CVE-2026-8545
- EPSS 0.16%
- Veröffentlicht 14.05.2026 19:52:24
- Zuletzt bearbeitet 19.05.2026 14:53:42
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8546
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:24
- Zuletzt bearbeitet 19.05.2026 16:33:18
Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromiu...
CVE-2026-8541
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:23
- Zuletzt bearbeitet 19.05.2026 14:47:47
Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:...
CVE-2026-8542
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:23
- Zuletzt bearbeitet 19.05.2026 16:32:50
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8543
- EPSS 0.26%
- Veröffentlicht 14.05.2026 19:52:23
- Zuletzt bearbeitet 19.05.2026 16:33:09
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page....
CVE-2026-8538
- EPSS 0.2%
- Veröffentlicht 14.05.2026 19:52:22
- Zuletzt bearbeitet 19.05.2026 01:30:01
Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8539
- EPSS 0.16%
- Veröffentlicht 14.05.2026 19:52:22
- Zuletzt bearbeitet 19.05.2026 16:18:32
Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8540
- EPSS 0.31%
- Veröffentlicht 14.05.2026 19:52:22
- Zuletzt bearbeitet 19.05.2026 01:29:52
Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8536
- EPSS 0.19%
- Veröffentlicht 14.05.2026 19:52:21
- Zuletzt bearbeitet 19.05.2026 16:26:23
Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. (Chromium security severity...
CVE-2026-8537
- EPSS 0.18%
- Veröffentlicht 14.05.2026 19:52:21
- Zuletzt bearbeitet 19.05.2026 01:30:28
Insufficient policy enforcement in ViewTransitions in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)