termination. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.

Memory Corruption Use After Free Information Disclosure Opengauss Server 7 0 0 Rc2 Opengauss Server 7 0 0 Rc1 +1
NVD VulDB
CVSS 3.1
5.9
EPSS
0.4%
CVE-2026-14241 CRITICAL Act Now

Memory-corruption weaknesses in Mozilla Firefox 152.0.3 could allow remote attackers to potentially execute arbitrary code within the browser process. Mozilla graded the collected memory-safety bugs as critical (MFSA2026-62) and states some showed evidence of memory corruption that, with sufficient effort, could be exploited for code execution; there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.14%, 4th percentile). The issue is resolved in Firefox 152.0.4.

Memory Corruption Mozilla Buffer Overflow RCE Suse
NVD VulDB
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-43720 MEDIUM PATCH This Month

Use-after-free memory corruption in Safari's web content rendering engine causes a denial-of-service crash on Apple platforms running Safari, iOS/iPadOS, and macOS Tahoe prior to version 26.5.2. An attacker who can lure a victim to visit a maliciously crafted webpage can reliably crash the Safari browser, with no code execution or data exfiltration indicated by the available CVSS impact scores (C:N/I:N). No public exploit code and no CISA KEV listing have been identified at time of analysis, placing this in the category of a significant but non-critical browser crash vulnerability.

Memory Corruption Apple Denial Of Service Use After Free Ios And Ipados
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2026-43717 MEDIUM PATCH This Month

Use-after-free memory corruption in Safari's web content rendering engine causes an unexpected application crash when processing maliciously crafted web content. Affected are Apple Safari, iOS and iPadOS, and macOS Tahoe - all prior to version 26.5.2. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) confirms that a remote unauthenticated attacker can trigger this condition simply by luring a user to visit a hostile page, with impact limited to availability (process crash/DoS). No public exploit code identified and not listed in CISA KEV at time of analysis; vendor-released patches are available.

Memory Corruption Apple Denial Of Service Use After Free Ios And Ipados
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-43726 MEDIUM PATCH This Month

Use-after-free memory corruption in Apple's WebKit browser engine causes an unexpected process crash when rendering maliciously crafted web content. Safari (all versions prior to 26.5.2), iOS and iPadOS (all versions prior to 26.5.2), and macOS Tahoe (all versions prior to 26.5.2) are affected across Apple's full consumer device ecosystem. No public exploit or CISA KEV listing exists at time of analysis; impact is confirmed as denial-of-service (process crash) only, with no confidentiality or integrity compromise.

Memory Corruption Apple Denial Of Service Use After Free Ios And Ipados
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-43746 MEDIUM PATCH This Month

Use-after-free memory corruption in Safari's web content processing causes an unexpected application crash across Apple platforms. Affected are Safari, iOS, iPadOS, and macOS Tahoe prior to version 26.5.2; exploitation requires only that a user visits or loads maliciously crafted web content, making drive-by delivery via a malicious webpage the primary vector. Impact is confined to availability - a forced Safari crash (denial of service) - with no confirmed confidentiality or integrity consequences. No public exploit code or active exploitation has been identified at time of analysis.

Memory Corruption Apple Denial Of Service Use After Free Ios And Ipados
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2026-43727 MEDIUM PATCH This Month

Use-after-free in Safari's web content processing engine causes denial of service across Apple platforms, affecting Safari, iOS/iPadOS, and macOS prior to the 26.5.2 release line. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) confirms remote, unauthenticated triggering requiring only that a user visit attacker-controlled web content, with impact limited to availability - specifically an unexpected Safari crash. No active exploitation has been confirmed (not listed in CISA KEV), and no public exploit code has been identified at time of analysis.

Memory Corruption Apple Denial Of Service Use After Free Ios And Ipados
NVD
CVSS 3.1
6.5
EPSS
0.2%
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's ANGLE graphics layer (versions prior to 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the renderer sandbox via a crafted HTML page. The flaw is a CWE-787 out-of-bounds read and write; Google's own Chromium team rated the security severity as Low, and there is no public exploit identified at time of analysis. EPSS estimates only a 0.17% (7th percentile) chance of exploitation, and the vulnerability is not listed in CISA KEV.

Memory Corruption Buffer Overflow Google +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Audio in Google Chrome on Linux prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Type confusion in the CSS processing engine of Google Chrome prior to 150.0.7871.47 enables remote attackers to read potentially sensitive data from renderer process memory by delivering a crafted HTML page to a victim. The CVSS vector (AV:N/AC:L/PR:N/UI:R) confirms network delivery with no attacker privileges required, though a single user interaction - visiting the malicious page - is necessary. No public exploit code has been identified, CISA SSVC rates exploitation as none at time of analysis, and Chromium's own team classified severity as Low, suggesting limited practical memory disclosure value despite the NVD CVSS C:H rating.

Memory Corruption Information Disclosure Google +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Linux, fixed in 150.0.7871.47, lets a remote attacker corrupt memory via crafted network traffic and potentially run arbitrary code. The flaw is a CWE-416 use-after-free reported by Google's internal Chrome security team; there is no public exploit identified at time of analysis and it is not in CISA KEV. Note a signal conflict: NVD scores this 9.8 (Critical) while Chromium itself rated the security severity 'Low', and EPSS is only 0.20% (10th percentile).

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Type confusion in Chrome's Bluetooth stack on Windows (versions prior to 150.0.7871.47) enables an adjacent-network attacker to exfiltrate sensitive data from Chrome process memory by presenting a malicious Bluetooth peripheral. The CVSS 6.5 score reflects high confidentiality impact but no integrity or availability exposure; notably, Chromium's internal security team rated this Low severity, suggesting the memory regions accessible are constrained. No public exploit code and no CISA KEV listing exist at time of analysis, and exploitation is physically bounded by Bluetooth range.

Memory Corruption Information Disclosure Microsoft +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome for Windows before 150.0.7871.47 lets an attacker who has already compromised the renderer process abuse a use-after-free in the Updater component via a crafted HTML page to break out of the browser sandbox. It is a second-stage bug that Chromium rated only Low severity despite the CVSS 9.6 score, with no public exploit identified at time of analysis and a low EPSS probability of 0.18% (8th percentile). Google has shipped a fixed Stable-channel build.

Memory Corruption Google Microsoft +3
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Use after free in WebProtect in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in PDFium in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Scheduling component, letting a remote attacker run arbitrary code within the renderer sandbox when a victim opens a crafted HTML page. There is no public exploit identified at time of analysis and the vulnerability is not in CISA KEV; EPSS is low at 0.21% (12th percentile). Google rates the Chromium security severity as Low despite the NVD CVSS of 8.8, reflecting that code execution is confined to the sandbox rather than the host.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free in Chrome's SSL handling on ChromeOS exposes process memory contents to remote attackers who can serve a crafted HTML page. Only ChromeOS builds of Chrome prior to 150.0.7871.47 are affected - this is not a cross-platform flaw. SSVC rates exploitation status as none and technical impact as partial, and Chromium's own severity classification is Low, making this a routine patch-cycle priority rather than an emergency response item despite the CVSS 6.5 score.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption via use-after-free in Google Chrome's Passwords component affects all desktop builds prior to 150.0.7871.47, letting a remote attacker who lures a victim to a crafted HTML page potentially achieve memory corruption and code execution in the renderer. The CVSS 3.1 vector (8.8) requires user interaction (visiting the page) but no privileges or authentication. No public exploit identified at time of analysis, and the low EPSS score (0.17%, 7th percentile) plus Chromium's own 'Low' severity rating suggest limited real-world exploitation likelihood despite the high CVSS.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Apple +3
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use after free in Installer in Google Chrome on Windows prior to 150.0.7871.47 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Low)

Memory Corruption Google Microsoft +4
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Cast component (versions prior to 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page, exploiting a use-after-free (CWE-416) memory-corruption bug. Google's Chromium team rated the security severity as Low, and while NVD assigns a 9.6 CVSS reflecting full sandbox-escape impact, exploitation is gated behind a pre-existing renderer compromise. No public exploit was identified at time of analysis, EPSS is very low at 0.17% (7th percentile), and there is no CISA KEV listing.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in DevTools in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Apple +4
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Use after free in PageInfo in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free in Chrome's Chromecast component exposes process memory to attackers on the same local network segment via a malicious peripheral, affecting all Chrome versions prior to 150.0.7871.47. The vulnerability carries a CVSS 3.1 score of 6.5 with high confidentiality impact (C:H), meaning successful exploitation leaks potentially sensitive data from the Chrome process heap. No public exploit or CISA KEV listing is identified at time of analysis, and Google has released a patch in the stable channel.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's ANGLE graphics layer (versions prior to 150.0.7871.47) lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) and is second-stage: it is not directly exploitable from the open web without a prior renderer compromise. No public exploit has been identified at time of analysis, and its EPSS exploitation probability is low (0.17%, 7th percentile); notably, Google rated the Chromium security severity as Low despite the NVD CVSS of 9.6.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's GetUserMedia (media capture) implementation before version 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. The flaw is a use-after-free (CWE-416) reported by Google's own security team; despite an NVD CVSS of 9.6, Chromium rates its severity Low, and there is no public exploit identified at time of analysis with an EPSS of only 0.17% (7th percentile).

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's BrowserTag component affects all desktop builds prior to 150.0.7871.47, where a use-after-free (CWE-416) can be triggered by a crafted Chrome extension. An attacker who convinces a victim to install a malicious extension can potentially exploit the freed-memory condition to corrupt the heap and execute code. No public exploit identified at time of analysis, and EPSS is low (0.12%, 2nd percentile), consistent with the Chromium team's own 'Low' severity rating despite the NVD CVSS of 8.8.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Low)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use-after-free in Google Chrome's SignIn component (versions prior to 150.0.7871.47) allows a remote attacker to trigger heap corruption and potentially achieve code execution after luring a victim to a crafted HTML page and performing specific UI gestures. No public exploit was identified at time of analysis, and with an EPSS of 0.17% (7th percentile) and Chromium-rated 'Low' severity, near-term mass exploitation appears unlikely despite the high 8.8 CVSS. The flaw is patched in the current stable channel and is not listed in CISA KEV.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome's Views UI framework on macOS (versions before 150.0.7871.47) lets a remote attacker who lures a victim to a crafted HTML page and coaxes them into specific UI gestures trigger a use-after-free, potentially achieving code execution in the renderer. Google rates the Chromium severity as Low, but the NVD CVSS is 8.8 (High), and no public exploit has been identified at time of analysis. EPSS is low at 0.21% (11th percentile), and the flaw is not in CISA KEV.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use-after-free in Google Chrome's Ozone component on Linux prior to 150.0.7871.47 lets a remote attacker trigger heap corruption after luring a user to a crafted HTML page and inducing specific UI gestures. Rated CVSS 8.8 with high confidentiality, integrity and availability impact, it is patched in the stable channel but requires user interaction (UI:R). No public exploit is identified at time of analysis and EPSS exploitation probability is low (0.21%, 11th percentile), and Google classifies the Chromium severity as Medium.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Google Chrome's Updater component on Windows (versions prior to 150.0.7871.47) allows a local attacker to escalate to OS-level privileges via a malicious file that triggers a use-after-free condition. Google rates the Chromium security severity as Medium, though the CVSS base score is 7.8 (High) because the Updater runs with elevated (SYSTEM) privileges. There is no public exploit identified at time of analysis and EPSS is very low (0.11%, 1st percentile), indicating negligible observed exploitation activity.

Memory Corruption Google Microsoft +4
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Navigation in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Omnibox in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's V8 JavaScript engine (versions prior to 150.0.7871.47) allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. Exploitation requires user interaction (visiting a malicious page) but no authentication, and the flaw carries a CVSS 8.8 with high confidentiality, integrity, and availability impact. There is no public exploit identified at time of analysis and EPSS is low (0.30%, 22nd percentile), indicating no evidence of widespread exploitation despite the high CVSS.

Memory Corruption RCE Buffer Overflow +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Oilpan in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Apple +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Heap corruption in Google Chrome for iOS before 150.0.7871.47 lets a remote attacker who lures a user through specific in-page UI gestures on a crafted HTML page trigger a use-after-free (CWE-416), potentially leading to arbitrary code execution in the renderer. Rated Medium by the Chromium security team but scored CVSS 8.8 due to full confidentiality/integrity/availability impact; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS is low at 0.21% (11th percentile), consistent with a freshly patched browser bug that has no known weaponization.

Memory Corruption Google Apple +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use after free in HTML in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandboxed remote code execution in Google Chrome's Cast Receiver component affects all desktop builds prior to 150.0.7871.47, where a use-after-free (CWE-416) can be triggered by luring a victim to a crafted HTML page. Google rates the Chromium severity as Medium because the resulting code execution is confined to the browser sandbox, though NVD scores it CVSS 8.8; there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.27% (18th percentile).

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use-after-free in the Extensions component of Google Chrome before 150.0.7871.47 lets a remote attacker execute arbitrary code within the renderer sandbox when a victim opens a crafted HTML page. Chromium rated the security severity Medium, though the associated CVSS score is 8.8 (High) due to network vector and high impact; there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.26%. Google has shipped a fixed Stable channel build.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandboxed remote code execution in Google Chrome for Android before 150.0.7871.47, stemming from a use-after-free in the Skia graphics library, lets a remote attacker run arbitrary code within the renderer sandbox by luring a victim to a crafted HTML page. Google rated the Chromium security severity as Medium, and no public exploit has been identified at time of analysis; the EPSS score is low (0.26%, 17th percentile), and the bug is not on CISA KEV. Exploitation requires user interaction (visiting the malicious page) but no authentication.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Type Confusion in ANGLE in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Information Disclosure Google +1
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use after free in USB in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free in Google Chrome's Bluetooth subsystem (all versions prior to 150.0.7871.47) enables an unauthenticated attacker within Bluetooth radio range to leak sensitive data from Chrome's process memory by operating a malicious Bluetooth peripheral. The CVSS vector (AV:A/PR:N/UI:N/C:H) confirms no attacker-side authentication is required and impact is confidentiality-only, with no integrity or availability loss. No public exploit code has been identified at time of analysis and CISA has not listed this in KEV; the Chromium security team rated this Medium severity, consistent with the bounded adjacency-only attack vector.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Use after free in Bluetooth in Google Chrome on Mac prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Out-of-bounds read in Chrome's Layout engine prior to 150.0.7871.47 allows remote attackers to leak potentially sensitive data from the renderer process memory by serving a crafted HTML page. User interaction is required - the victim must visit the malicious page - limiting automated mass exploitation. No public exploit code has been identified at time of analysis, and CISA SSVC rates exploitation status as none with partial technical impact, placing real-world urgency below what the CVSS 6.5 score alone might suggest.

Memory Corruption Buffer Overflow Google +1
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Sandboxed remote code execution in the WebView component of Google Chrome for Android before 150.0.7871.47 lets a remote attacker run arbitrary code within the renderer sandbox when a victim loads a crafted HTML page. Rated CVSS 8.8 (network vector, no privileges, requires user interaction), the flaw is a CWE-416 use-after-free, but code execution is confined to the sandbox and would require a separate escape to reach the host. No public exploit identified at time of analysis, and EPSS is low at 0.26% (17th percentile), indicating limited near-term mass-exploitation pressure despite the high base score.

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's Device component on Windows (versions prior to 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page, exploiting a use-after-free (CWE-416). Google rates the Chromium security severity as Medium, reflecting that it is a second-stage bug requiring prior renderer compromise, though the NVD CVSS of 9.6 is inflated by the sandbox scope change. There is no public exploit identified at time of analysis and EPSS is low (0.21%), indicating no current sign of widespread exploitation.

Memory Corruption Google Microsoft +3
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome before 150.0.7871.47 lets an attacker who has already compromised the renderer process break out of the browser sandbox and reach the host via a crafted HTML page, exploiting a use-after-free (CWE-416) in the Core component. Google-assigned Chromium severity is Medium, though the NVD CVSS is 9.6 due to the cross-boundary scope change. No public exploit identified at time of analysis, and EPSS is low (0.21%, 11th percentile), indicating it is not yet a mass-exploitation target.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote code execution in Google Chrome on Linux (versions prior to 150.0.7871.47) stems from a use-after-free in the Ozone platform layer, allowing a remote attacker who lures a victim into performing specific UI gestures on a crafted HTML page to execute arbitrary code in the browser context. Rated High by Chromium and CVSS 7.5, exploitation is gated by required user interaction and high attack complexity. There is no public exploit identified at time of analysis, and the EPSS probability is low at 0.26% (17th percentile).

Memory Corruption Google Denial Of Service +3
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on Linux (versions prior to 150.0.7871.47) stems from a use-after-free in Ozone, Chrome's platform abstraction layer for windowing and graphics. An attacker who has already compromised the renderer process can leverage a crafted HTML page to break out of the browser sandbox and gain code execution at the higher-privileged browser-process level. There is no public exploit identified at time of analysis, and the EPSS score is low (0.21%, 11th percentile), consistent with a second-stage bug that requires a prior renderer compromise rather than a directly weaponizable single-shot flaw.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Journeys (browsing history) component, allowing a remote attacker who has already compromised the renderer process to break out of the sandbox and gain broader code execution on the host via a crafted HTML page. Rated High severity by Chromium and CVSS 9.6, a fix is available from vendor; no public exploit identified at time of analysis and EPSS exploitation probability is low (0.21%, 11th percentile). Exploitation is meaningful only as the second stage of a chain, since it presupposes prior renderer compromise.

Memory Corruption Denial Of Service Use After Free +2
NVD
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Forms component, letting a remote attacker who lures a victim to a crafted HTML page corrupt memory and execute arbitrary code within the browser's renderer sandbox. Chromium rates the flaw High severity, CVSS 8.8, requiring only that the user visit a malicious page; there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.26%, 17th percentile). A vendor patch is available in the June 2026 Stable channel release.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome for macOS before 150.0.7871.47 lets an attacker who has already compromised the renderer process break out of the browser sandbox by exploiting a use-after-free in the USB subsystem via a crafted HTML page. Rated High by Chromium and CVSS 9.6, it functions as a second-stage escalation primitive rather than a standalone entry point. There is no public exploit identified at time of analysis, and EPSS is low at 0.21% (11th percentile).

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Arbitrary code execution in Google Chrome's DOM implementation lets a remote attacker run code within the renderer sandbox by luring a victim to a crafted HTML page. All desktop Chrome builds before 150.0.7871.47 are affected; Chromium rates the flaw High severity. No public exploit has been identified and EPSS probability is low (0.26%), but the vendor patch is already available and should be applied promptly.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local OS-level privilege escalation in Google Chrome on Windows (versions prior to 150.0.7871.47) arises from a use-after-free in the Chrome Updater component, letting a local attacker who can plant a malicious file on the system elevate to higher OS privileges. Google rates the Chromium severity as High and has released a fixed Stable channel build; there is no public exploit identified and it is not listed in CISA KEV. EPSS is low at 0.13% (3rd percentile), consistent with a bug that requires local access and user interaction rather than mass remote exploitation.

Memory Corruption Google Microsoft +4
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome's Headless component (versions prior to 150.0.7871.47) lets a remote attacker who has already compromised the renderer process break out of the browser sandbox by serving a crafted HTML page. Rated High by Chromium and CVSS 8.3, it is a CWE-416 use-after-free with no public exploit identified at time of analysis; EPSS is low at 0.21% (11th percentile) and CISA SSVC records no known exploitation.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Out-of-bounds read/write (use-after-free) in Google Chrome's GPU component lets a remote attacker who has already compromised the renderer process run arbitrary code - though still confined inside the sandbox - by serving a crafted HTML page to a Chrome build prior to 150.0.7871.47. Google rates the Chromium severity High and has shipped a fixed Stable-channel build; there is no public exploit identified at time of analysis and EPSS puts near-term exploitation probability at just 0.26%.

Memory Corruption Google Buffer Overflow +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Linux allows an adjacent-network attacker to run arbitrary code by sending malicious network traffic to a vulnerable client before version 150.0.7871.47. The flaw is a use-after-free memory-corruption issue rated High by Chromium and carries a CVSS 8.8. There is no public exploit identified at time of analysis, it is not in CISA KEV, and EPSS is low (0.24%, 15th percentile), indicating no observed exploitation activity yet.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local privilege escalation in Google Chrome's Updater component on macOS versions prior to 150.0.7871.47 lets an attacker abuse a use-after-free (CWE-416) via a malicious file to gain the elevated privileges under which the updater runs. Google rates the Chromium severity as High, and the CVSS 3.1 base score is 7.8; there is no public exploit identified at time of analysis and it is not listed in CISA KEV. EPSS is low at 0.13% (3rd percentile), consistent with the SSVC exploitation status of 'none'.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Use after free in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome desktop versions prior to 150.0.7871.47 stems from a use-after-free in the Canvas component, letting a remote attacker run arbitrary code within the renderer sandbox when a victim opens a crafted HTML page. The flaw carries a CVSS 8.8 (High) rating and requires user interaction (visiting a malicious page), but no authentication. There is no public exploit identified at time of analysis, and EPSS is low at 0.26% (17th percentile).

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's Blink rendering engine (versions prior to 150.0.7871.47) allows a remote attacker to run arbitrary code inside the renderer sandbox by luring a victim to a crafted HTML page. The flaw is a use-after-free (CWE-416) rated High by Chromium and 8.8 (CVSS 3.1); it requires user interaction (visiting a malicious page) and no privileges. There is no public exploit identified at time of analysis and it is not listed in CISA KEV, with a low EPSS of 0.26% (17th percentile).

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Heap corruption via a use-after-free in the Views UI component of Google Chrome allows a remote attacker who serves a crafted HTML page and lures a user into performing specific UI gestures to potentially execute code in the browser process. All desktop Chrome builds prior to 150.0.7871.47 are affected; Google rates the Chromium severity as High and has shipped a fix. No public exploit identified at time of analysis, and EPSS is low (0.21%, 11th percentile).

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Renderer-process remote code execution in Google Chrome desktop before 150.0.7871.47 stems from a use-after-free in the Input Method Editor (IME) component, letting a remote attacker run arbitrary code within the browser's sandbox when a victim visits a crafted HTML page. Rated High by Chromium and CVSS 8.8, it requires user interaction (visiting a page) but no authentication. No public exploit identified at time of analysis, and the EPSS score is low (0.26%, 17th percentile), indicating no evidence of widespread exploitation yet.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote code execution in Google Chrome on iOS prior to 150.0.7871.47 stems from a use-after-free in the browser's Import component, allowing a remote attacker who lures a victim into opening a malicious file and performing specific UI gestures to execute arbitrary code. Rated High by Chromium and CVSS 7.5, the flaw has no public exploit identified at time of analysis and a low EPSS of 0.24% (15th percentile), consistent with its high attack complexity and required user interaction. A vendor patch is available in the June 2026 Stable channel update.

Memory Corruption Google Apple +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome for macOS prior to 150.0.7871.47 stems from a use-after-free in the GFX (graphics) component, allowing a remote attacker to run arbitrary code after a victim opens a crafted HTML page. Chromium rates the severity High and the CVSS is 8.8, but exploitation requires user interaction (visiting a malicious page). There is no public exploit identified at time of analysis and EPSS is low (0.26%, 17th percentile), indicating no observed weaponization yet.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome's Chromecast component (versions before 150.0.7871.47) lets an attacker who has already compromised the renderer process break out of the browser sandbox and reach the host via a crafted HTML page. Rooted in a use-after-free (CWE-416) memory-corruption bug rated High by Chromium, it carries a CVSS 8.3 driven by a scope change and full CIA impact, but requires a pre-existing renderer compromise, high attack complexity, and user interaction. No public exploit identified at time of analysis, and the low EPSS (0.21%) plus SSVC 'exploitation: none' indicate it is not currently being exploited.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.3
HIGH PATCH This Week

Sandbox escape in Google Chrome desktop before 150.0.7871.47 lets a remote attacker who has already compromised the renderer process escalate out of the sandbox via a crafted HTML page that triggers a type-confusion bug (CWE-843) in the Tabs component. Exploitation is gated behind prior renderer compromise and user interaction, and the flaw is rated High by Chromium with a CVSS 8.3 due to scope change and total impact. There is no public exploit identified at time of analysis, EPSS is low (0.23%, 13th percentile), and CISA SSVC lists exploitation as none.

Memory Corruption Information Disclosure Google +1
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Remote code execution in Google Chrome (Views UI component) prior to 150.0.7871.47 allows a remote attacker to execute arbitrary code by luring a victim to a crafted HTML page and inducing specific UI gestures that trigger a use-after-free. Rated High by Chromium and CVSS 7.5, the flaw is elevated in complexity by its requirement for user interaction, and no public exploit has been identified at time of analysis; EPSS probability is low at 0.26%.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Heap corruption in Google Chrome's QUIC networking stack (versions prior to 150.0.7871.47) stems from a use-after-free that a remote attacker can trigger through crafted network traffic, potentially leading to arbitrary code execution in the affected browser process. Google rated the Chromium security severity as High and has shipped a fixed Stable-channel build; there is no public exploit identified at time of analysis and CISA's SSVC records exploitation status as 'none'. EPSS is low (0.19%, 9th percentile), indicating no observed weaponization despite a total technical-impact rating.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome for macOS versions prior to 150.0.7871.47 stems from a use-after-free in the Touchbar component, letting a remote attacker who lures a victim to a crafted HTML page potentially break out of the renderer sandbox. Reported through Google's internal Chrome security process and rated High by Chromium, it carries a CVSS 9.6 due to scope change and full CIA impact, though there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.21%. SSVC assesses current exploitation as none, indicating this is a patch-now-but-not-panic item.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome's GPU process (versions prior to 150.0.7871.47) lets a remote attacker who has already compromised the renderer process break out of the browser sandbox via a crafted HTML page. Rated High by Chromium and CVSS 9.6 due to a scope-changing (S:C) full-impact outcome, this is a use-after-free (CWE-416) memory-corruption bug. No public exploit identified at time of analysis; EPSS is low (0.21%, 11th percentile) and CISA SSVC lists exploitation as none, so it is a serious-but-not-yet-exploited patch priority.

Memory Corruption Denial Of Service Use After Free +1
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome for Android before 150.0.7871.47 stems from a use-after-free in the Fullscreen component, letting a remote attacker who lures a victim to a crafted HTML page corrupt memory and run arbitrary code in the renderer. Chromium rates the flaw Critical, though CVSS scores it 8.8 because exploitation requires the victim to open the malicious page. There is no public exploit identified at time of analysis, and the EPSS probability is low (0.26%, 17th percentile), with CISA SSVC showing no known exploitation.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Remote code execution in Google Chrome's Chromoting (Chrome Remote Desktop) component on Windows affects all desktop builds prior to 150.0.7871.47, where a use-after-free (CWE-416) lets a remote attacker corrupt memory via malicious network traffic. Google rates the Chromium severity Critical, and a vendor patch is available, but there is no public exploit identified at time of analysis and EPSS is low at 0.24%. High attack complexity (AC:H) means the memory-corruption race is non-trivial to win reliably, tempering the CVSS 8.1 score.

Memory Corruption Google Microsoft +4
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Remote code execution in Google Chrome's Ozone platform-abstraction layer prior to 150.0.7871.47 lets a remote attacker execute arbitrary code by luring a victim to a crafted HTML page. The flaw is a use-after-free (CWE-416) rated Critical by Chromium and CVSS 8.8, requiring the victim to visit a malicious page (UI:R) but no privileges. No public exploit has been identified at time of analysis and EPSS probability is low (0.26%), but the memory-corruption class and 'total' technical impact make it a high-priority browser patch.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 9.6
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome on macOS before 150.0.7871.47 stems from a use-after-free in the browser's Bluetooth component, letting a remote attacker who lures a user into specific UI gestures on a crafted HTML page corrupt memory and break out of the renderer sandbox. Rated Critical by Chromium and CVSS 9.6, though no public exploit has been identified and EPSS is low (0.22%, 13th percentile). A vendor fix is available and CISA SSVC currently marks exploitation as 'none'.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use-after-free in Google Chrome's Views UI framework prior to 150.0.7871.47 lets a remote attacker trigger heap corruption after luring a user to a crafted HTML page and performing specific UI gestures, potentially achieving code execution in the renderer/browser process. Chromium rates the flaw Critical, though the CVSS is 8.8 due to required user interaction. No public exploit identified at time of analysis, and EPSS is low (0.22%, 13th percentile); SSVC lists exploitation as none but technical impact as total.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.8
HIGH PATCH This Week

Use-after-free in Google Chrome's Views UI framework, fixed in 150.0.7871.47, lets a remote attacker who lures a victim into performing specific UI gestures on a crafted HTML page trigger heap corruption and potentially achieve code execution in the browser process. Chromium rates the flaw Critical, though the CVSS is 8.8 due to required user interaction; there is no public exploit identified at time of analysis and EPSS exploitation probability is low at 0.22%.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 10.0
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop versions prior to 150.0.7871.47 lets a remote attacker who has already compromised the renderer process break out of the sandbox and gain broader code execution on the host via a crafted HTML page. Chromium rates the underlying use-after-free as Critical, though there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.21%). A vendor patch is available and the flaw is a classic second-stage chain component rather than a standalone entry point.

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Remote code execution in Google Chrome on ChromeOS (versions prior to 150.0.7871.47) stems from a use-after-free in the Chromoting (Chrome Remote Desktop) component, letting a remote attacker corrupt memory and execute arbitrary code through malicious network traffic. Google rates the Chromium severity as Critical, and CVSS scores it 8.1 with a high attack complexity. As of this analysis there is no public exploit identified and it is not listed in CISA KEV; EPSS is low at 0.24% (15th percentile), and SSVC records exploitation status as none.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Local arbitrary code execution in Google Chrome for macOS (versions prior to 150.0.7871.47) stems from a use-after-free in the WebUSB implementation, which Chromium rates Critical. A local attacker who can present a malicious USB peripheral to a victim who authorizes it can corrupt renderer memory and run attacker-controlled code within the browser's context. There is no public exploit identified at time of analysis, and EPSS is low (0.16%, 5th percentile), reflecting limited likelihood of widespread opportunistic exploitation.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Sandbox escape via type confusion in Google Chrome's Dawn WebGPU implementation allows an attacker who already controls a compromised renderer process to break out of the browser sandbox using a crafted HTML page, affecting all Chrome desktop builds prior to 150.0.7871.47. Rated Critical by Chromium and CVSS 9.8, though the score assumes no prior privilege; realistically it is the second stage of an exploit chain. A vendor patch is available and no public exploit has been identified at time of analysis (EPSS 0.24%, 15th percentile).

Memory Corruption Information Disclosure Google +1
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

Sandbox escape in Google Chrome desktop prior to 150.0.7871.47 stems from a use-after-free in the GPU process, letting a remote attacker who has already compromised the renderer break out of the browser sandbox via a crafted HTML page. Google rates the Chromium severity as Critical, and a fix is available in the Stable channel update. There is no public exploit identified at time of analysis, and EPSS exploitation probability is low at 0.22% (13th percentile).

Memory Corruption Denial Of Service Use After Free +2
NVD VulDB
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Arbitrary code execution in Google Chrome desktop versions prior to 150.0.7871.47 stems from a use-after-free flaw in the Extensions component, which Chromium rated Critical severity. An attacker who convinces a victim to install a malicious extension can trigger the dangling-pointer condition through a crafted extension to run arbitrary code in the affected process. There is no public exploit identified at time of analysis, EPSS is low (0.16%, 6th percentile), and CISA/SSVC records no observed exploitation.

Memory Corruption Google Denial Of Service +3
NVD VulDB
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Denial of service in the msgpack-python serialization library (versions prior to 1.2.1) lets remote attackers crash a process via an out-of-bounds read when an application reuses an Unpacker instance after a previously raised error was caught. Sending malformed MessagePack data that triggers an error, then feeding further data to the same Unpacker, can drive the process to a SEGV. No public exploit has been identified at time of analysis, and EPSS data was not provided, but the CVSS 3.1 score of 7.5 (availability-only) reflects a straightforward, unauthenticated crash condition.

Memory Corruption Python Use After Free +1
NVD GitHub VulDB
EPSS 0% CVSS 8.7
HIGH Act Now

Denial of service in OFFIS DCMTK's DICOM worklist server (wlmscpfs) allows a remote, unauthenticated attacker to crash the service with a single crafted DICOM query when the server is provisioned with a valid Called AE Title, a storage directory, the expected lockfile, and at least one matching worklist record. The flaw stems from a type-confusion condition (CWE-843) and carries a CVSS 4.0 base score of 8.7 driven entirely by high availability impact (VA:H). There is no public exploit identified at time of analysis, and it is not listed in CISA KEV, though it was reported through the ICS-CERT/ICSMA medical-advisory channel.

Memory Corruption Denial Of Service Dcmtk Toolkit
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM PATCH This Month

Use-after-free in Zephyr's asynchronous SNTP client (sntp_close_async, v4.2.0-v4.4.0) can be triggered remotely by any network peer or off-path attacker capable of dropping or delaying UDP NTP responses, exploiting a race between the system workqueue thread and the socket-service poll thread. The most probable outcome is a crash of the networking subsystem thread (denial of service); where the freed net_context pool slot is rapidly reallocated, memory corruption is possible. The vulnerability is on the normal SNTP timeout path, making it reliably and periodically triggerable when NET_CONFIG_SNTP_INIT_RESYNC is enabled. No public exploit code and no CISA KEV listing have been identified at time of analysis.

Memory Corruption Buffer Overflow Denial Of Service +2
NVD GitHub
EPSS 0% CVSS 5.9
MEDIUM This Month

Heap-use-after-free in openGauss 7.0.0-RC1 and RC2 allows a database user with SQL execution privileges to crash the backend process by crafting a to_timestamp() call with NLS parameters that triggers the seqscan+sort execution path. The nls_fmt_str pointer is stored in session context but allocated within SeqScan's expression memory context, which is freed upon scan completion; subsequent access by timestamp_out() via CheckNlsFormat() dereferences the dangling pointer. The practical impact is denial of service through backend process termination. No public exploit code or active exploitation (CISA KEV) has been identified at time of analysis.

Memory Corruption Use After Free Information Disclosure +3
NVD VulDB
EPSS 0% CVSS 9.8
CRITICAL Act Now

Memory-corruption weaknesses in Mozilla Firefox 152.0.3 could allow remote attackers to potentially execute arbitrary code within the browser process. Mozilla graded the collected memory-safety bugs as critical (MFSA2026-62) and states some showed evidence of memory corruption that, with sufficient effort, could be exploited for code execution; there is no public exploit identified at time of analysis and EPSS exploitation probability is low (0.14%, 4th percentile). The issue is resolved in Firefox 152.0.4.

Memory Corruption Mozilla Buffer Overflow +2
NVD VulDB
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free memory corruption in Safari's web content rendering engine causes a denial-of-service crash on Apple platforms running Safari, iOS/iPadOS, and macOS Tahoe prior to version 26.5.2. An attacker who can lure a victim to visit a maliciously crafted webpage can reliably crash the Safari browser, with no code execution or data exfiltration indicated by the available CVSS impact scores (C:N/I:N). No public exploit code and no CISA KEV listing have been identified at time of analysis, placing this in the category of a significant but non-critical browser crash vulnerability.

Memory Corruption Apple Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free memory corruption in Safari's web content rendering engine causes an unexpected application crash when processing maliciously crafted web content. Affected are Apple Safari, iOS and iPadOS, and macOS Tahoe - all prior to version 26.5.2. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) confirms that a remote unauthenticated attacker can trigger this condition simply by luring a user to visit a hostile page, with impact limited to availability (process crash/DoS). No public exploit code identified and not listed in CISA KEV at time of analysis; vendor-released patches are available.

Memory Corruption Apple Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free memory corruption in Apple's WebKit browser engine causes an unexpected process crash when rendering maliciously crafted web content. Safari (all versions prior to 26.5.2), iOS and iPadOS (all versions prior to 26.5.2), and macOS Tahoe (all versions prior to 26.5.2) are affected across Apple's full consumer device ecosystem. No public exploit or CISA KEV listing exists at time of analysis; impact is confirmed as denial-of-service (process crash) only, with no confidentiality or integrity compromise.

Memory Corruption Apple Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free memory corruption in Safari's web content processing causes an unexpected application crash across Apple platforms. Affected are Safari, iOS, iPadOS, and macOS Tahoe prior to version 26.5.2; exploitation requires only that a user visits or loads maliciously crafted web content, making drive-by delivery via a malicious webpage the primary vector. Impact is confined to availability - a forced Safari crash (denial of service) - with no confirmed confidentiality or integrity consequences. No public exploit code or active exploitation has been identified at time of analysis.

Memory Corruption Apple Denial Of Service +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

Use-after-free in Safari's web content processing engine causes denial of service across Apple platforms, affecting Safari, iOS/iPadOS, and macOS prior to the 26.5.2 release line. The CVSS vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) confirms remote, unauthenticated triggering requiring only that a user visit attacker-controlled web content, with impact limited to availability - specifically an unexpected Safari crash. No active exploitation has been confirmed (not listed in CISA KEV), and no public exploit code has been identified at time of analysis.

Memory Corruption Apple Denial Of Service +2
NVD
Prev Page 4 of 170 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy