Google

Chrome

651 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2026-8544

  • EPSS 0.08%
  • Veröffentlicht 14.05.2026 19:52:24
  • Zuletzt bearbeitet 14.05.2026 21:19:23

Use after free in Media in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

3.1

CVE-2026-8545

  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 19:52:24
  • Zuletzt bearbeitet 15.05.2026 15:16:54

Object corruption in Compositing in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: High)

5.3

CVE-2026-8546

  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 19:52:24
  • Zuletzt bearbeitet 14.05.2026 22:16:48

Out of bounds read in GPU in Google Chrome on Mac and Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromiu...

5.3

CVE-2026-8541

  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 19:52:23
  • Zuletzt bearbeitet 14.05.2026 22:16:48

Out of bounds read in UI in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity:...

8.3

CVE-2026-8542

  • EPSS 0.07%
  • Veröffentlicht 14.05.2026 19:52:23
  • Zuletzt bearbeitet 14.05.2026 22:16:48

Use after free in Core in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

5.3

CVE-2026-8543

  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 19:52:23
  • Zuletzt bearbeitet 14.05.2026 22:16:48

Out of bounds read in FileSystem in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentially sensitive information from process memory via a crafted HTML page....

5.3

CVE-2026-8538

  • EPSS 0.06%
  • Veröffentlicht 14.05.2026 19:52:22
  • Zuletzt bearbeitet 14.05.2026 22:16:47

Insufficient validation of untrusted input in GPU in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform a denial of service via a crafted HTML page. (Chromium security severity: High)

5.4

CVE-2026-8539

  • EPSS 0.03%
  • Veröffentlicht 14.05.2026 19:52:22
  • Zuletzt bearbeitet 14.05.2026 22:16:48

Script injection in SanitizerAPI in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: High)

8.8

CVE-2026-8540

  • EPSS 0.08%
  • Veröffentlicht 14.05.2026 19:52:22
  • Zuletzt bearbeitet 14.05.2026 21:19:23

Type Confusion in V8 in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

3.1

CVE-2026-8536

  • EPSS 0.02%
  • Veröffentlicht 14.05.2026 19:52:21
  • Zuletzt bearbeitet 15.05.2026 15:16:54

Insufficient validation of untrusted input in ReadingMode in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to bypass site Isolation via a crafted HTML page. (Chromium security severity...