Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
3.1 LOW
CVE-2026-7965 — Google Chrome DevTools Cross-Origin Data Leak Vulnerability

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…

Remote | Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.2 MEDIUM
CVE-2026-7964 — Google Chrome FileSystem Unvalidated Input Arbitrary Read/Write

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via…

Remote | Path Traversal
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.3 HIGH
CVE-2026-7963 — Google Chrome ServiceWorker Sandbox Escape

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a …

Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.4 MEDIUM
CVE-2026-7962 — Google Chrome DirectSockets Policy Enforcement Vulnerability

Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. (Chromium security s…

Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.3 MEDIUM
CVE-2026-7961 — Google Chrome Permissions Cross-Origin Data Leak Vulnerability

Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data via malicious network traf…

| Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.3 MEDIUM
CVE-2026-7960 — Google Chrome Speech Race Condition Information Disclosure

Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted…

Remote | Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
3.1 LOW
CVE-2026-7959 — Google Chrome Navigation Renderer Process Isolation Bypass

Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.…

Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.4 MEDIUM
CVE-2026-7958 — Google Chrome ServiceWorker XSS

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UX…

Remote | Cross-Site Scripting
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.8 HIGH
CVE-2026-7957 — Google Chrome Media Out-of-Bounds Code Execution Vulnerability

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.3 HIGH
CVE-2026-7956 — Google Chrome Use After Free in Navigation

Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.3 MEDIUM
CVE-2026-7955 — Google Chrome GPU Uninitialized Use Remote Information Disclosure

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via…

Remote | Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
3.1 LOW
CVE-2026-7954 — Google Chrome Cross-Origin Data Leakage in Shared Storage

Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…

Remote | Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
6.1 MEDIUM
CVE-2026-7953 — Google Chrome Omnibox HTML Injection Vulnerability

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chro…

Remote | Cross-Site Scripting
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.2 MEDIUM
CVE-2026-7952 — Google Chrome Extension Policy Enforcement Bypass

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a c…

Remote | Authorization
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.8 HIGH
CVE-2026-7951 — Google Chrome WebRTC Out-of-Bounds Arbitrary Code Execution

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.4 MEDIUM
CVE-2026-7950 — Google Chrome GFX Out-of-Bounds Read/Write Vulnerability

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Mediu…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
3.1 LOW
CVE-2026-7949 — Google Chrome Skia Out-of-Bounds Read Vulnerability

Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi…

Remote | Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
7.5 HIGH
CVE-2026-7948 — Google Chrome Windows Privilege Escalation

Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)

Remote | Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.2 MEDIUM
CVE-2026-7947 — Google Chrome UI Spoofing Vulnerability

Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted H…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.3 MEDIUM
CVE-2026-7946 — Google Chrome WebUI Insufficient Policy Enforcement Remote Attack Bypass

Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site iso…

linux_kernel chrome macos chrome_os windows | Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
Showing 20 of 5922 Results