CVE-2026-10006
- EPSS 0.23%
- Veröffentlicht 28.05.2026 22:25:52
- Zuletzt bearbeitet 29.05.2026 17:18:09
Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10001
- EPSS 0.17%
- Veröffentlicht 28.05.2026 22:25:51
- Zuletzt bearbeitet 29.05.2026 17:40:36
Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10002
- EPSS 0.18%
- Veröffentlicht 28.05.2026 22:25:51
- Zuletzt bearbeitet 29.05.2026 19:16:22
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2026-10003
- EPSS 0.22%
- Veröffentlicht 28.05.2026 22:25:51
- Zuletzt bearbeitet 01.06.2026 15:25:10
Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10000
- EPSS 0.19%
- Veröffentlicht 28.05.2026 22:25:50
- Zuletzt bearbeitet 03.06.2026 02:32:00
Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9998
- EPSS 0.17%
- Veröffentlicht 28.05.2026 22:25:50
- Zuletzt bearbeitet 29.05.2026 20:18:44
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9999
- EPSS 0.23%
- Veröffentlicht 28.05.2026 22:25:50
- Zuletzt bearbeitet 01.06.2026 18:14:19
Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9995
- EPSS 0.3%
- Veröffentlicht 28.05.2026 22:25:49
- Zuletzt bearbeitet 29.05.2026 16:40:56
Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9996
- EPSS 0.19%
- Veröffentlicht 28.05.2026 22:25:49
- Zuletzt bearbeitet 01.06.2026 18:14:44
Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9997
- EPSS 0.18%
- Veröffentlicht 28.05.2026 22:25:49
- Zuletzt bearbeitet 29.05.2026 16:51:15
Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)