Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12556
Total
848
Critical
3598
High
3935
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-7355 | HIGH | 8.8 | Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 28, 2026 |
| CVE-2026-7354 | HIGH | 8.8 | Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via … | Apr 28, 2026 |
| CVE-2026-7353 | HIGH | 8.3 | Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 28, 2026 |
| CVE-2026-7352 | HIGH | 8.3 | Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially … | Apr 28, 2026 |
| CVE-2026-7351 | LOW | 3.1 | Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data … | Apr 28, 2026 |
| CVE-2026-7350 | HIGH | 8.3 | Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a … | Apr 28, 2026 |
| CVE-2026-7349 | HIGH | 7.5 | Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to execute arbitrary code inside a … | Apr 28, 2026 |
| CVE-2026-7348 | HIGH | 8.8 | Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 28, 2026 |
| CVE-2026-7347 | HIGH | 8.1 | Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chromium security … | Apr 28, 2026 |
| CVE-2026-7346 | HIGH | 8.1 | Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HTML … | Apr 28, 2026 |
| CVE-2026-7345 | HIGH | 8.3 | Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially … | Apr 28, 2026 |
| CVE-2026-7344 | HIGH | 8.8 | Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially … | Apr 28, 2026 |
| CVE-2026-7343 | CRITICAL | 9.8 | Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially … | Apr 28, 2026 |
| CVE-2026-7342 | HIGH | 8.8 | Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via … | Apr 28, 2026 |
| CVE-2026-7341 | HIGH | 8.8 | Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 28, 2026 |
| CVE-2026-7340 | MEDIUM | 4.3 | Integer overflow in ANGLE in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker to perform an out of bounds memory read via … | Apr 28, 2026 |
| CVE-2026-7339 | HIGH | 8.8 | Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. … | Apr 28, 2026 |
| CVE-2026-7338 | HIGH | 7.5 | Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via … | Apr 28, 2026 |
| CVE-2026-7337 | HIGH | 8.8 | Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML … | Apr 28, 2026 |
| CVE-2026-7336 | HIGH | 8.8 | Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 28, 2026 |
| CVE-2026-7335 | HIGH | 8.8 | Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted … | Apr 28, 2026 |
| CVE-2026-7334 | HIGH | 8.8 | Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted … | Apr 28, 2026 |
| CVE-2026-7333 | CRITICAL | 9.6 | Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML … | Apr 28, 2026 |
| CVE-2026-5822 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | Apr 28, 2026 |
| CVE-2026-42167 | HIGH | 8.1 | mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with … | Apr 28, 2026 |