CVE-2026-8517
- EPSS 0.5%
- Veröffentlicht 14.05.2026 19:52:13
- Zuletzt bearbeitet 19.05.2026 17:24:04
Object lifecycle issue in WebShare in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critic...
CVE-2026-8514
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:12
- Zuletzt bearbeitet 18.05.2026 18:33:10
Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8515
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:12
- Zuletzt bearbeitet 18.05.2026 18:32:26
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8512
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:11
- Zuletzt bearbeitet 18.05.2026 18:33:35
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Criti...
CVE-2026-8513
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:11
- Zuletzt bearbeitet 19.05.2026 17:24:45
Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8510
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:10
- Zuletzt bearbeitet 19.05.2026 17:29:43
Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8511
- EPSS 0.23%
- Veröffentlicht 14.05.2026 19:52:10
- Zuletzt bearbeitet 18.05.2026 18:34:17
Use after free in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8509
- EPSS 0.4%
- Veröffentlicht 14.05.2026 19:52:09
- Zuletzt bearbeitet 18.05.2026 18:34:39
Heap buffer overflow in WebML in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-8021
- EPSS 0.16%
- Veröffentlicht 06.05.2026 18:13:16
- Zuletzt bearbeitet 07.05.2026 15:18:04
Script injection in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-8022
- EPSS 0.15%
- Veröffentlicht 06.05.2026 18:13:16
- Zuletzt bearbeitet 07.05.2026 15:15:31
Inappropriate implementation in MHTML in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted MHTML page. (Chromium security severity: Low)