8.8
CVE-2026-5863 - chromium-browser: Inappropriate implementation in V8
Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
9.8
CVE-2026-5902 - chromium-browser: Race in Media
Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium security severity: Low)
8.8
CVE-2026-5861 - chromium-browser: Use after free in V8
Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)
8.8
CVE-2026-5908 - chromium-browser: Integer overflow in Media
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
8.8
CVE-2026-5910 - chromium-browser: Integer overflow in Media
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)
6.5
CVE-2026-5901 - chromium-browser: Policy bypass in DevTools
Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low)
8.8
CVE-2026-5859 - chromium-browser: Integer overflow in WebML
Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)
5.3
CVE-2026-5886 - chromium-browser: Out of bounds read in WebAudio
Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)
9.8
CVE-2026-30079 -
In OpenAirInterface V2.2.0 AMF, Out of sequence messages causes incorrect state transition during UE registration procedure. This allows authentication to be bypassed completely. If a SecurityModeComplete message is sent after InitialUERegistration, a registration reject is received followed by a rโฆ
6.5
CVE-2026-5919 - chromium-browser: Insufficient validation of untrusted input in WebSockets
Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low)