CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2026-10960
High

Wykorzystanie niezainicjowanej pamięci w kodekach w Google Chrome przed wersją 149.0.7827.53 umożliwia zdalnemu atakującemu, który przejął proces renderowania, potencjalne wykonanie ucieczki z piaskownicy za pomocą spreparowanej strony HTML.

CVE-2026-10959
High

Wykorzystanie po zwolnieniu pamięci w module Input w Google Chrome na Androidzie przed wersją 149.0.7827.53 umożliwia zdalnemu atakującemu wykonanie dowolnego kodu wewnątrz piaskownicy za pomocą spreparowanej strony HTML.

CVE-2026-10958
High

W Chrome na iOS przed wersją 149.0.7827.53 wystąpiła podatność typu use after free, która pozwalała zdalnemu atakującemu na wykonanie dowolnego kodu poprzez nakłonienie użytkownika do wykonania określonych gestów interfejsu użytkownika na spreparowanej stronie HTML.

CVE-2026-10957
High

Wykorzystanie po zwolnieniu pamięci w Glic w Google Chrome przed wersją 149.0.7827.53 umożliwia zdalnemu atakującemu wykonanie dowolnego kodu wewnątrz piaskownicy za pomocą spreparowanej strony HTML.

CVE-2026-10956
High

Use after free in MimeHandlerView in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10955
High

In Google Chrome on Windows prior to version 149.0.7827.53, a 'Type Confusion' vulnerability in ANGLE allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

CVE-2026-10954
High

In Google Chrome prior to version 149.0.7827.53, there was a use after free vulnerability in the Actor component that allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10953
High

Use after free in Core in Google Chrome on Android prior to version 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2026-10952
High

A use after free vulnerability in Chrome for iOS prior to version 149.0.7827.53 allows a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2026-10951
High

A use after free vulnerability in Autofill in Google Chrome on iOS prior to version 149.0.7827.53 can be exploited by a remote attacker. The attacker can convince a user to perform specific UI gestures, potentially leading to heap corruption via a crafted HTML page.

CVE-2026-10949
High

Heap buffer overflow in Video in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2026-10948
High

Use after free in WebRTC in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10947
High

A use after free vulnerability in WebRTC in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10946
High

Heap buffer overflow in Media in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10945
High

Use after free in PDF in Google Chrome prior to version 149.0.7827.53 allows a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted PDF file.

CVE-2026-10943
High

A use after free vulnerability in WebRTC in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10942
High

Inappropriate implementation in UI in Google Chrome on Windows prior to version 149.0.7827.53 allowed a local attacker to perform privilege escalation via a malicious file.

CVE-2026-10941
High

Out of bounds memory access in Skia in Google Chrome prior to version 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

CVE-2026-10940
High

A race condition in Codecs in Google Chrome on Windows prior to version 149.0.7827.53 allowed a remote attacker who compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

CVE-2026-10939
High

Wykorzystanie po zwolnieniu pamięci w WebRTC w Google Chrome przed wersją 149.0.7827.53 umożliwia zdalnemu atakującemu wykonanie dowolnego kodu wewnątrz piaskownicy za pomocą spreparowanej strony HTML.

PreviousPage 193 of 3362Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS