CVE-2026-8527
- EPSS 0.29%
- Veröffentlicht 14.05.2026 19:52:17
- Zuletzt bearbeitet 18.05.2026 19:42:49
Insufficient validation of untrusted input in Downloads in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8524
- EPSS 0.38%
- Veröffentlicht 14.05.2026 19:52:16
- Zuletzt bearbeitet 18.05.2026 19:43:34
Out of bounds write in WebAudio in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8558
- EPSS 0.28%
- Veröffentlicht 14.05.2026 19:52:16
- Zuletzt bearbeitet 19.05.2026 01:30:54
Out of bounds write in Fonts in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8521
- EPSS 0.16%
- Veröffentlicht 14.05.2026 19:52:15
- Zuletzt bearbeitet 18.05.2026 19:16:03
Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: Critical)
CVE-2026-8522
- EPSS 0.28%
- Veröffentlicht 14.05.2026 19:52:15
- Zuletzt bearbeitet 19.05.2026 17:23:29
Use after free in Downloads in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8523
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:15
- Zuletzt bearbeitet 18.05.2026 19:14:53
Use after free in Mojo in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8518
- EPSS 0.28%
- Veröffentlicht 14.05.2026 19:52:14
- Zuletzt bearbeitet 18.05.2026 19:17:26
Use after free in Blink in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8519
- EPSS 0.23%
- Veröffentlicht 14.05.2026 19:52:14
- Zuletzt bearbeitet 19.05.2026 17:23:48
Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8520
- EPSS 0.17%
- Veröffentlicht 14.05.2026 19:52:14
- Zuletzt bearbeitet 18.05.2026 19:17:03
Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8516
- EPSS 0.22%
- Veröffentlicht 14.05.2026 19:52:13
- Zuletzt bearbeitet 18.05.2026 19:17:58
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a...