Google

Chrome

4139 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.2

CVE-2026-7993

  • EPSS 0.08%
  • Veröffentlicht 06.05.2026 18:13:05
  • Zuletzt bearbeitet 06.05.2026 23:19:28

Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chro...

7.8

CVE-2026-7994

  • EPSS 0.01%
  • Veröffentlicht 06.05.2026 18:13:05
  • Zuletzt bearbeitet 06.05.2026 23:19:18

Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium)

7.8

CVE-2026-7990

  • EPSS 0.01%
  • Veröffentlicht 06.05.2026 18:13:04
  • Zuletzt bearbeitet 06.05.2026 23:20:16

Insufficient validation of untrusted input in Updater in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium)

8.8

CVE-2026-7991

  • EPSS 0.08%
  • Veröffentlicht 06.05.2026 18:13:04
  • Zuletzt bearbeitet 06.05.2026 23:19:55

Use after free in UI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2026-7987

  • EPSS 0.07%
  • Veröffentlicht 06.05.2026 18:13:03
  • Zuletzt bearbeitet 06.05.2026 23:20:47

Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2026-7988

  • EPSS 0.07%
  • Veröffentlicht 06.05.2026 18:13:03
  • Zuletzt bearbeitet 06.05.2026 23:20:36

Type Confusion in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

4.2

CVE-2026-7989

  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 18:13:03
  • Zuletzt bearbeitet 08.05.2026 20:16:33

Insufficient data validation in DataTransfer in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Medium)

8.3

CVE-2026-7985

  • EPSS 0.07%
  • Veröffentlicht 06.05.2026 18:13:02
  • Zuletzt bearbeitet 06.05.2026 23:21:23

Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2026-7986

  • EPSS 0.01%
  • Veröffentlicht 06.05.2026 18:13:02
  • Zuletzt bearbeitet 06.05.2026 23:21:14

Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2026-7983

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:13:01
  • Zuletzt bearbeitet 06.05.2026 23:21:46

Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)