Google

Chrome

4139 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-0907

  • EPSS 0.13%
  • Veröffentlicht 20.01.2026 04:14:17
  • Zuletzt bearbeitet 29.01.2026 20:27:46

Incorrect security UI in Split View in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2026-0908

  • EPSS 0.05%
  • Veröffentlicht 20.01.2026 04:14:17
  • Zuletzt bearbeitet 29.01.2026 20:27:56

Use after free in ANGLE in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)

5.4

CVE-2026-0904

  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 04:14:16
  • Zuletzt bearbeitet 29.01.2026 20:22:51

Incorrect security UI in Digital Credentials in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)

9.8

CVE-2026-0905

  • EPSS 0.03%
  • Veröffentlicht 20.01.2026 04:14:16
  • Zuletzt bearbeitet 29.01.2026 20:23:06

Insufficient policy enforcement in Network in Google Chrome prior to 144.0.7559.59 allowed an attack who obtained a network log file to potentially obtain potentially sensitive information via a network log file. (Chromium security severity: Medium)

8.8

CVE-2026-0902

  • EPSS 0.11%
  • Veröffentlicht 20.01.2026 04:14:15
  • Zuletzt bearbeitet 29.01.2026 20:21:45

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

5.4

CVE-2026-0903

  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 04:14:15
  • Zuletzt bearbeitet 29.01.2026 20:22:01

Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. (Chromium security severity: Medium)

8.8

CVE-2026-0900

  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 04:14:14
  • Zuletzt bearbeitet 29.01.2026 20:21:33

Inappropriate implementation in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

5.4

CVE-2026-0901

  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 04:14:14
  • Zuletzt bearbeitet 30.01.2026 16:28:25

Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2026-0899

  • EPSS 0.04%
  • Veröffentlicht 20.01.2026 04:14:13
  • Zuletzt bearbeitet 29.01.2026 20:20:16

Out of bounds memory access in V8 in Google Chrome prior to 144.0.7559.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2026-0628

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 06.01.2026 23:57:00
  • Zuletzt bearbeitet 12.01.2026 16:48:33

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromi...