Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-7987 | HIGH | 8.8 | Use after free in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | May 06, 2026 |
| CVE-2026-7986 | MEDIUM | 4.3 | Insufficient policy enforcement in Autofill in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium … | May 06, 2026 |
| CVE-2026-7985 | HIGH | 8.3 | Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a … | May 06, 2026 |
| CVE-2026-7984 | HIGH | 8.8 | Use after free in ReadingMode in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code … | May 06, 2026 |
| CVE-2026-7983 | MEDIUM | 4.3 | Out of bounds read in Dawn in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. … | May 06, 2026 |
| CVE-2026-7982 | MEDIUM | 6.5 | Uninitialized Use in WebCodecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted … | May 06, 2026 |
| CVE-2026-7981 | HIGH | 8.1 | Out of bounds read in Codecs in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to obtain potentially sensitive information from process memory via … | May 06, 2026 |
| CVE-2026-7980 | HIGH | 8.8 | Use after free in WebAudio in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | May 06, 2026 |
| CVE-2026-7979 | MEDIUM | 4.3 | Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security … | May 06, 2026 |
| CVE-2026-7978 | HIGH | 8.1 | Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. … | May 06, 2026 |
| CVE-2026-7977 | MEDIUM | 6.3 | Inappropriate implementation in Canvas in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium … | May 06, 2026 |
| CVE-2026-7976 | HIGH | 7.5 | Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute … | May 06, 2026 |
| CVE-2026-7975 | HIGH | 8.3 | Use after free in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a … | May 06, 2026 |
| CVE-2026-7974 | HIGH | 8.8 | Use after free in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | May 06, 2026 |
| CVE-2026-7973 | HIGH | 8.8 | Integer overflow in Dawn in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted … | May 06, 2026 |
| CVE-2026-7972 | MEDIUM | 4.3 | Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … | May 06, 2026 |
| CVE-2026-7971 | MEDIUM | 6.3 | Inappropriate implementation in ORB in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security … | May 06, 2026 |
| CVE-2026-7970 | HIGH | 8.3 | Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a … | May 06, 2026 |
| CVE-2026-7969 | MEDIUM | 4.3 | Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy … | May 06, 2026 |
| CVE-2026-7968 | LOW | 3.1 | Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass … | May 06, 2026 |
| CVE-2026-7967 | HIGH | 8.3 | Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially … | May 06, 2026 |
| CVE-2026-7966 | LOW | 3.1 | Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass … | May 06, 2026 |
| CVE-2026-7965 | LOW | 3.1 | Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak … | May 06, 2026 |
| CVE-2026-7964 | MEDIUM | 4.2 | Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform … | May 06, 2026 |
| CVE-2026-7963 | HIGH | 8.3 | Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox … | May 06, 2026 |