Google

Chrome

4139 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-6315

  • EPSS 0.12%
  • Veröffentlicht 15.04.2026 19:04:55
  • Zuletzt bearbeitet 17.04.2026 19:07:23

Use after free in Permissions in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

3.1

CVE-2026-6312

  • EPSS 0.01%
  • Veröffentlicht 15.04.2026 19:04:54
  • Zuletzt bearbeitet 10.05.2026 14:16:51

Insufficient policy enforcement in Passwords in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

3.1

CVE-2026-6313

  • EPSS 0.01%
  • Veröffentlicht 15.04.2026 19:04:54
  • Zuletzt bearbeitet 17.04.2026 17:26:05

Insufficient policy enforcement in CORS in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

8.3

CVE-2026-6310

  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 19:04:53
  • Zuletzt bearbeitet 17.04.2026 17:26:44

Use after free in Dawn in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

8.3

CVE-2026-6311

  • EPSS 0.03%
  • Veröffentlicht 15.04.2026 19:04:53
  • Zuletzt bearbeitet 17.04.2026 17:26:26

Uninitialized Use in Accessibility in Google Chrome on Windows prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Hi...

8.8

CVE-2026-6360

  • EPSS 0.02%
  • Veröffentlicht 15.04.2026 19:04:53
  • Zuletzt bearbeitet 17.04.2026 19:20:59

Use after free in FileSystem in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

7.5

CVE-2026-6308

  • EPSS 0.03%
  • Veröffentlicht 15.04.2026 19:04:52
  • Zuletzt bearbeitet 17.04.2026 17:26:59

Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

8.3

CVE-2026-6309

  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 19:04:52
  • Zuletzt bearbeitet 17.04.2026 17:26:50

Use after free in Viz in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2026-6306

  • EPSS 0.03%
  • Veröffentlicht 15.04.2026 19:04:51
  • Zuletzt bearbeitet 17.04.2026 15:40:42

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

8.8

CVE-2026-6307

  • EPSS 0.04%
  • Veröffentlicht 15.04.2026 19:04:51
  • Zuletzt bearbeitet 17.04.2026 17:27:07

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)