CVE-2026-7345
- EPSS 0.24%
- Veröffentlicht 28.04.2026 22:36:06
- Zuletzt bearbeitet 30.04.2026 16:36:06
Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sev...
CVE-2026-7337
- EPSS 0.34%
- Veröffentlicht 28.04.2026 22:36:05
- Zuletzt bearbeitet 30.04.2026 18:28:40
Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7346
- EPSS 0.25%
- Veröffentlicht 28.04.2026 22:36:05
- Zuletzt bearbeitet 30.04.2026 18:28:04
Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7347
- EPSS 0.35%
- Veröffentlicht 28.04.2026 22:36:05
- Zuletzt bearbeitet 30.04.2026 18:27:44
Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security severity: High)
CVE-2026-7336
- EPSS 0.43%
- Veröffentlicht 28.04.2026 22:36:04
- Zuletzt bearbeitet 30.04.2026 18:28:59
Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7335
- EPSS 0.31%
- Veröffentlicht 28.04.2026 22:36:03
- Zuletzt bearbeitet 30.04.2026 18:29:20
Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7348
- EPSS 0.32%
- Veröffentlicht 28.04.2026 22:36:01
- Zuletzt bearbeitet 30.04.2026 18:27:23
Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7349
- EPSS 0.14%
- Veröffentlicht 28.04.2026 22:36:00
- Zuletzt bearbeitet 30.04.2026 16:40:46
Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a sandbox via malicious network traffic. (Chromium security severity: High)
CVE-2026-7350
- EPSS 0.24%
- Veröffentlicht 28.04.2026 22:36:00
- Zuletzt bearbeitet 30.04.2026 16:40:36
Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-7351
- EPSS 0.09%
- Veröffentlicht 28.04.2026 22:35:59
- Zuletzt bearbeitet 30.04.2026 16:40:22
Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: High)