CVE-2026-3927
- EPSS 0.18%
- Veröffentlicht 11.03.2026 22:04:09
- Zuletzt bearbeitet 13.03.2026 20:15:11
Incorrect security UI in PictureInPicture in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-3924
- EPSS 0.27%
- Veröffentlicht 11.03.2026 22:04:08
- Zuletzt bearbeitet 13.03.2026 15:41:03
use after free in WindowDialog in Google Chrome prior to 146.0.7680.71 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3925
- EPSS 0.15%
- Veröffentlicht 11.03.2026 22:04:08
- Zuletzt bearbeitet 13.03.2026 20:15:58
Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2026-3923
- EPSS 0.27%
- Veröffentlicht 11.03.2026 22:04:07
- Zuletzt bearbeitet 13.03.2026 15:42:16
Use after free in WebMIDI in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3921
- EPSS 0.27%
- Veröffentlicht 11.03.2026 22:04:06
- Zuletzt bearbeitet 13.03.2026 15:42:29
Use after free in TextEncoding in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3922
- EPSS 0.27%
- Veröffentlicht 11.03.2026 22:04:06
- Zuletzt bearbeitet 13.03.2026 15:42:22
Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3919
- EPSS 0.26%
- Veröffentlicht 11.03.2026 22:04:05
- Zuletzt bearbeitet 13.03.2026 15:43:22
Use after free in Extensions in Google Chrome prior to 146.0.7680.71 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3920
- EPSS 0.29%
- Veröffentlicht 11.03.2026 22:04:05
- Zuletzt bearbeitet 13.03.2026 15:43:27
Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3918
- EPSS 0.33%
- Veröffentlicht 11.03.2026 22:04:04
- Zuletzt bearbeitet 13.03.2026 15:43:17
Use after free in WebMCP in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2026-3916
- EPSS 0.35%
- Veröffentlicht 11.03.2026 22:04:03
- Zuletzt bearbeitet 13.03.2026 15:43:05
Out of bounds read in Web Speech in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)