Google

Chrome

651 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2026-7942

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:45
  • Zuletzt bearbeitet 06.05.2026 23:33:07

Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

5.4

CVE-2026-7939

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:44
  • Zuletzt bearbeitet 06.05.2026 23:33:57

Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Medium)

8.8

CVE-2026-7940

  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 18:12:44
  • Zuletzt bearbeitet 06.05.2026 23:33:48

Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code inside a sandbox via a crafted Chrome Extension. (Chromium security severity: Medium)

8.8

CVE-2026-7938

  • EPSS 0.08%
  • Veröffentlicht 06.05.2026 18:12:43
  • Zuletzt bearbeitet 06.05.2026 23:34:05

Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

3.1

CVE-2026-7937

  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 18:12:42
  • Zuletzt bearbeitet 06.05.2026 23:34:15

Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severit...

4.2

CVE-2026-7934

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:39
  • Zuletzt bearbeitet 06.05.2026 23:34:43

Insufficient validation of untrusted input in Popup Blocker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security sever...

5.4

CVE-2026-7935

  • EPSS 0.06%
  • Veröffentlicht 06.05.2026 18:12:39
  • Zuletzt bearbeitet 06.05.2026 23:34:33

Inappropriate implementation in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2026-7936

  • EPSS 0.03%
  • Veröffentlicht 06.05.2026 18:12:39
  • Zuletzt bearbeitet 06.05.2026 23:34:23

Object lifecycle issue in V8 in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)

4.4

CVE-2026-7932

  • EPSS 0.01%
  • Veröffentlicht 06.05.2026 18:12:38
  • Zuletzt bearbeitet 08.05.2026 20:16:32

Insufficient policy enforcement in Downloads in Google Chrome prior to 148.0.7778.96 allowed a local attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)

4.3

CVE-2026-7933

  • EPSS 0.02%
  • Veröffentlicht 06.05.2026 18:12:38
  • Zuletzt bearbeitet 06.05.2026 23:34:54

Out of bounds read in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Medium)