Google

Chrome

4139 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-5910

  • EPSS 0.09%
  • Veröffentlicht 08.04.2026 21:21:04
  • Zuletzt bearbeitet 29.04.2026 16:16:27

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

8.1

CVE-2026-5907

  • EPSS 0.09%
  • Veröffentlicht 08.04.2026 21:21:03
  • Zuletzt bearbeitet 14.04.2026 14:46:10

Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Low)

8.8

CVE-2026-5908

  • EPSS 0.09%
  • Veröffentlicht 08.04.2026 21:21:03
  • Zuletzt bearbeitet 29.04.2026 16:16:26

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

4.3

CVE-2026-5906

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:21:02
  • Zuletzt bearbeitet 14.04.2026 14:51:10

Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2026-5905

  • EPSS 0.02%
  • Veröffentlicht 08.04.2026 21:21:01
  • Zuletzt bearbeitet 14.04.2026 14:51:30

Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

9.8

CVE-2026-5902

  • EPSS 0.11%
  • Veröffentlicht 08.04.2026 21:21:00
  • Zuletzt bearbeitet 13.04.2026 21:14:13

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2026-5903

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:21:00
  • Zuletzt bearbeitet 13.04.2026 21:14:01

Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2026-5904

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:21:00
  • Zuletzt bearbeitet 13.04.2026 21:13:50

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)

4.3

CVE-2026-5900

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:20:59
  • Zuletzt bearbeitet 13.04.2026 21:14:34

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2026-5901

  • EPSS 0.02%
  • Veröffentlicht 08.04.2026 21:20:59
  • Zuletzt bearbeitet 13.04.2026 21:14:24

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extensio...