Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-7962 | MEDIUM | 5.4 | Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. (Chromium … | May 06, 2026 |
| CVE-2026-7961 | MEDIUM | 4.3 | Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data … | May 06, 2026 |
| CVE-2026-7960 | MEDIUM | 5.3 | Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from … | May 06, 2026 |
| CVE-2026-7959 | LOW | 3.1 | Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via … | May 06, 2026 |
| CVE-2026-7958 | MEDIUM | 5.4 | Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary … | May 06, 2026 |
| CVE-2026-7957 | HIGH | 8.8 | Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process … | May 06, 2026 |
| CVE-2026-7956 | HIGH | 8.3 | Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a … | May 06, 2026 |
| CVE-2026-7955 | MEDIUM | 5.3 | Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information … | May 06, 2026 |
| CVE-2026-7954 | LOW | 3.1 | Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via … | May 06, 2026 |
| CVE-2026-7953 | MEDIUM | 6.1 | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via … | May 06, 2026 |
| CVE-2026-7952 | MEDIUM | 4.2 | Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access … | May 06, 2026 |
| CVE-2026-7951 | HIGH | 8.8 | Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a … | May 06, 2026 |
| CVE-2026-7950 | MEDIUM | 5.4 | Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network … | May 06, 2026 |
| CVE-2026-7949 | LOW | 3.1 | Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin … | May 06, 2026 |
| CVE-2026-7948 | HIGH | 7.5 | Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security … | May 06, 2026 |
| CVE-2026-7947 | MEDIUM | 4.2 | Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform … | May 06, 2026 |
| CVE-2026-7946 | MEDIUM | 4.3 | Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer … | May 06, 2026 |
| CVE-2026-7945 | LOW | 3.1 | Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass … | May 06, 2026 |
| CVE-2026-7944 | LOW | 3.1 | Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to … | May 06, 2026 |
| CVE-2026-7943 | MEDIUM | 4.2 | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform … | May 06, 2026 |
| CVE-2026-7942 | MEDIUM | 4.3 | Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security … | May 06, 2026 |
| CVE-2026-7941 | MEDIUM | 4.4 | Insufficient validation of untrusted input in Mobile in Google Chrome on Android prior to 148.0.7778.96 allowed a local attacker to inject arbitrary scripts or HTML … | May 06, 2026 |
| CVE-2026-7940 | HIGH | 8.8 | Use after free in V8 in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to execute … | May 06, 2026 |
| CVE-2026-7939 | MEDIUM | 5.4 | Inappropriate implementation in SanitizerAPI in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML … | May 06, 2026 |
| CVE-2026-7938 | HIGH | 8.8 | Use after free in CSS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | May 06, 2026 |