CVE-2026-8548
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:25
- Zuletzt bearbeitet 19.05.2026 17:02:58
Out of bounds write in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8549
- EPSS 0.28%
- Veröffentlicht 14.05.2026 19:52:25
- Zuletzt bearbeitet 19.05.2026 16:58:07
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8544
- EPSS 0.28%
- Veröffentlicht 14.05.2026 19:52:24
- Zuletzt bearbeitet 19.05.2026 14:53:57
Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8545
- EPSS 0.16%
- Veröffentlicht 14.05.2026 19:52:24
- Zuletzt bearbeitet 19.05.2026 14:53:42
Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8546
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:24
- Zuletzt bearbeitet 19.05.2026 16:33:18
Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromiu...
CVE-2026-8541
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:23
- Zuletzt bearbeitet 19.05.2026 14:47:47
Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:...
CVE-2026-8542
- EPSS 0.21%
- Veröffentlicht 14.05.2026 19:52:23
- Zuletzt bearbeitet 19.05.2026 16:32:50
Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8543
- EPSS 0.26%
- Veröffentlicht 14.05.2026 19:52:23
- Zuletzt bearbeitet 19.05.2026 16:33:09
Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page....
CVE-2026-8538
- EPSS 0.2%
- Veröffentlicht 14.05.2026 19:52:22
- Zuletzt bearbeitet 19.05.2026 01:30:01
Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)
CVE-2026-8539
- EPSS 0.16%
- Veröffentlicht 14.05.2026 19:52:22
- Zuletzt bearbeitet 19.05.2026 16:18:32
Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)