CVEs from 2026
Total
13,477
critical
critical 1,163
high
high 4,151
medium
medium 4,139
low
low 441
% Critical
8.6%
% with KEV
0.4%
% with exploit
0.5%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-42941 | high | 8.3 | 8.3 | 16h ago | The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change. | |||
| CVE-2026-42929 | high | 8.3 | 8.3 | 16h ago | Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials. | |||
| CVE-2026-10105 | high | 8.3 | 8.3 | 17h ago | agno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that allows attackers to inject arbitrary SQL expressions by supplying malicious metadata keys and values t… | |||
| CVE-2026-32905 | high | 8.3 | 8.3 | 19h ago | OpenClaw before 2026.5.4 contains an authorization bypass vulnerability in the bundled device-pair plugin that allows non-owner authorized chat senders to issue device-pairing bootstrap codes without… | |||
| CVE-2026-44698 | high | 8.3 | 8.3 | 21h ago | Home Assistant is open source home automation software that puts local control and privacy first. Prior to 2026.4.1 for iOS and 2026.4.4 for Android, he Home Assistant Companion apps for Android and … | |||
| CVE-2026-9998 | high | 8.3 | 8.3 | 2d ago | Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (… | |||
| CVE-2026-9997 | high | 8.3 | 8.3 | 2d ago | Use after free in Input in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… | |||
| CVE-2026-9994 | high | 8.3 | 8.3 | 2d ago | Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM… | |||
| CVE-2026-9993 | high | 8.3 | 8.3 | 2d ago | Use after free in Views in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted PDF file. (Ch… | |||
| CVE-2026-9988 | high | 8.3 | 8.3 | 2d ago | Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9982 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape… | |||
| CVE-2026-9977 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in WebShare in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a … | |||
| CVE-2026-9975 | high | 8.3 | 8.3 | 2d ago | Out of bounds read and write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted… | |||
| CVE-2026-9974 | high | 8.3 | 8.3 | 2d ago | Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… | |||
| CVE-2026-9972 | high | 8.3 | 8.3 | 2d ago | Uninitialized Use in Gamepad in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted H… | |||
| CVE-2026-9970 | high | 8.3 | 8.3 | 2d ago | Use after free in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… | |||
| CVE-2026-9966 | high | 8.3 | 8.3 | 2d ago | Integer overflow in XML in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT… | |||
| CVE-2026-9951 | high | 8.3 | 8.3 | 2d ago | Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9949 | high | 8.3 | 8.3 | 2d ago | Use after free in Core in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTM… | |||
| CVE-2026-9948 | high | 8.3 | 8.3 | 2d ago | Use after free in Views in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML p… | |||
| CVE-2026-9946 | high | 8.3 | 8.3 | 2d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… | |||
| CVE-2026-9937 | high | 8.3 | 8.3 | 2d ago | Use after free in UI in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML … | |||
| CVE-2026-9936 | high | 8.3 | 8.3 | 2d ago | Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… | |||
| CVE-2026-9932 | high | 8.3 | 8.3 | 2d ago | Use after free in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT… | |||
| CVE-2026-9931 | high | 8.3 | 8.3 | 2d ago | Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… | |||
| CVE-2026-9926 | high | 8.3 | 8.3 | 2d ago | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pa… | |||
| CVE-2026-9925 | high | 8.3 | 8.3 | 2d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… | |||
| CVE-2026-9924 | high | 8.3 | 8.3 | 2d ago | Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a craf… | |||
| CVE-2026-9916 | high | 8.3 | 8.3 | 2d ago | Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… | |||
| CVE-2026-9915 | high | 8.3 | 8.3 | 2d ago | Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pa… | |||
| CVE-2026-9914 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape… | |||
| CVE-2026-9906 | high | 8.3 | 8.3 | 2d ago | Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… | |||
| CVE-2026-9905 | high | 8.3 | 8.3 | 2d ago | Use after free in Accessibility in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a cr… | |||
| CVE-2026-9904 | high | 8.3 | 8.3 | 2d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2026-9902 | high | 8.3 | 8.3 | 2d ago | Use after free in Accessibility in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML … | |||
| CVE-2026-9900 | high | 8.3 | 8.3 | 2d ago | Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML pag… | |||
| CVE-2026-9899 | high | 8.3 | 8.3 | 2d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… | |||
| CVE-2026-9898 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandb… | |||
| CVE-2026-9895 | high | 8.3 | 8.3 | 2d ago | Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. … | |||
| CVE-2026-9894 | high | 8.3 | 8.3 | 2d ago | Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… | |||
| CVE-2026-9893 | high | 8.3 | 8.3 | 2d ago | Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… | |||
| CVE-2026-9892 | high | 8.3 | 8.3 | 2d ago | Inappropriate implementation in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via… | |||
| CVE-2026-9890 | high | 8.3 | 8.3 | 2d ago | Use after free in XR in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML … | |||
| CVE-2026-9889 | high | 8.3 | 8.3 | 2d ago | Out of bounds read and write in Dawn in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security … | |||
| CVE-2026-9888 | high | 8.3 | 8.3 | 2d ago | Use after free in WebView in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … | |||
| CVE-2026-9885 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in UI in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es… | |||
| CVE-2026-9880 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape… | |||
| CVE-2026-9877 | high | 8.3 | 8.3 | 2d ago | Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C… | |||
| CVE-2026-10020 | high | 8.3 | 8.3 | 2d ago | Insufficient validation of untrusted input in Skia in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sand… | |||
| CVE-2026-10017 | high | 8.3 | 8.3 | 2d ago | Out of bounds read in Headless in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML p… | |||
| CVE-2026-10014 | high | 8.3 | 8.3 | 2d ago | Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … | |||
| CVE-2026-10012 | high | 8.3 | 8.3 | 2d ago | Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch… | |||
| CVE-2026-10001 | high | 8.3 | 8.3 | 2d ago | Use after free in PerformanceManager in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted … | |||
| CVE-2026-10000 | high | 8.3 | 8.3 | 2d ago | Use after free in Passwords in Google Chrome on Windows prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafte… | |||
| CVE-2026-44966 | high | 8.3 | 8.3 | 4d ago | Velocity.js has a Prototype Pollution vulnerability through #set path assignment | |||
| CVE-2026-44570 | high | 8.3 | 8.3 | 15d ago | Open WebUI has inconsistent authorization controls within memories API | |||
| CVE-2026-45369 | high | 8.3 | 8.3 | 16d ago | utcp-cli Vulnerable to Command Injection via Unsanitized Argument Substitution in CLI Communication Protocol | |||
| CVE-2026-8575 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8574 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8573 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8571 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8569 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8548 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8542 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8534 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8533 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8530 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8525 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8523 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8520 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8515 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8514 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8513 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-8512 | high | 8.3 | 8.3 | 16d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2025">Google Chrom… | |||
| CVE-2026-43907 | high | 8.3 | 8.3 | 16d ago | OpenImageIO is a toolset for reading, writing, and manipulating image files of any image file format relevant to VFX / animation. Prior to 3.0.18.0 and 3.1.13.0, a signed integer overflow in QueryRGB… | |||
| CVE-2026-44586 | high | 8.3 | 8.3 | 16d ago | SiYuan is an open-source personal knowledge management system. From 2.1.12 to before 3.7.0. SiYuan's Bazaar marketplace renders package author metadata from the public bazaar stage feed into HTML wit… | |||
| CVE-2026-32993 | high | 8.3 | 8.3 | 17d ago | Improper sanitization of the `status` query parameter of the `/unprotected/nova_error` endpoint allows unauthenticated attacker to inject arbitrary HTTP header to the response. | |||
| CVE-2026-21821 | high | 8.3 | 8.3 | 17d ago | The HCL BigFix SCM Reporting site contains an outdated and unsupported version of the jQuery 1.x library. Since jQuery 1.x has reached end-of-life and no longer receives security updates, it may expo… | |||
| CVE-2026-35438 | high | 8.3 | 8.3 | 18d ago | <p>Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.</p> | |||
| CVE-2026-42313 | high | 8.3 | 8.3 | 19d ago | pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates … | |||
| CVE-2026-42562 | high | 8.3 | 8.3 | 21d ago | Plainpad is a self hosted note taking app. Prior to version 1.1.1, Plainpad allows a low-privilege authenticated user to self-escalate to administrator by submitting admin=true in PUT /api.php/v1/use… | |||
| CVE-2026-42297 | high | 8.3 | 8.3 | 21d ago | Argo has Missing Authorization in its Sync ConfigMap Provider | |||
| CVE-2026-43291 | high | 8.3 | 8.3 | 22d ago | In the Linux kernel, the following vulnerability has been resolved: net: nfc: nci: Fix parameter validation for packet data Since commit 9c328f54741b ("net: nfc: nci: Add parameter validation for p… | |||
| CVE-2026-41422 | high | 8.3 | 8.3 | 23d ago | Daptin: SQL injection via unvalidated goqu.L() calls in aggregate API | |||
| CVE-2026-41490 | high | 8.3 | 8.3 | 23d ago | Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations | |||
| CVE-2026-8001 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7985 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7975 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7970 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7967 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7963 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7956 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7923 | high | 8.3 | 8.3 | 24d ago | Out of bounds write in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.… | |||
| CVE-2026-7922 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7920 | high | 8.3 | 8.3 | 24d ago | Use after free in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chr… | |||
| CVE-2026-7919 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7918 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7917 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7916 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… | |||
| CVE-2026-7914 | high | 8.3 | 8.3 | 24d ago | <p>This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see <a href="https://chromereleases.googleblog.com/2026%C2%A0">Google… |