Google

Chrome

651 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2026-7961

  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 18:12:53
  • Zuletzt bearbeitet 07.05.2026 02:03:31

Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data via malicious network traffic. (Chromium security severity: Medium)

5.4

CVE-2026-7962

  • EPSS 0.05%
  • Veröffentlicht 06.05.2026 18:12:53
  • Zuletzt bearbeitet 07.05.2026 02:02:56

Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8

CVE-2026-7957

  • EPSS 0.13%
  • Veröffentlicht 06.05.2026 18:12:52
  • Zuletzt bearbeitet 07.05.2026 17:04:42

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Mediu...

5.4

CVE-2026-7958

  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 18:12:52
  • Zuletzt bearbeitet 07.05.2026 02:05:24

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UXSS) via a crafted Chrome Extension. (Chromium secur...

3.1

CVE-2026-7959

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:52
  • Zuletzt bearbeitet 08.05.2026 20:16:33

Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

3.1

CVE-2026-7954

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:51
  • Zuletzt bearbeitet 07.05.2026 02:06:34

Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

5.3

CVE-2026-7955

  • EPSS 0.04%
  • Veröffentlicht 06.05.2026 18:12:51
  • Zuletzt bearbeitet 07.05.2026 02:06:16

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: ...

8.3

CVE-2026-7956

  • EPSS 0.12%
  • Veröffentlicht 06.05.2026 18:12:51
  • Zuletzt bearbeitet 07.05.2026 02:06:06

Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

4.2

CVE-2026-7952

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:50
  • Zuletzt bearbeitet 07.05.2026 02:06:58

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medi...

6.1

CVE-2026-7953

  • EPSS 0.05%
  • Veröffentlicht 06.05.2026 18:12:50
  • Zuletzt bearbeitet 07.05.2026 02:06:23

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chromium security severity: Medium)