Google

Chrome

651 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2026-7969

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:56
  • Zuletzt bearbeitet 07.05.2026 02:01:44

Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

8.3

CVE-2026-7970

  • EPSS 0.07%
  • Veröffentlicht 06.05.2026 18:12:56
  • Zuletzt bearbeitet 07.05.2026 02:01:34

Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

6.3

CVE-2026-7971

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:56
  • Zuletzt bearbeitet 07.05.2026 02:01:24

Inappropriate implementation in ORB in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

3.1

CVE-2026-7966

  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 18:12:55
  • Zuletzt bearbeitet 07.05.2026 02:02:16

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medi...

8.3

CVE-2026-7967

  • EPSS 0.13%
  • Veröffentlicht 06.05.2026 18:12:55
  • Zuletzt bearbeitet 07.05.2026 02:02:04

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security se...

3.1

CVE-2026-7968

  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 18:12:55
  • Zuletzt bearbeitet 07.05.2026 02:01:55

Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)

8.3

CVE-2026-7963

  • EPSS 0.11%
  • Veröffentlicht 06.05.2026 18:12:54
  • Zuletzt bearbeitet 07.05.2026 02:02:48

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Med...

4.2

CVE-2026-7964

  • EPSS 0.05%
  • Veröffentlicht 06.05.2026 18:12:54
  • Zuletzt bearbeitet 07.05.2026 02:02:37

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: ...

3.1

CVE-2026-7965

  • EPSS 0.05%
  • Veröffentlicht 06.05.2026 18:12:54
  • Zuletzt bearbeitet 07.05.2026 02:02:26

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

5.3

CVE-2026-7960

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:53
  • Zuletzt bearbeitet 07.05.2026 02:03:46

Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)