Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
8.3 HIGH
CVE-2026-7970 — Google Chrome TopChrome Use-After-Free Vulnerability

Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…

linux_kernel chrome macos windows | Remote | Memory Corruption
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
4.3 MEDIUM
CVE-2026-7969 — Google Chrome Same Origin Policy Bypass Vulnerability

Integer overflow in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium …

linux_kernel chrome macos windows | Remote | Information Disclosure
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
3.1 LOW
CVE-2026-7968 — Google Chrome CORS Input Validation Bypass

Insufficient validation of untrusted input in CORS in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafte…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
8.3 HIGH
CVE-2026-7967 — Google Chrome Navigation Sandbox Escalation

Insufficient validation of untrusted input in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox es…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
3.1 LOW
CVE-2026-7966 — Google Chrome SiteIsolation HTML Injection

Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
3.1 LOW
CVE-2026-7965 — Google Chrome DevTools Cross-Origin Data Leak Vulnerability

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…

linux_kernel chrome macos windows | Remote | Information Disclosure
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
4.2 MEDIUM
CVE-2026-7964 — Google Chrome FileSystem Unvalidated Input Arbitrary Read/Write

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via…

linux_kernel chrome macos windows | Remote | Path Traversal
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
8.3 HIGH
CVE-2026-7963 — Google Chrome ServiceWorker Sandbox Escape

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a …

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
5.4 MEDIUM
CVE-2026-7962 — Google Chrome DirectSockets Policy Enforcement Vulnerability

Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. (Chromium security s…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
4.3 MEDIUM
CVE-2026-7961 — Google Chrome Permissions Cross-Origin Data Leak Vulnerability

Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data via malicious network traf…

linux_kernel chrome macos windows | Information Disclosure
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
5.3 MEDIUM
CVE-2026-7960 — Google Chrome Speech Race Condition Information Disclosure

Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted…

linux_kernel chrome macos windows | Remote | Race Condition
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
3.1 LOW
CVE-2026-7959 — Google Chrome Navigation Renderer Process Isolation Bypass

Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
5.4 MEDIUM
CVE-2026-7958 — Google Chrome ServiceWorker XSS

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UX…

linux_kernel chrome macos windows | Remote | Cross-Site Scripting
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
8.8 HIGH
CVE-2026-7957 — Google Chrome Media Out-of-Bounds Code Execution Vulnerability

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.3 HIGH
CVE-2026-7956 — Google Chrome Use After Free in Navigation

Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…

linux_kernel chrome macos windows | Remote | Memory Corruption
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
5.3 MEDIUM
CVE-2026-7955 — Google Chrome GPU Uninitialized Use Remote Information Disclosure

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via…

linux_kernel chrome macos windows | Remote | Information Disclosure
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
3.1 LOW
CVE-2026-7954 — Google Chrome Cross-Origin Data Leakage in Shared Storage

Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…

linux_kernel chrome macos windows | Remote | Race Condition
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
6.1 MEDIUM
CVE-2026-7953 — Google Chrome Omnibox HTML Injection Vulnerability

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chro…

linux_kernel chrome macos windows | Remote | Cross-Site Scripting
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
4.2 MEDIUM
CVE-2026-7952 — Google Chrome Extension Policy Enforcement Bypass

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a c…

linux_kernel chrome macos windows | Remote | Authorization
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
8.8 HIGH
CVE-2026-7951 — Google Chrome WebRTC Out-of-Bounds Arbitrary Code Execution

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

linux_kernel chrome macos windows | Remote | Memory Corruption
May 06, 2026 May 07, 2026
May 06, 2026
May 07, 2026
Showing 20 of 5925 Results