CVE-2026-10884
- EPSS 0.29%
- Veröffentlicht 04.06.2026 23:03:22
- Zuletzt bearbeitet 05.06.2026 17:41:36
Use after free in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-10881
- EPSS 0.39%
- Veröffentlicht 04.06.2026 23:03:21
- Zuletzt bearbeitet 05.06.2026 15:49:03
Out of bounds read and write in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-10019
- EPSS 0.19%
- Veröffentlicht 28.05.2026 22:25:57
- Zuletzt bearbeitet 29.05.2026 18:16:30
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-10020
- EPSS 0.2%
- Veröffentlicht 28.05.2026 22:25:57
- Zuletzt bearbeitet 01.06.2026 18:45:15
Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium secur...
CVE-2026-10021
- EPSS 0.23%
- Veröffentlicht 28.05.2026 22:25:57
- Zuletzt bearbeitet 29.05.2026 17:13:15
Insufficient validation of untrusted input in USB in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-10022
- EPSS 0.15%
- Veröffentlicht 28.05.2026 22:25:57
- Zuletzt bearbeitet 05.06.2026 02:16:49
Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)
CVE-2026-10016
- EPSS 0.25%
- Veröffentlicht 28.05.2026 22:25:56
- Zuletzt bearbeitet 01.06.2026 15:11:17
Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10017
- EPSS 0.19%
- Veröffentlicht 28.05.2026 22:25:56
- Zuletzt bearbeitet 03.06.2026 02:30:29
Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-10018
- EPSS 0.19%
- Veröffentlicht 28.05.2026 22:25:56
- Zuletzt bearbeitet 29.05.2026 18:16:30
Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-10013
- EPSS 0.32%
- Veröffentlicht 28.05.2026 22:25:55
- Zuletzt bearbeitet 01.06.2026 17:22:23
Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)