Google

Chrome

651 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-5908

  • EPSS 0.09%
  • Veröffentlicht 08.04.2026 21:21:03
  • Zuletzt bearbeitet 29.04.2026 16:16:26

Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

4.3

CVE-2026-5906

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:21:02
  • Zuletzt bearbeitet 14.04.2026 14:51:10

Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2026-5905

  • EPSS 0.02%
  • Veröffentlicht 08.04.2026 21:21:01
  • Zuletzt bearbeitet 14.04.2026 14:51:30

Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low)

9.8

CVE-2026-5902

  • EPSS 0.11%
  • Veröffentlicht 08.04.2026 21:21:00
  • Zuletzt bearbeitet 13.04.2026 21:14:13

Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2026-5903

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:21:00
  • Zuletzt bearbeitet 13.04.2026 21:14:01

Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)

8.8

CVE-2026-5904

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:21:00
  • Zuletzt bearbeitet 13.04.2026 21:13:50

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)

4.3

CVE-2026-5900

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:20:59
  • Zuletzt bearbeitet 13.04.2026 21:14:34

Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. (Chromium security severity: Low)

6.5

CVE-2026-5901

  • EPSS 0.02%
  • Veröffentlicht 08.04.2026 21:20:59
  • Zuletzt bearbeitet 13.04.2026 21:14:24

Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extensio...

4.3

CVE-2026-5898

  • EPSS 0.03%
  • Veröffentlicht 08.04.2026 21:20:58
  • Zuletzt bearbeitet 13.04.2026 21:17:07

Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)

6.1

CVE-2026-5899

  • EPSS 0.02%
  • Veröffentlicht 08.04.2026 21:20:58
  • Zuletzt bearbeitet 13.04.2026 21:16:57

Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromi...