CVE-2026-6302
- EPSS 0.33%
- Veröffentlicht 15.04.2026 19:04:49
- Zuletzt bearbeitet 26.05.2026 18:16:54
Use after free in Video in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6300
- EPSS 0.34%
- Veröffentlicht 15.04.2026 19:04:48
- Zuletzt bearbeitet 26.05.2026 18:16:54
Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6359
- EPSS 0.25%
- Veröffentlicht 15.04.2026 19:04:48
- Zuletzt bearbeitet 17.04.2026 19:21:14
Use after free in Video in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2026-6299
- EPSS 0.34%
- Veröffentlicht 15.04.2026 19:04:47
- Zuletzt bearbeitet 26.05.2026 19:16:30
Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6358
- EPSS 0.27%
- Veröffentlicht 15.04.2026 19:04:47
- Zuletzt bearbeitet 27.05.2026 18:16:31
Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6297
- EPSS 0.2%
- Veröffentlicht 15.04.2026 19:04:46
- Zuletzt bearbeitet 27.05.2026 18:16:29
Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an attacker in a privileged network position to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6298
- EPSS 0.29%
- Veröffentlicht 15.04.2026 19:04:46
- Zuletzt bearbeitet 27.05.2026 18:16:29
Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-6296
- EPSS 0.34%
- Veröffentlicht 15.04.2026 19:04:45
- Zuletzt bearbeitet 26.05.2026 18:16:53
Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
CVE-2026-5918
- EPSS 0.16%
- Veröffentlicht 08.04.2026 21:21:07
- Zuletzt bearbeitet 14.04.2026 14:09:06
Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2026-5919
- EPSS 0.19%
- Veröffentlicht 08.04.2026 21:21:07
- Zuletzt bearbeitet 29.04.2026 16:16:28
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low...