3.1

CVSS3.1

CVE-2026-7959 - Site Isolation Bypass via Navigation Flaw in Chrome

Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 4:30 a.m.

5.4

CVSS3.1

CVE-2026-7958 - ServiceWorker XSS via Malicious Chrome Extension

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UXSS) via a crafted Chrome Extension. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 3:30 a.m.

8.8

CVSS3.1

CVE-2026-7957 - Out-of-Bounds Write in Chrome Media Component Allows Remote Code Execution Within Sandbox

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 5:04 p.m.

8.3

CVSS3.1

CVE-2026-7956 - Use‑After‑Free in Navigation Leading to Sandbox Escape via Crafted HTML Page

Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 2:06 a.m.

5.3

CVSS3.1

CVE-2026-7955 -

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 2:06 a.m.

3.1

CVSS3.1

CVE-2026-7954 -

Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 2:06 a.m.

6.1

CVSS3.1

CVE-2026-7953 -

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 2:06 a.m.

4.2

CVSS3.1

CVE-2026-7952 - Chrome Extension Policy Bypass via Crafted Page

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 2:06 a.m.

8.8

CVSS3.1

CVE-2026-7951 -

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 2:07 a.m.

5.4

CVSS3.1

CVE-2026-7950 - Chrome GFX Out‑of‑Bounds Read/Write via Malicious Network Traffic

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Medium)

πŸ“… Published: May 6, 2026, 6:12 p.m. πŸ”„ Last Modified: May 7, 2026, 4:30 a.m.
Total resulsts: 349182
Page 68 of 34,919
Β« previous page Β» next page
Filters