Google

Chrome

4139 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.2

CVE-2026-7952

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:50
  • Zuletzt bearbeitet 07.05.2026 02:06:58

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medi...

6.1

CVE-2026-7953

  • EPSS 0.05%
  • Veröffentlicht 06.05.2026 18:12:50
  • Zuletzt bearbeitet 07.05.2026 02:06:23

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chromium security severity: Medium)

5.4

CVE-2026-7950

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:49
  • Zuletzt bearbeitet 07.05.2026 02:09:44

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Medium)

8.8

CVE-2026-7951

  • EPSS 0.11%
  • Veröffentlicht 06.05.2026 18:12:49
  • Zuletzt bearbeitet 07.05.2026 02:07:07

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

7.5

CVE-2026-7948

  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 18:12:48
  • Zuletzt bearbeitet 07.05.2026 02:08:49

Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)

3.1

CVE-2026-7949

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:48
  • Zuletzt bearbeitet 07.05.2026 02:07:45

Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromium security severity: Medium)

3.1

CVE-2026-7945

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:47
  • Zuletzt bearbeitet 06.05.2026 23:32:29

Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2026-7946

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:47
  • Zuletzt bearbeitet 08.05.2026 20:16:32

Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security ...

4.2

CVE-2026-7947

  • EPSS 0.08%
  • Veröffentlicht 06.05.2026 18:12:47
  • Zuletzt bearbeitet 06.05.2026 23:32:04

Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

4.2

CVE-2026-7943

  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 18:12:46
  • Zuletzt bearbeitet 06.05.2026 23:32:58

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Mediu...