Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
3.1 LOW
CVE-2026-7965 — Google Chrome DevTools Cross-Origin Data Leak Vulnerability

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a craft…

Remote | Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.2 MEDIUM
CVE-2026-7964 — Google Chrome FileSystem Unvalidated Input Arbitrary Read/Write

Insufficient validation of untrusted input in FileSystem in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via…

Remote | Path Traversal
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.3 HIGH
CVE-2026-7963 — Google Chrome ServiceWorker Sandbox Escape

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a …

Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.4 MEDIUM
CVE-2026-7962 — Google Chrome DirectSockets Policy Enforcement Vulnerability

Insufficient policy enforcement in DirectSockets in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via a crafted Chrome Extension. (Chromium security s…

Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.3 MEDIUM
CVE-2026-7961 — Google Chrome Permissions Cross-Origin Data Leak Vulnerability

Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data via malicious network traf…

| Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.3 MEDIUM
CVE-2026-7960 — Google Chrome Speech Race Condition Information Disclosure

Race in Speech in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted…

Remote | Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
3.1 LOW
CVE-2026-7959 — Google Chrome Navigation Renderer Process Isolation Bypass

Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.…

Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.4 MEDIUM
CVE-2026-7958 — Google Chrome ServiceWorker XSS

Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to inject arbitrary scripts or HTML (UX…

Remote | Cross-Site Scripting
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.8 HIGH
CVE-2026-7957 — Google Chrome Media Out-of-Bounds Code Execution Vulnerability

Out of bounds write in Media in Google Chrome on Mac, iOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a cr…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.3 HIGH
CVE-2026-7956 — Google Chrome Use After Free in Navigation

Use after free in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.3 MEDIUM
CVE-2026-7955 — Google Chrome GPU Uninitialized Use Remote Information Disclosure

Uninitialized Use in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via…

Remote | Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
3.1 LOW
CVE-2026-7954 — Google Chrome Cross-Origin Data Leakage in Shared Storage

Race in Shared Storage in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security…

Remote | Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
6.1 MEDIUM
CVE-2026-7953 — Google Chrome Omnibox HTML Injection Vulnerability

Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via malicious network traffic. (Chro…

Remote | Cross-Site Scripting
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.2 MEDIUM
CVE-2026-7952 — Google Chrome Extension Policy Enforcement Bypass

Insufficient policy enforcement in Extensions in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass discretionary access control via a c…

Remote | Authorization
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
8.8 HIGH
CVE-2026-7951 — Google Chrome WebRTC Out-of-Bounds Arbitrary Code Execution

Out of bounds write in WebRTC in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
5.4 MEDIUM
CVE-2026-7950 — Google Chrome GFX Out-of-Bounds Read/Write Vulnerability

Out of bounds read and write in GFX in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform arbitrary read/write via malicious network traffic. (Chromium security severity: Mediu…

Remote | Memory Corruption
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
3.1 LOW
CVE-2026-7949 — Google Chrome Skia Out-of-Bounds Read Vulnerability

Out of bounds read in Skia in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome Extension. (Chromi…

Remote | Information Disclosure
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
7.5 HIGH
CVE-2026-7948 — Google Chrome Windows Privilege Escalation

Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)

Remote | Race Condition
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.2 MEDIUM
CVE-2026-7947 — Google Chrome UI Spoofing Vulnerability

Insufficient validation of untrusted input in Network in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted H…

linux_kernel chrome macos windows | Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
4.3 MEDIUM
CVE-2026-7946 — Google Chrome WebUI Insufficient Policy Enforcement Remote Attack Bypass

Insufficient policy enforcement in WebUI in Google Chrome on Linux, Mac, Windows, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site iso…

linux_kernel chrome macos chrome_os windows | Remote | Misconfiguration
May 06, 2026 May 06, 2026
May 06, 2026
May 06, 2026
Showing 20 of 5922 Results