Search for packages
| purl | pkg:deb/debian/chromium@143.0.7499.169-1~deb12u1 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-13vg-hewg-efaa | chromium-browser: Out of bounds write in Skia |
CVE-2026-3909
|
| VCID-16jz-z9wn-ybeh | Incorrect security UI in Downloads in Google Chrome prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-8906
|
| VCID-16ya-nvrn-ebcz | chromium-browser: Type Confusion in V8 |
CVE-2025-13223
|
| VCID-177e-4wkx-uqgh | Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-5959
|
| VCID-17t6-b8qv-mudd | chromium-browser: Type Confusion in V8 |
CVE-2025-13227
|
| VCID-183d-56jq-f3dq | chromium-browser: Inappropriate implementation in V8 |
CVE-2025-12429
|
| VCID-18zj-3fw3-xybz | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7974
|
| VCID-1cz4-r1qk-6fce | chromium-browser: Side-channel information leakage in ResourceTiming |
CVE-2026-3929
|
| VCID-1dpv-yktr-u7a5 | chromium-browser: Use after free in CSS |
CVE-2026-2313
|
| VCID-1gbt-xkej-k7aw | chromium-browser: Heap buffer overflow in ANGLE |
CVE-2026-5275
|
| VCID-1hju-8srd-57bg | Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2024-3844
|
| VCID-1myc-2zvg-4ufz | Inappropriate implementation in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-8581
|
| VCID-1u43-n5v6-auby | Race in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5893
|
| VCID-1ugq-9quv-t3cj | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8638
|
| VCID-1wy7-bhfy-s3am |
CVE-2024-6992
|
|
| VCID-1yhp-44rg-fygc | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0806
|
| VCID-1yu2-c4b5-2bg1 | Use after free in Media Stream in Google Chrome prior to 138.0.7204.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-8292
|
| VCID-1yv3-9hvy-wqad | Inappropriate implementation in Passkeys in Google Chrome prior to 140.0.7339.80 allowed a local attacker to obtain potentially sensitive information via debug logs. (Chromium security severity: Low) |
CVE-2025-12910
|
| VCID-1zc8-fbzm-tbaz | Inappropriate implementation in Selection in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-1922
|
| VCID-21xz-1hjx-9fcs | chromium-browser: Integer overflow in Dawn |
CVE-2026-4453
|
| VCID-23fj-v9v2-k7gc | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7001
|
| VCID-25qg-xwg9-g7cs | chromium-browser: Use after free in WebMIDI |
CVE-2026-3923
|
| VCID-2667-w4v4-kbau | chromium-browser: Incorrect security UI in Digital Credentials |
CVE-2026-0904
|
| VCID-29k7-7udt-m7gf | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7967
|
| VCID-2a4a-cy2w-1kcj | chromium-browser: Use after free in Network |
CVE-2026-4454
|
| VCID-2egg-pvxw-euc5 | Type Confusion in V8 in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-12381
|
| VCID-2gxu-2jew-qbag | Use after free in WebAudio in Google Chrome prior to 136.0.7103.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-4372
|
| VCID-2h9c-p1ft-8uh7 | chromium-browser: use after free in Visuals |
CVE-2024-4671
|
| VCID-2k46-261h-y3bd | Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5873
|
| VCID-2ngt-7pmw-yqdu | Use after free in Metrics in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-6192
|
| VCID-2pn3-27ey-q7he | chromium-browser: Heap buffer overflow in WebML |
CVE-2026-3915
|
| VCID-2pps-vuj1-quec | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6999
|
| VCID-2rju-kk9j-1kbb | Inappropriate implementation in FileSystemAccess API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-5065
|
| VCID-2s3f-gpnp-jbgx | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7535
|
| VCID-2s6k-knqz-s7bv | Use after free in Compositing in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5290
|
| VCID-2taa-wgtc-73e9 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1284
|
| VCID-2vb3-r28m-ukh8 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-10488
|
| VCID-2wwk-aa81-63fa | Inappropriate implementation in PictureInPicture in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9958
|
| VCID-2wx7-m8kj-jqby | chromium-browser: Out of bounds read and write in WebAudio |
CVE-2026-4459
|
| VCID-2xgf-yqm4-7fgx | Use after free in Skia in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0444
|
| VCID-2yea-nk5s-73a9 | Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5913
|
| VCID-32jv-rv5v-pugx | Use after free in Dawn in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3515
|
| VCID-32xu-tbuh-nfds | chromium-browser: Insufficient policy enforcement in WebUSB |
CVE-2026-5276
|
| VCID-34ga-6n2z-4bcm | Inappropriate implementation in Background Fetch API in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-5064
|
| VCID-3667-sfaw-duhy | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5832
|
| VCID-36ar-zuar-vuas | chromium-browser: Inappropriate implementation in V8 |
CVE-2026-4447
|
| VCID-37p8-9fc4-cqgk | Use after free in Animation in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-6555
|
| VCID-38qj-nt3w-ubcn | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-10231
|
| VCID-39qy-3qyz-ykdk | Incorrect security UI in Downloads in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-3937
|
| VCID-39u9-vf11-4qd6 | Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-8010
|
| VCID-3ck8-byja-cyar | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11210
|
| VCID-3crp-s5mv-cyf1 |
CVE-2024-6993
|
|
| VCID-3etf-ubtt-43ge | Heap buffer overflow in WebAudio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5864
|
| VCID-3fyz-acrt-2qae | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11115
|
| VCID-3mkp-x5ub-kqe9 | chromium-browser: Out of bounds memory access in WebML |
CVE-2026-3920
|
| VCID-3qva-pymb-uua7 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7972
|
| VCID-3tdb-ppq4-nka5 | chromium-browser: Insufficient policy enforcement in Clipboard |
CVE-2026-3938
|
| VCID-3x1r-zfb7-6bea | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5840
|
| VCID-3x2p-avg5-93gs | chromium-browser: Out of bounds read in WebXR |
CVE-2025-12443
|
| VCID-41um-8pnt-f7f6 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5834
|
| VCID-42cw-f7xp-tqdj | chromium-browser: Out of bounds read in V8 |
CVE-2025-12441
|
| VCID-437c-vuxc-bycy | chromium-browser: Inappropriate implementation in V8 |
CVE-2025-13042
|
| VCID-43a7-cgas-k3hs | Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) |
CVE-2026-0628
|
| VCID-43dh-62vg-myda | Integer overflow in V8 in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-7656
|
| VCID-4421-e3ts-aqaw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0442
|
| VCID-44gz-jthj-1far | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11215
|
| VCID-49jd-zza9-pqe3 | chromium-browser: Inappropriate implementation in WebAssembly |
CVE-2026-3542
|
| VCID-49ka-96ec-qubu | chromium-browser: Heap buffer overflow in WebCodecs |
CVE-2026-3544
|
| VCID-4a82-wdqx-2ub1 | Inappropriate implementation in Custom Tabs in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-3072
|
| VCID-4aa4-pd7n-yyfq | Use after free in V8 in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0995
|
| VCID-4dke-ryut-ebhg | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0436
|
| VCID-4dnd-n4tg-8fhs | Uninitialized Use in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) |
CVE-2024-6990
|
| VCID-4g2e-nypz-j3cb | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0809
|
| VCID-4gd5-hba3-z3c2 | chromium-browser: Type Confusion in V8 |
CVE-2025-13630
|
| VCID-4hwd-qaxh-ebac | Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5861
|
| VCID-4mw4-w3rp-kka6 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11110
|
| VCID-4nwy-ujza-aqeg | Inappropriate implementation in Permission Prompts in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2025-1923
|
| VCID-4psj-zrnq-c3ar | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5831
|
| VCID-4rsu-dm7j-pkbt | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1674
|
| VCID-4ugv-vjzk-8qgw | Use after free in Dawn in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-4948
|
| VCID-4vsx-3sh3-xfdn | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8636
|
| VCID-4wbt-pjxj-qbcp | Integer overflow in Layout in Google Chrome prior to 129.0.6668.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-7025
|
| VCID-4x4d-qvt8-93hx | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-4059
|
| VCID-51sw-7uqb-wqbw | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6772
|
| VCID-54d8-nkk2-nyhf | Inappropriate implementation in Tab Strip in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-5067
|
| VCID-54sp-9hcq-skh6 | Insufficient policy enforcement in Loader in Google Chrome prior to 138.0.7204.49 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-6556
|
| VCID-5754-qrbg-2yds | Uninitialized Use in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5888
|
| VCID-57rb-fgba-xqae | Inappropriate implementation in Toolbar in Google Chrome on Android prior to 143.0.7499.110 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-14373
|
| VCID-5a28-29fu-5qfm | chromium-browser: Incorrect security UI in Fullscreen UI |
CVE-2025-12444
|
| VCID-5f2g-tdga-5fcc | chromium-browser: Use after free in CSS |
CVE-2026-2441
|
| VCID-5fgg-qq38-tbcp | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7532
|
| VCID-5hry-b8fp-qqet | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6996
|
| VCID-5uf7-45dg-skfb | Insufficient policy enforcement in DevTools in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to bypass enterprise host restrictions for cookie modification via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2026-5901
|
| VCID-5us9-z9j9-h3gy | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5158
|
| VCID-5vsp-atse-vqe7 | chromium-browser: Insufficient policy enforcement in ChromeDriver |
CVE-2026-3934
|
| VCID-5whj-kbpq-kbhb | Use after free in V8 in Google Chrome prior to 133.0.6943.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0445
|
| VCID-5wu4-dfd3-wkh2 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0762
|
| VCID-5yx6-q3fm-3kfh | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2173
|
| VCID-5z4q-511c-3yfg | Inappropriate implementation in Toolbar in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-9865
|
| VCID-5znj-k78s-suca | chromium-browser: Use after free in PDF |
CVE-2026-5287
|
| VCID-621x-1fsp-qbg8 | Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-12447
|
| VCID-65wc-ug52-3ydw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-12695
|
| VCID-67c2-tzxz-6ucq | Incorrect security UI in Omnibox in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5906
|
| VCID-68h2-kn31-2ybd | chromium-browser: Incorrect security UI in SplitView |
CVE-2025-12446
|
| VCID-699p-7mfs-2yf5 | Inappropriate implementation in Downloads in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-3074
|
| VCID-69gk-s2gk-5fan | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5844
|
| VCID-6cgw-ceaa-jqht | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-10826
|
| VCID-6cnh-99d3-fff6 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7977
|
| VCID-6dub-gz8z-m3fk | Use after free in Navigation in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5289
|
| VCID-6fhm-q7k7-n3dw | Inappropriate implementation in Navigations in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-3071
|
| VCID-6g55-bq46-4qf6 | chromium-browser: Insufficient validation of untrusted input in Navigation |
CVE-2026-4451
|
| VCID-6mnu-e2be-wyct | chromium-browser: Incorrect security UI in WebAppInstalls |
CVE-2026-3935
|
| VCID-6mue-56py-gkhg | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-4761
|
| VCID-6qzb-mjpe-8qey | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1669
|
| VCID-6rrx-tub6-tyg5 | chromium-browser: Use after free in PageInfo |
CVE-2025-12437
|
| VCID-6srd-841w-y3ba | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5841
|
| VCID-6te6-9qty-f7fg | Use after free in Navigation in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) |
CVE-2024-6777
|
| VCID-6tkp-6yc2-cudg | chromium-browser: Out of bounds memory access in V8 |
CVE-2026-0899
|
| VCID-6u7f-hc3c-87fu | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2885
|
| VCID-6va8-bx38-4bev | chromium-browser: Integer overflow in ANGLE |
CVE-2026-4464
|
| VCID-6wb7-8x4p-dkgt | Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-12906
|
| VCID-6wvf-a1jy-qfa3 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8639
|
| VCID-71px-5p92-ebh3 | chromium-browser: Inappropriate implementation in Background Fetch API |
CVE-2026-1504
|
| VCID-7b1v-cp5z-zffj | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-10230
|
| VCID-7gex-zf7d-5ka4 | chromium-browser: Use after free in CSS |
CVE-2026-5273
|
| VCID-7h7y-24wt-fbb4 | chromium-browser: Inappropriate implementation in DevTools |
CVE-2025-13632
|
| VCID-7krq-wfrd-6fbp | Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted video file. (Chromium security severity: Low) |
CVE-2026-5907
|
| VCID-7xpc-b6br-67eq | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0813
|
| VCID-7xwr-n7n2-kqbz | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7965
|
| VCID-83ge-9gkd-vbdb | Inappropriate implementation in Prompts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-3846
|
| VCID-88yy-dyf6-cue7 | chromium-browser: Use after free in Dawn |
CVE-2026-5284
|
| VCID-8bnc-dry1-23bq | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11209
|
| VCID-8enw-6zpp-gfdw | chromium-browser: Inappropriate implementation in WebRTC |
CVE-2025-13639
|
| VCID-8gcp-86m1-g7bv | chromium-browser: Race in v8 |
CVE-2025-13721
|
| VCID-8h6y-rjqd-nydy | Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on Windows prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted Chrome Extension. (Chromium security severity: Medium) |
CVE-2025-1915
|
| VCID-8hq7-bca9-xkhw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-8882
|
| VCID-8kq6-ndny-7bgx | chromium-browser: Heap buffer overflow in PDFium |
CVE-2026-4455
|
| VCID-8m5n-bvg8-vkcm | Type Confusion in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6100
|
| VCID-8nzh-a7kr-gqem | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2886
|
| VCID-8qta-157v-ubac | Insufficient data validation in DevTools in Google Chrome on Windows prior to 138.0.7204.49 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-6557
|
| VCID-8sah-61zb-cbb8 | Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-10201
|
| VCID-8trt-crc2-hke8 | chromium-browser: Use after free in Digital Credentials API |
CVE-2026-4456
|
| VCID-8uaq-e8kp-87fs | chromium-browser: Out of bounds read in WebCodecs |
CVE-2026-5282
|
| VCID-8vsf-szma-sbad | Use after free in Compositing in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-5063
|
| VCID-8w28-7mdd-gkf9 | chromium-browser: Insufficient policy enforcement in Frames |
CVE-2026-2316
|
| VCID-8zqx-ypy1-4uab | Inappropriate implementation in Autofill in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-8908
|
| VCID-9247-yks3-r3a4 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11206
|
| VCID-98mt-7srw-qfh4 | A vulnerability has been discovered in libvpx, which could lead to execution of arbitrary code. |
CVE-2025-5283
|
| VCID-997t-9tzj-nybs | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2627
|
| VCID-9anz-7fns-xufe | chromium-browser: Use after free in WebMCP |
CVE-2026-3918
|
| VCID-9bqq-9jac-33dj | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3156
|
| VCID-9cft-hfwj-zudh | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7964
|
| VCID-9d7w-89vj-m3gy | Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5862
|
| VCID-9g5w-9vct-vybx | Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-1914
|
| VCID-9hdr-ga11-auaf | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-9132
|
| VCID-9hsy-7hey-gyfk | Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-1939
|
| VCID-9jqr-s8fu-mfhu | Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-5068
|
| VCID-9knk-d9fx-5fhq | Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-1861
|
| VCID-9m6n-5q8f-duhk | Inappropriate implementation in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5918
|
| VCID-9p5u-1x3q-63dh | chromium-browser: Use after free in Dawn |
CVE-2026-5286
|
| VCID-9q9q-6hv9-zkfc | Inappropriate implementation in BFCache in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially obtain user information via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-5281
|
| VCID-9rar-cdb7-zfcu | Insufficient data validation in DevTools in Google Chrome on Windows prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-9965
|
| VCID-9s6e-p69b-suep | chromium-browser: Object corruption in V8 |
CVE-2026-5279
|
| VCID-9sbp-bp4k-23cn | chromium-browser: Integer overflow in ANGLE |
CVE-2026-5277
|
| VCID-9uq1-attd-6fg9 | Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-8577
|
| VCID-9wf6-sa3n-tbgp | chromium-browser: Type Confusion in V8 |
CVE-2026-4457
|
| VCID-a57f-aj6e-5kf5 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11212
|
| VCID-a6sr-d3nx-5bee | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8193
|
| VCID-a9md-7mxf-kkdb | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2625
|
| VCID-aav8-akje-f7d5 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0810
|
| VCID-aeyw-f9g1-eqhw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-1920
|
| VCID-ag6k-6g3t-vqdx | chromium-browser: another type Confusion in V8 |
CVE-2024-5274
|
| VCID-agp5-s1r2-yygj | Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-4664
|
| VCID-aj3z-7kzy-j7e6 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7005
|
| VCID-ajvh-4wcj-jqhc | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7976
|
| VCID-akyq-kpr7-d3em | Use after free in Navigation in Google Chrome prior to 133.0.6943.98 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: High) |
CVE-2025-0997
|
| VCID-apvk-3qxe-23ga | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1060
|
| VCID-ardf-c68e-mfbk | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-2476
|
| VCID-as76-9ntp-y3bp | Use after free in QUIC in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3837
|
| VCID-asbu-ze26-qqak | chromium-browser: Integer overflow in ANGLE |
CVE-2026-3536
|
| VCID-asqc-29nd-4qac | chromium-browser: Inappropriate implementation in DevTools |
CVE-2024-7017
|
| VCID-aswt-va77-5ub8 | chromium-browser: Heap buffer overflow in CSS |
CVE-2026-4442
|
| VCID-au3p-7kzq-m3am | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7534
|
| VCID-avte-yqw4-3ufz | Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0612
|
| VCID-b1jg-wapn-efb2 | Inappropriate implementation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-4052
|
| VCID-b1xu-ym1u-akf7 | chromium-browser: Insufficient policy enforcement in DevTools |
CVE-2026-3940
|
| VCID-b671-bvpf-1qbz | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6293
|
| VCID-b7tk-q4qp-tfbk | Insufficient validation of untrusted input in WebSockets in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5919
|
| VCID-bem9-ezts-n3b2 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0447
|
| VCID-bgf9-7m1a-53gh | chromium-browser: Inappropriate implementation in DevTools |
CVE-2025-13097
|
| VCID-bhvu-xcx2-67fm | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7000
|
| VCID-bjbc-v44f-rfbd | Uninitialized Use in V8 in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-7022
|
| VCID-bkuk-5beb-vfdh | Inappropriate implementation in Downloads in Google Chrome on Windows prior to 143.0.7499.41 allowed a local attacker to bypass mark of the web via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-13634
|
| VCID-bmy7-3q2y-kycp | chromium-browser: Heap buffer overflow in WebML |
CVE-2026-3913
|
| VCID-bpey-jwmy-hbcx | Heap buffer overflow in ANGLE in Google Chrome prior to 123.0.6312.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3516
|
| VCID-bsuh-szcs-rbhr | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1673
|
| VCID-btba-bmrd-hbhc | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0435
|
| VCID-bzqm-cncx-rydw | Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 136.0.7103.113 allowed a remote attacker to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) |
CVE-2025-4609
|
| VCID-c1e8-q9p1-9yc1 | chromium-browser: Out of bounds read in Blink |
CVE-2026-4462
|
| VCID-c4ah-r5g9-rkbw | Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file. (Chromium security severity: Medium) |
CVE-2025-1918
|
| VCID-c4ds-sg5r-gbbv | Use after free in Serviceworker in Google Chrome on Desktop prior to 140.0.7339.127 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
CVE-2025-10200
|
| VCID-c53f-mhak-hqf3 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7971
|
| VCID-c61j-p3uq-43bx | Inappropriate implementation in UI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-7019
|
| VCID-c67h-3ect-6bf3 | Insufficient validation of untrusted input in WebML in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5885
|
| VCID-c6en-brtw-37h9 | Inappropriate implementation in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5863
|
| VCID-c8hg-hgtq-qqb1 | chromium-browser: Inappropriate implementation in WebGPU |
CVE-2026-2315
|
| VCID-c91w-zmj5-pfa4 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7973
|
| VCID-cauw-99m8-xygg | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0807
|
| VCID-cbcv-2prm-rygz | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3159
|
| VCID-cdq2-f4zx-sqd3 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0439
|
| VCID-cfav-qfak-gyc6 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2176
|
| VCID-cfss-kmk3-1uht | Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5868
|
| VCID-ch88-wze3-vkht | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8034
|
| VCID-chwf-3ees-vucx | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-8881
|
| VCID-ck56-wn1x-xyeq | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6101
|
| VCID-ck94-13us-pbhd | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6991
|
| VCID-cnvn-bkhg-a3dw | Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-7657
|
| VCID-crkt-7ueh-dbau | Inappropriate implementation in Media Stream in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to obtain information about a peripheral via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-1921
|
| VCID-cw13-y3s5-d7cg | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0443
|
| VCID-cwa7-2web-w7b2 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1671
|
| VCID-cwab-m23u-n7at | Inappropriate implementation in Permissions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-8583
|
| VCID-cwf5-rgck-rbbt | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-4058
|
| VCID-cwjd-k7er-aqgb | chromium-browser: Out of bounds read in Web Speech |
CVE-2026-3916
|
| VCID-cxn7-3nw9-rbh7 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5843
|
| VCID-czw8-8fdh-eka1 | Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6779
|
| VCID-d4gt-rndb-wbat | Out of bounds read in Fonts in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3839
|
| VCID-dah7-rev6-jffr | Incorrect security UI in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5878
|
| VCID-dak5-5nct-kfhs | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-10500
|
| VCID-dcdp-y63b-kkde | Cryptographic Flaw in PDFium in Google Chrome prior to 147.0.7727.55 allowed an attacker to read potentially sensitive information from encrypted PDFs via a brute-force attack. (Chromium security severity: Medium) |
CVE-2026-5889
|
| VCID-ddbh-27cx-s7dw | chromium-browser: Inappropriate implementation in App-Bound Encryption |
CVE-2025-12439
|
| VCID-ddbx-2xsp-b3ek | Use after free in Profiles in Google Chrome prior to 134.0.6998.35 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-1916
|
| VCID-dm1v-u4c8-f7ck | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7003
|
| VCID-dm39-2c62-7bb6 | Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5869
|
| VCID-dmdh-urc6-hyaz | Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-2631
|
| VCID-dnjz-ad9c-tye8 | Use after free in Screen Capture in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6774
|
| VCID-dpnh-vhy1-4ucf | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6290
|
| VCID-dujg-8zc9-53ek | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5830
|
| VCID-dvc2-qesm-jkd5 | Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5879
|
| VCID-dvgp-y1pz-1ff8 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3158
|
| VCID-dvuw-89yr-h7hc | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-12693
|
| VCID-dwqg-vuy2-2uhe | Policy bypass in ServiceWorkers in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5911
|
| VCID-dyzh-rwzx-mkgx | chromium-browser: Insufficient data validation in Navigation |
CVE-2026-3545
|
| VCID-e2xh-b12b-g3hr | Use after free in DevTools in Google Chrome prior to 122.0.6261.57 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3168
|
| VCID-e3br-r15s-bqee | chromium-browser: Use after free in Ozone |
CVE-2025-12438
|
| VCID-e54n-ssfq-9ya6 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0434
|
| VCID-e6py-jm3k-a3ck | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-2137
|
| VCID-e8cj-guq1-2uar | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-9123
|
| VCID-e8mr-b3wv-gufm | chromium-browser: Use after free in Blink |
CVE-2026-4449
|
| VCID-e9zy-fjs9-kbeq | chromium-browser: Out of bounds read and write in Tint |
CVE-2026-3062
|
| VCID-edca-yux6-hfg2 | chromium: Chrome V8 Type Confusion Read/Write |
CVE-2025-6554
|
| VCID-eeq5-gjbb-wyet | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5835
|
| VCID-eg1s-nqjw-b3f6 | Incorrect security UI in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-0906
|
| VCID-ehkc-zgaa-23fy | chromium-browser: Out of bounds read in CSS |
CVE-2026-4674
|
| VCID-ehpx-cudz-zqae | Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5493
|
| VCID-ekue-zrh2-27ex | Use after free in Audio in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6776
|
| VCID-en8g-26ps-8qbz | Out of bounds read in WebGPU in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-12725
|
| VCID-eppu-2256-nud8 | Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5866
|
| VCID-erw2-rh9x-nybk | chromium-browser: Out of bounds read and write in WebGL |
CVE-2026-4440
|
| VCID-es45-v7v3-gkcy | Use after free in Extensions in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) |
CVE-2025-8576
|
| VCID-etf2-r8hv-efh3 | chromium-browser: Incorrect security UI in Split View |
CVE-2026-0907
|
| VCID-euu3-mp7s-7bb3 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8637
|
| VCID-ev82-7tj6-zkgg | Incorrect security UI in LookalikeChecks in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-3925
|
| VCID-ezsm-r6h7-b3hu | Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5884
|
| VCID-f4pg-8mqs-bkaq | Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-7256
|
| VCID-f9cc-vq7n-7feh | chromium-browser: Type Confusion in V8 |
CVE-2025-13224
|
| VCID-fazb-vu1j-qkcg | Insufficient policy enforcement in Site Isolation in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3840
|
| VCID-fbem-1qpe-aqda | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6989
|
| VCID-fbhx-fq7g-w3hb | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7981
|
| VCID-fe4a-beyp-rkby | Use after free in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-4445
|
| VCID-fe9g-f832-93ge | Policy bypass in LocalNetworkAccess in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5881
|
| VCID-fene-srh1-b3gp | chromium-browser: Integer overflow in Codecs |
CVE-2026-5274
|
| VCID-fkyq-rccj-fuan | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2887
|
| VCID-fm1v-h981-hfat | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11756
|
| VCID-fmm5-bjps-u7he | Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-1862
|
| VCID-fptw-w5qg-8qh7 | chromium-browser: Out of bounds read in Skia |
CVE-2026-4460
|
| VCID-fsra-m4tw-fbhk | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1672
|
| VCID-fsrh-9pjx-1bgs | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0812
|
| VCID-fts7-2szz-bke1 | Inappropriate implementation in Extensions API in Google Chrome prior to 133.0.6943.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Medium) |
CVE-2025-0451
|
| VCID-fxe5-hz1y-p3b4 | Type Confusion in V8 in Google Chrome prior to 138.0.7204.168 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-8011
|
| VCID-fzgh-mk5w-8ubx | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0811
|
| VCID-g1nu-japp-wbec | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0805
|
| VCID-g2tg-4jum-qkdq | chromium-browser: Type Confusion in V8 |
CVE-2025-13226
|
| VCID-g442-up9e-z3f2 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7550
|
| VCID-g8mm-2jmc-zuh3 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-4559
|
| VCID-gc4t-7ghq-9qbu | Insufficient data validation in Downloads in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9963
|
| VCID-gdn6-smyz-j3fm | Heap buffer overflow in Codecs in Google Chrome on Windows prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
CVE-2025-3619
|
| VCID-ge6a-3w19-d7ba | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1077
|
| VCID-ge74-2md4-hqgv | Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-10892
|
| VCID-gey8-v54f-rqhn | chromium-browser: Use after free in Ozone |
CVE-2026-2321
|
| VCID-gj24-r1kr-1qg7 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-8880
|
| VCID-gkwa-9h3v-q3bq | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7978
|
| VCID-gkza-cdmr-8kgc | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5838
|
| VCID-gm3s-spcn-7udg | chromium-browser: Insufficient policy enforcement in DevTools |
CVE-2026-3941
|
| VCID-gte6-2nmf-17ed | Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5865
|
| VCID-gtvc-bxas-pbfd | chromium-browser: Inappropriate implementation in V8 |
CVE-2026-4461
|
| VCID-gwaw-v9x7-ufef | chromium-browser: Inappropriate implementation in V8 |
CVE-2026-0902
|
| VCID-gyb8-r6sx-dyfq | Type confusion in WebAssembly in Google Chrome prior to 126.0.6478.126 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-9859
|
| VCID-gz5r-x3cv-9yh6 | Side-channel information leakage in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5876
|
| VCID-gzer-ha74-rud6 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5159
|
| VCID-h1qs-sdxq-fqg7 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1676
|
| VCID-h4bc-hpby-53a2 | Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5872
|
| VCID-h5kz-vcq9-1bgh | Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0611
|
| VCID-hgdv-3a81-xbh2 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11208
|
| VCID-hh5j-vytm-cfda | chromium-browser: Use after free in WindowDialog |
CVE-2026-3924
|
| VCID-hhh2-h1h9-47e5 | Use after free in UI in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9957
|
| VCID-hhme-jc9c-wua5 | Inappropriate implementation in Extensions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-9866
|
| VCID-hv8x-2qvm-6fc2 | chromium-browser: Heap buffer overflow in Media |
CVE-2026-2650
|
| VCID-hvrw-kcqp-vkff | chromium-browser: Inappropriate implementation in File input |
CVE-2026-2322
|
| VCID-hy6v-dksh-eba8 | chromium-browser: Inappropriate implementation in V8 |
CVE-2026-3543
|
| VCID-hya4-e9c1-qfg3 | chromium-browser: Bad cast in Loader |
CVE-2025-13720
|
| VCID-j1e8-svxg-53gu | chromium-browser: Heap buffer overflow in Codecs |
CVE-2026-2314
|
| VCID-j37e-6ba3-jfg5 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-9478
|
| VCID-j6ca-hcw4-bke7 | Use after free in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5860
|
| VCID-j736-y8am-xbah | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3832
|
| VCID-j7q1-jhtq-d7dh | Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6102
|
| VCID-j823-r57d-97cx | chromium-browser: Policy bypass in Extensions |
CVE-2025-12436
|
| VCID-j9bt-u7v1-mkgt | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-2136
|
| VCID-jath-p7kj-xkb5 | chromium-browser: Out of bounds memory access in WebGL |
CVE-2026-4439
|
| VCID-jbp7-wmxx-cfds | chromium-browser: Out of bounds read in V8 |
CVE-2026-3926
|
| VCID-jckd-f5kt-9yan | Object lifecycle issue in PowerVR in Google Chrome on Android prior to 145.0.7632.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
CVE-2026-3537
|
| VCID-jcqn-xvsp-eyb1 | Policy bypass in Audio in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass sandbox download restrictions via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5896
|
| VCID-jf3p-zc2c-7ydj | chromium-browser: Inappropriate implementation in CSS |
CVE-2026-3541
|
| VCID-jg3y-nbqx-2qhk | Incorrect security UI in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5897
|
| VCID-jpyw-dj8s-x3em | Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5915
|
| VCID-jqrx-fcqr-wfg1 | Use after free in WebRTC in Google Chrome prior to 121.0.6167.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3170
|
| VCID-jr1y-txur-ebgr | chromium-browser: Heap buffer overflow in GPU |
CVE-2026-5272
|
| VCID-jrwn-cxgc-rbcy | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7968
|
| VCID-jx5n-hjrz-1ydv | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11219
|
| VCID-jzhh-svqk-fuat | chromium-browser: Integer overflow in WebML |
CVE-2026-3914
|
| VCID-jzwa-xv6a-ufgw | Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-4050
|
| VCID-k1pq-gfyb-nqcv | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6995
|
| VCID-k4kf-hvym-nfd6 | Insufficient policy enforcement in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to leak cross-origin data via Devtools. (Chromium security severity: Low) |
CVE-2025-12909
|
| VCID-k57k-h41e-hbay | Inappropriate implementation in Picture In Picture in Google Chrome prior to 139.0.7258.66 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-8579
|
| VCID-kcsu-b91y-t7g5 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3834
|
| VCID-ke3x-ajgw-s3av | Use after free in Cast in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-8578
|
| VCID-keqa-qrda-xqbu | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7975
|
| VCID-kfsu-z2wc-zqb5 | chromium-browser: Inappropriate implementation in Autofill |
CVE-2025-12440
|
| VCID-kj7m-t28f-akce | Inappropriate implementation in Autofill in Google Chrome prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-3073
|
| VCID-kk71-tdbb-yqgp | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1670
|
| VCID-kkgg-9crf-zbg4 | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6773
|
| VCID-kntf-5ubj-1be5 | Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5894
|
| VCID-kq3y-vxg1-nbcb | chromium-browser: Race in V8 |
CVE-2025-12432
|
| VCID-kqjd-8w3j-wqcm | Policy bypass in IFrameSandbox in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5903
|
| VCID-ktjv-8dj1-dbhq | chromium-browser: Type Confusion in V8 |
CVE-2025-13229
|
| VCID-ku48-4fhr-53cs | Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5495
|
| VCID-ku6h-fwbx-jfea | chromium-browser: Unsafe navigation in Navigation |
CVE-2026-3930
|
| VCID-kubz-v57e-wfe4 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8198
|
| VCID-kv54-x8mg-6qha | chromium-browser: Inappropriate implementation in Animation |
CVE-2026-2317
|
| VCID-kzf2-z6tv-w3hh | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5836
|
| VCID-m2a1-v6jc-kqbh | chromium-browser: Google Chrome V8: Out-of-bounds read and write leads to heap corruption |
CVE-2025-14766
|
| VCID-m2q1-15ug-cudj | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-12729
|
| VCID-m344-92r3-57ac | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0291
|
| VCID-m4hs-41n2-8bbz | Malicious pages could use Firefox for Android to pass FIDO: links to the OS and trigger the "hybrid" passkey transport. An attacker within Bluetooth range could have used this to trick the user into using their passkey to log the attacker's computer into the target account. |
CVE-2024-9956
|
| VCID-m4yn-u4qr-1yce | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8035
|
| VCID-m534-2qgb-nfef | Inappropriate implementation in Views in Google Chrome on Windows prior to 142.0.7444.137 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-12726
|
| VCID-m5um-4e29-gfau | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2883
|
| VCID-m84v-xahm-rubz | Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2026-5904
|
| VCID-m947-x8gn-dybn | Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed an attacker who convinced a user to install a malicious app to perform UI spoofing via a crafted app. (Chromium security severity: Medium) |
CVE-2024-3838
|
| VCID-m98j-wthn-yff3 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0440
|
| VCID-mhd8-qg19-cqg1 | chromium-browser: Use after free in Media Stream |
CVE-2025-13638
|
| VCID-mhfc-jc5n-gfbu | Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-1426
|
| VCID-mmtm-79qv-y3f9 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-9122
|
| VCID-msy4-5tju-c3ak | Inappropriate implementation in Networks in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass mixed content policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-3845
|
| VCID-mug4-6rdz-1uhm | Inappropriate implementation in Permissions in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9962
|
| VCID-mv9m-jyjx-cfbm | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11113
|
| VCID-n12n-mxuw-3ke8 | Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a remote attacker who had compromised the GPU process to potentially perform a sandbox escape via specific UI gestures. (Chromium security severity: High) |
CVE-2024-3157
|
| VCID-n42w-7gws-n7dz | Insufficient policy enforcement in PWAs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to install a PWA without user consent via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5892
|
| VCID-n4j3-th65-kyhu | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1283
|
| VCID-n536-qxue-zkej | Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-7255
|
| VCID-n5d6-9gwm-vkc7 | chromium-browser: Use after free in FedCM |
CVE-2026-4680
|
| VCID-n5xg-jepy-sbcx | chromium-browser: Inappropriate implementation in V8 |
CVE-2025-12727
|
| VCID-nc25-hahz-myek | Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-4950
|
| VCID-nc2x-jyqw-8qa8 | Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5877
|
| VCID-neem-fet6-pfdg | Insufficient policy enforcement in History Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5899
|
| VCID-nh48-1r8z-c3bs | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0448
|
| VCID-nku3-ejb7-e7av | Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-3069
|
| VCID-nmme-f7b2-qbcu | Incorrect security UI in Permissions in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5905
|
| VCID-nmue-gwtf-vyc4 | Insufficient data validation in Mojo in Google Chrome prior to 129.0.6668.89 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-9369
|
| VCID-npma-6cc2-gbbh | Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-10890
|
| VCID-nw39-3fus-fkbt | chromium-browser: Inappropriate implementation in PictureInPicture |
CVE-2026-2318
|
| VCID-nx9y-phy4-1bb8 | chromium-browser: Insufficient policy enforcement in PDF |
CVE-2026-3939
|
| VCID-p2tt-caau-rya1 | chromium-browser: Stack buffer overflow in WebRTC |
CVE-2026-4444
|
| VCID-p3ts-q4qw-1qch | Insufficient data validation in Browser Switcher in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to inject scripts or HTML into a privileged page via a malicious file. (Chromium security severity: Medium) |
CVE-2024-3841
|
| VCID-p3wp-rb44-7ygm | Insufficient policy enforcement in WebUI in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-3847
|
| VCID-par5-g7n2-pyct | Type Confusion in V8 in Google Chrome prior to 122.0.6261.94 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-1938
|
| VCID-pc5u-qka6-mqft | chromium-browser: Insufficient policy enforcement in Network |
CVE-2026-0905
|
| VCID-pcjq-3qj5-zbbq | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-10502
|
| VCID-pcs2-h7um-auga | chromium-browser: Out of bounds write in V8 |
CVE-2026-4450
|
| VCID-pekh-tzgu-uqgd | Use after free in ParcelTracking in Google Chrome on iOS prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9961
|
| VCID-pevd-19t4-2qcm | Out of bounds write in Streams API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5499
|
| VCID-pff7-gknz-cfeg | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7966
|
| VCID-pg29-vrqh-pka8 | chromium-browser: Use after free in Dawn |
CVE-2026-4676
|
| VCID-pg9a-gjuw-kfcg | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11213
|
| VCID-pgw2-3qy2-5ban | chromium-browser: Heap buffer overflow in WebGL |
CVE-2026-4675
|
| VCID-pmf2-vmfr-fkar | chromium-browser: Inappropriate implementation in WebAudio |
CVE-2026-3540
|
| VCID-pmwr-4j1v-s7gu | chromium-browser: Out of bounds read in WebAudio |
CVE-2026-4677
|
| VCID-pqrn-hm1a-mudt | Use after free in Translate in Google Chrome prior to 131.0.6778.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-12382
|
| VCID-psgp-p8nd-wkcg | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-9603
|
| VCID-psry-wjkx-s7ha | chromium-browser: Type Confusion in V8 |
CVE-2025-13228
|
| VCID-ptwz-uax5-mqbq | chromium-browser: Heap buffer overflow in WebAudio |
CVE-2026-4673
|
| VCID-pu1d-mahg-wqd3 | chromium-browser: Inappropriate implementation in File input |
CVE-2026-2320
|
| VCID-pvbx-j8j1-dkb3 | chromium-browser: Use after free in Web MIDI |
CVE-2026-5278
|
| VCID-pw2a-xfa9-cqec | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5833
|
| VCID-px8h-mbzf-ryc7 | Inappropriate implementation in Payments in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2024-9964
|
| VCID-pxwn-s2wc-y3fu | Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low) |
CVE-2026-5914
|
| VCID-q1wx-zn49-cuhe | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11116
|
| VCID-q2nv-zepw-sydc | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5160
|
| VCID-q45n-pmfj-f7ae | chromium-browser: Use after free in WebGL |
CVE-2026-5285
|
| VCID-q556-3p3g-nfcw | Use after free in WebAuthentication in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9955
|
| VCID-q5wc-fus7-c3by | Use after free in Accessibility in Google Chrome prior to 122.0.6261.57 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium) |
CVE-2024-3171
|
| VCID-q6cv-xwf7-aub3 | Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5870
|
| VCID-q8kf-7mg7-u3bp | Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5880
|
| VCID-q9s6-cceb-yfak | chromium-browser: Integer overflow in Skia |
CVE-2026-3538
|
| VCID-qb26-d55m-yqe6 | Integer overflow in V8 in Google Chrome prior to 137.0.7151.119 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-6191
|
| VCID-qb3b-usf4-kfbr | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0814
|
| VCID-qdnt-cuvg-nke1 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5846
|
| VCID-qfc8-4g67-q7hv | chromium-browser: Integer overflow in V8 |
CVE-2026-2649
|
| VCID-qff9-euj8-u7f4 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-8901
|
| VCID-qg9m-wgwn-k7gt | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8194
|
| VCID-qgys-h6hm-z3es | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) |
CVE-2026-5910
|
| VCID-qgzt-t6p5-63ej | Inappropriate implementation in Omnibox in Google Chrome on Android prior to 142.0.7444.137 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-12728
|
| VCID-qm7e-jszf-nyhc | Use after free in USB in Google Chrome prior to 135.0.7049.95 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-3620
|
| VCID-qp85-t2sn-jbf2 | chromium-browser: Integer overflow in ANGLE |
CVE-2026-4452
|
| VCID-qy3c-5519-gbga | chromium-browser: Type Confusion in V8 |
CVE-2025-12428
|
| VCID-qzrp-z4g2-yyhp | Inappropriate implementation in Filesystems in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-8580
|
| VCID-r1c5-16y9-bugq | Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream metadata via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5902
|
| VCID-r2b4-pdwz-ybae | chromium-browser: Inappropriate implementation in ANGLE |
CVE-2026-5283
|
| VCID-r942-9k4r-9qay | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11211
|
| VCID-r9ek-1qag-xfh6 | Use after free in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-4949
|
| VCID-rbbc-r1cu-pqfn | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5847
|
| VCID-rhjp-frwe-k7dq | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11458
|
| VCID-rjde-qv1n-mbdc | Use after free in Dawn in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-9960
|
| VCID-rmeb-2jks-muh5 | Use after free in Network in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted web app. (Chromium security severity: Medium) |
CVE-2025-1006
|
| VCID-rmh9-tsfc-bufv | chromium-browser: Object lifecycle issue in Media |
CVE-2025-12430
|
| VCID-rs1x-2m11-y7bf | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6994
|
| VCID-rs5v-j4mp-bqdd | chromium-browser: Heap buffer overflow in WebAudio |
CVE-2026-4443
|
| VCID-rs7n-jww2-k7fa | Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-3068
|
| VCID-rt4q-wt24-s3bb | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1059
|
| VCID-rtnu-jasm-4fc1 | chromium-browser: Heap buffer overflow in PDFium |
CVE-2026-2648
|
| VCID-rw7g-2nce-4qe4 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7004
|
| VCID-rz47-7yc6-2ybw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-4331
|
| VCID-rzcc-kwub-43f5 | Use after free in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6103
|
| VCID-rzdc-3uut-byhc | Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5898
|
| VCID-rzpj-7mb5-cudf | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7536
|
| VCID-rzrj-bph9-1qe9 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7979
|
| VCID-rzsj-3prf-yfhj | chromium-browser: Object lifecycle issue in DevTools |
CVE-2026-3539
|
| VCID-s341-a9t6-xufu | chromium-browser: Inappropriate implementation in DevTools |
CVE-2026-3063
|
| VCID-s3jn-6gnf-wfhr | chromium-browser: Type Confusion in V8 |
CVE-2024-4947
|
| VCID-s6qu-s7m7-xyer | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2174
|
| VCID-s7ew-m1ae-wfgh | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5157
|
| VCID-sb7m-7d3y-j7ca | Incorrect security UI in Omnibox in Google Chrome on Android prior to 142.0.7444.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-12435
|
| VCID-sb9t-4vjy-fbb7 | Out of bounds write in V8 in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-7970
|
| VCID-sbba-7wah-s3dm | Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-1919
|
| VCID-scf9-tqkj-pkbk | Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-3066
|
| VCID-sfc1-6x1b-4bbk | chromium-browser: Incorrect security UI in PictureInPicture |
CVE-2026-3942
|
| VCID-sfzb-f5dh-zyae | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11460
|
| VCID-sjw8-nhyv-wfhc | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-9121
|
| VCID-sjyh-asvp-sbfh | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11112
|
| VCID-sk1q-3r7z-5yd7 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6997
|
| VCID-skfq-61mt-8qhb | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-10229
|
| VCID-skhu-dhab-wfgj | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-9120
|
| VCID-sm3e-j1k9-wka9 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11111
|
| VCID-sm8x-4zcp-2uet | Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-12053
|
| VCID-smtf-356n-57g7 | Use after free in DevTools in Google Chrome prior to 130.0.6723.58 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Medium) |
CVE-2024-9959
|
| VCID-snc8-e46j-9fa2 | Inappropriate implementation in Autofill in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-7020
|
| VCID-sr4v-uc24-ubgg | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-10501
|
| VCID-ss8z-vqjp-sff2 | Out of bounds write in V8 in Google Chrome prior to 137.0.7151.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-5280
|
| VCID-st5n-m835-3fg1 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5837
|
| VCID-sx5u-ua47-kbgc | Insufficient data validation in DevTools in Google Chrome prior to 121.0.6167.85 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3172
|
| VCID-sxav-2n8n-wkb9 | Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: Critical) |
CVE-2026-5858
|
| VCID-sxsf-3x3h-vff3 | Insufficient data validation in Omnibox in Google Chrome on Android prior to 129.0.6668.58 allowed a remote attacker who convinced a user to engage in specific UI gestures to inject arbitrary scripts or HTML (XSS) via a crafted set of UI gestures. (Chromium security severity: Medium) |
CVE-2024-8907
|
| VCID-sy2e-sgft-53b3 | Out of bounds read and write in V8 in Google Chrome prior to 137.0.7151.68 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-5419
|
| VCID-t394-vs34-1fa9 | Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) |
CVE-2024-6778
|
| VCID-t3kt-44gv-j3dr | chromium-browser: Inappropriate implementation in Downloads |
CVE-2026-2323
|
| VCID-t5k7-mt9a-5yfw | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5839
|
| VCID-t5t1-22yg-rqgv | Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-2630
|
| VCID-t5uy-rm9d-9bcx | Insufficient data validation in Downloads in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-3843
|
| VCID-t69n-d8kz-ukdh | Inappropriate implementation in Browser UI in Google Chrome on Android prior to 134.0.6998.35 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-1917
|
| VCID-t6a7-tdcw-zuhv | Insufficient validation of untrusted input in Devtools in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to execute arbitrary code via user action in Devtools. (Chromium security severity: Low) |
CVE-2025-12907
|
| VCID-t7xz-yw5y-mqaq |
CVE-2024-9370
|
|
| VCID-t8p3-3evv-kfg1 | Incorrect security UI in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-2629
|
| VCID-t9td-h5q7-vkhx | chromium-browser: Out of bounds memory access in V8 |
CVE-2025-12036
|
| VCID-tby7-d6uk-xqcu | chromium-browser: Use after free in TextEncoding |
CVE-2026-3921
|
| VCID-tbzs-axfh-77au | Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5912
|
| VCID-tfc2-749m-sqh1 | Insufficient validation of untrusted input in Core in Google Chrome prior to 139.0.7258.66 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-8582
|
| VCID-tkvr-d1xj-ykar | chromium-browser: Side-channel information leakage in Navigation and Loading |
CVE-2025-13992
|
| VCID-tkx7-9rpf-pyeh | Integer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
CVE-2026-5859
|
| VCID-tt6a-jnve-77cg | chromium-browser: Inappropriate implementation in V8 |
CVE-2025-12433
|
| VCID-tt6y-5hu2-xfcj | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-12694
|
| VCID-tu8y-g873-sbb8 | Use after free in Dawn in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5494
|
| VCID-tvek-ujxy-mug2 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-9602
|
| VCID-tynp-q2w1-vkde | Policy bypass in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5875
|
| VCID-tzqb-c1he-gffz | chromium-browser: Use after free in WebRTC |
CVE-2026-4446
|
| VCID-u1sp-38g8-xfan | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-4558
|
| VCID-u3qp-1wrx-6fg1 | Use after free in V8 in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3914
|
| VCID-u4th-7235-tbfv | chromium-browser: Incorrect security UI in PictureInPicture |
CVE-2026-3927
|
| VCID-u5gh-nrfj-vbbj | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0446
|
| VCID-u72f-asx2-rueu | Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-5500
|
| VCID-u7nr-jpbg-hbbc | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0437
|
| VCID-u8bu-bhfy-j3ff | chromium-browser: Inappropriate implementation in Extensions |
CVE-2025-12431
|
| VCID-u8db-dw2g-gkhk | Inappropriate implementation in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-7024
|
| VCID-u8pg-4uns-sqd3 | chromium-browser: Heap buffer overflow in ANGLE |
CVE-2026-4448
|
| VCID-u8s8-4qjn-z3d6 | chromium-browser: Use after free in Extensions |
CVE-2026-4458
|
| VCID-u9mq-tb44-4kbc | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-8879
|
| VCID-u9yr-eqh8-v3b6 | Type Confusion in V8 in Google Chrome prior to 131.0.6778.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-11395
|
| VCID-uegf-7d1c-y3c4 | Use after free in Media Stream in Google Chrome prior to 126.0.6478.182 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-6775
|
| VCID-uf5c-xr9t-13dn | chromium-browser: Inappropriate implementation in V8 |
CVE-2026-3910
|
| VCID-ug4c-yce8-tbfa | Heap buffer overflow in HTML in Google Chrome prior to 136.0.7103.59 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-4096
|
| VCID-uh78-mxcb-aud5 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11205
|
| VCID-uhn4-egfc-ebda | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2628
|
| VCID-uqb8-znvh-9fgu | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-8033
|
| VCID-uqyz-yjh5-vyh6 | chromium-browser: Use after free in ANGLE |
CVE-2026-0908
|
| VCID-ursd-c1rf-tyeq | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2400
|
| VCID-us37-cg5p-3fcc | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-10487
|
| VCID-uvbr-kyc1-wkdw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-2135
|
| VCID-uvuf-mbkh-eqah | chromium-browser: Use after free in Agents |
CVE-2026-3917
|
| VCID-uweq-7973-xyam | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-10585
|
| VCID-uxa6-xukh-rqhe | Use after free in AI in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-9954
|
| VCID-uy3v-ru2f-fqcd | Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5883
|
| VCID-uybs-1w1h-23cs | chromium-browser: Use after free in Extensions |
CVE-2026-3919
|
| VCID-uz9z-q1dw-vuf2 | chromium-browser: Chromium: Use after free in WebGPU allows remote attacker to exploit heap corruption |
CVE-2025-14765
|
| VCID-uzn5-ghpu-57e5 | chromium-browser: Heap buffer overflow in WebRTC |
CVE-2026-4463
|
| VCID-v1qf-79xm-bbg2 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) |
CVE-2026-5908
|
| VCID-v2gf-rqxb-57ae | chromium-browser: Use after free in Dawn |
CVE-2026-5281
|
| VCID-v5a1-1ceu-ebhv | Policy bypass in Downloads in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass of multi-download protections via a crafted HTML page. (Chromium security severity: Low) |
CVE-2026-5900
|
| VCID-v6qa-35bx-73gs | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-1675
|
| VCID-vafg-8w1y-8bb3 | Inappropriate implementation in UI in Google Chrome on iOS prior to 129.0.6668.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-8909
|
| VCID-vb1c-9uuq-bkev | chromium-browser: Inappropriate implementation in V8 |
CVE-2026-0900
|
| VCID-vd5f-rhmg-hfe6 | Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-3932
|
| VCID-vdba-4s6g-hufr | chromium-browser: Policy bypass in Extensions |
CVE-2025-12445
|
| VCID-vej8-dj8m-a3cu | Inappropriate implementation in Messages in Google Chrome on Android prior to 137.0.7151.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-5066
|
| VCID-vfhf-srxw-fqb8 | chromium-browser: Inappropriate implementation in Downloads |
CVE-2025-13637
|
| VCID-vfpj-s32r-fygb | chromium-browser: Inappropriate implementation in Compositing |
CVE-2025-13107
|
| VCID-vghg-r559-kbes | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) |
CVE-2026-5909
|
| VCID-vhyd-eq5h-cfhm | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6292
|
| VCID-vk4e-qufz-5ffp | angle: insufficient input validation can cause undefined behavior |
CVE-2025-6558
|
| VCID-vnvz-a9hv-8bee | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0438
|
| VCID-vpyv-nrjk-nkhd | Inappropriate implementation in Downloads in Google Chrome on Windows prior to 144.0.7559.59 allowed a remote attacker to bypass dangerous file type protections via a malicious file. (Chromium security severity: Medium) |
CVE-2026-0903
|
| VCID-vrrj-pznc-cfdx | Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-3070
|
| VCID-vscd-6s2t-bucr | chromium-browser: Inappropriate implementation in WebGL |
CVE-2026-5291
|
| VCID-vw5q-5y94-bqhz | chromium-browser: Inappropriate implementation in Split View |
CVE-2025-13636
|
| VCID-vwsy-zaxq-83e7 | Inappropriate implementation in Navigations in Google Chrome prior to 130.0.6723.58 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Low) |
CVE-2024-9966
|
| VCID-vxex-hv2g-gbhk | Out of bounds read in WebAudio in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5886
|
| VCID-vz9s-2tc5-xqh7 | Incorrect security UI in Fullscreen in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5882
|
| VCID-vzvf-qeyq-qfdg | Use after free in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-3169
|
| VCID-w5hn-55q7-9udm | Use after free in Media Session in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5496
|
| VCID-w5uj-yukt-dfdk | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6988
|
| VCID-w6gx-jt4u-rbh7 | Heap buffer overflow in PDF in Google Chrome prior to 124.0.6367.78 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) |
CVE-2024-7018
|
| VCID-w6jf-yzuk-rbbc | Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5890
|
| VCID-w7zp-rzrw-xycb | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5845
|
| VCID-wcas-mvba-4bd3 | Use after free in PrivateAI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5874
|
| VCID-wdby-s3xj-g7h7 | chromium-browser: Out of bounds read in Media |
CVE-2026-3061
|
| VCID-wdet-zcjk-ykfq | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11207
|
| VCID-wjex-hd2c-bych | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6998
|
| VCID-wk6f-5363-3fa9 | chromium-browser: Inappropriate implementation in Downloads |
CVE-2025-13635
|
| VCID-wkvg-389z-pyer | chromium-browser: Inappropriate implementation in Passwords |
CVE-2025-13640
|
| VCID-wsx4-jwca-7fh7 | Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5871
|
| VCID-wt1x-6rzc-eqa7 | Out of bounds read in V8 in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-2884
|
| VCID-wv9g-rq72-hfct | Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium) |
CVE-2025-3067
|
| VCID-x1y6-a4rp-9fg2 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0804
|
| VCID-x3fw-h8gu-q7aj | chromium-browser: Use after free in Digital Credentials |
CVE-2025-13633
|
| VCID-x4d1-jf7f-uugy | Insufficient data validation in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass discretionary access control via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-4051
|
| VCID-x4up-ttsq-3khf | Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-14372
|
| VCID-x9e4-duzt-kbet | Use after free in WebAudio in Google Chrome prior to 128.0.6613.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-8362
|
| VCID-xb2c-e4u5-2fe3 | Use after free in Media in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-5958
|
| VCID-xb38-zgjp-gygu | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-4060
|
| VCID-xecy-4ns3-9uac | Integer overflow in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-10891
|
| VCID-xek4-ku8z-n7b7 | Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-3936
|
| VCID-xfz2-cwzt-tqhz | Out of bounds read in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5292
|
| VCID-xgyr-vdpb-sfc4 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-6291
|
| VCID-xnxm-5cqv-7ff9 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-11216
|
| VCID-xsx8-jc5d-9uea | Use after free in Presentation API in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5498
|
| VCID-xt76-tk8k-r7c3 | chromium-browser: Out of bounds read in V8 |
CVE-2025-9479
|
| VCID-xtcv-nv3g-nkfr | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-3833
|
| VCID-xtzf-12qm-y3e5 | Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5867
|
| VCID-xz23-yr7q-1fgq | Incorrect security UI in Omnibox in Google Chrome on iOS prior to 147.0.7727.55 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name. (Chromium security severity: Low) |
CVE-2026-5895
|
| VCID-y17q-5gas-jke9 | chromium-browser: Integer overflow in Fonts |
CVE-2026-4679
|
| VCID-y22a-fhds-mqa7 | chromium-browser: Use after free in MediaStream |
CVE-2026-3922
|
| VCID-y533-phh6-h7ff | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-10827
|
| VCID-y6r7-wj7c-p3bn | Insufficient policy enforcement in browser UI in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5891
|
| VCID-y8by-xakp-37cd | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7969
|
| VCID-ya5r-nz1z-23gw | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-2626
|
| VCID-ydja-8d7s-sqbv | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11114
|
| VCID-yegf-fz77-fkbn | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7533
|
| VCID-ygk9-zgpq-9bdj | chromium-browser: Use after free in Base |
CVE-2026-4441
|
| VCID-yj1b-bysp-b7h1 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2025-0441
|
| VCID-yq2k-m5rw-ubeq |
CVE-2026-1220
|
|
| VCID-ytxj-r5kb-euf9 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-4368
|
| VCID-yu3z-5wxc-6yhr | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-7980
|
| VCID-yufz-y2wn-a7dj | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-12692
|
| VCID-z1uy-svpz-7uew | chromium-browser: Insufficient policy enforcement in Extensions |
CVE-2026-3928
|
| VCID-z2gp-g2h2-x3bm | Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 147.0.7727.55 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2026-5887
|
| VCID-z3hb-eha9-27a9 | Inappropriate implementation in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2024-8905
|
| VCID-z6td-n12w-cqcs | chromium-browser: Heap buffer overflow in Skia |
CVE-2026-3931
|
| VCID-z745-kejm-sbf2 | Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) |
CVE-2025-12911
|
| VCID-z8nt-w84w-tkew | chromium-browser: Use after free in WebGPU |
CVE-2026-4678
|
| VCID-zbmp-zauf-5yc7 | Inappropriate implementation in Blink in Google Chrome on Android prior to 144.0.7559.59 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-0901
|
| VCID-zbu2-b7gs-xkhe | Type Confusion in V8 in Google Chrome prior to 129.0.6668.58 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-8904
|
| VCID-zc15-pprp-77bq | Race in Storage in Google Chrome on Windows prior to 142.0.7444.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-12434
|
| VCID-zcq4-z2c5-2ffr | Use after free in WebView in Google Chrome on Android prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
CVE-2026-5288
|
| VCID-zf2c-w2jx-huej | chromium-browser: Type Confusion in V8 |
CVE-2025-13230
|
| VCID-zh7a-qy6c-dua4 | Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2024-5497
|
| VCID-zkqv-ppkf-yfe2 | Inappropriate implementation in Downloads in Google Chrome on Android prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium) |
CVE-2025-9867
|
| VCID-zn27-5saa-j7c1 | chromium-browser: Inappropriate implementation in Fullscreen |
CVE-2024-13178
|
| VCID-znf7-1xx4-8yf1 | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-0808
|
| VCID-zqse-34ss-zqf5 | Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to arbitrary code execution. |
CVE-2024-5842
|
| VCID-zr38-fv5c-jkfy | Inappropriate implementation in Browser UI in Google Chrome on Android prior to 133.0.6943.98 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0996
|
| VCID-zr5w-q9zh-nqbm | Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
CVE-2025-0999
|
| VCID-zrnp-ujpt-tbee | chromium-browser: Use after free in WebCodecs |
CVE-2026-5280
|
| VCID-zsj1-h1fk-mydz | Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. |
CVE-2024-11117
|
| VCID-ztdz-bc13-huan | Inappropriate implementation in Google Updater in Google Chrome on Mac prior to 143.0.7499.41 allowed a remote attacker to perform privilege escalation via a crafted file. (Chromium security severity: High) |
CVE-2025-13631
|
| VCID-zunq-r482-23cm | chromium-browser: Race in DevTools |
CVE-2026-2319
|