CVE-2026-10009
- EPSS 0.22%
- Veröffentlicht 28.05.2026 22:25:53
- Zuletzt bearbeitet 01.06.2026 15:13:32
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10004
- EPSS 0.16%
- Veröffentlicht 28.05.2026 22:25:52
- Zuletzt bearbeitet 29.05.2026 19:16:22
Insufficient validation of untrusted input in Passwords in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10005
- EPSS 0.26%
- Veröffentlicht 28.05.2026 22:25:52
- Zuletzt bearbeitet 01.06.2026 18:47:08
Use after free in WebAppInstalls in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10006
- EPSS 0.23%
- Veröffentlicht 28.05.2026 22:25:52
- Zuletzt bearbeitet 29.05.2026 17:18:09
Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10001
- EPSS 0.17%
- Veröffentlicht 28.05.2026 22:25:51
- Zuletzt bearbeitet 29.05.2026 17:40:36
Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10002
- EPSS 0.18%
- Veröffentlicht 28.05.2026 22:25:51
- Zuletzt bearbeitet 29.05.2026 19:16:22
Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: High)
CVE-2026-10003
- EPSS 0.22%
- Veröffentlicht 28.05.2026 22:25:51
- Zuletzt bearbeitet 01.06.2026 15:25:10
Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
CVE-2026-10000
- EPSS 0.19%
- Veröffentlicht 28.05.2026 22:25:50
- Zuletzt bearbeitet 03.06.2026 02:32:00
Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9998
- EPSS 0.17%
- Veröffentlicht 28.05.2026 22:25:50
- Zuletzt bearbeitet 29.05.2026 20:18:44
Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-9999
- EPSS 0.23%
- Veröffentlicht 28.05.2026 22:25:50
- Zuletzt bearbeitet 01.06.2026 18:14:19
Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)