chrome vulnerability

Google Chrome prior to 148.0.7778.96 on Windows, macOS, and Linux is affected by CVE-2026-8018, a DevTools policy-enforcement flaw disclosed on May 6, 2026, and now reflected in NVD and Microsoft’s Security Update Guide. The oddity is not the patch; it is the mismatch between Chromium’s “Low”...

Google and Microsoft disclosed CVE-2026-7339 on April 28, 2026, as a heap-based buffer overflow in Chromium’s WebRTC component affecting Google Chrome before 147.0.7727.138, with exploitation possible through a crafted HTML page that triggers heap corruption after user interaction. The bug is...

Google published CVE-2026-7346 on April 28, 2026, as a high-severity Chrome vulnerability in Tint, fixed before version 147.0.7727.138, that could let a remote attacker trigger out-of-bounds memory access through a crafted HTML page on desktop browsers. The interesting part is not that Chrome...

Google has disclosed a new high-severity Chrome vulnerability, tracked as CVE-2026-5873, that affects the V8 JavaScript engine and allows a remote attacker to achieve arbitrary code execution inside the browser sandbox through a crafted HTML page. The issue affects Google Chrome versions prior...

Google has published CVE-2026-5876, a medium-severity Chromium/Chrome vulnerability that can leak cross-origin information through a crafted HTML page by abusing the browser’s Navigation subsystem. The issue affects Google Chrome versions prior to 147.0.7727.55, and the record was added to the...

A newly disclosed Chromium issue, CVE-2026-4450, is a reminder that even highly mature browser engines remain a prime target for exploitation. According to the public vulnerability record, the flaw is an out-of-bounds write in V8 affecting Google Chrome versions prior to 146.0.7680.153, and it...

Google pushed an emergency Chrome update to address CVE-2025-10585, a type confusion vulnerability in the V8 JavaScript engine that Google says is being actively exploited in the wild — and because Microsoft Edge is Chromium-based, Windows users and enterprises must confirm their Edge builds...

A critical security vulnerability, identified as CVE-2025-8578, has been discovered in Google Chrome's Cast component, affecting versions prior to 139.0.7258.66. This "use after free" flaw poses significant risks, including potential heap corruption and arbitrary code execution, if exploited by...

A critical security vulnerability, identified as CVE-2025-8292, has been discovered in Google Chrome's Media Stream component. This "use after free" flaw allows remote attackers to exploit heap corruption through specially crafted HTML pages, potentially leading to arbitrary code execution. The...

A critical security vulnerability, identified as CVE-2025-8011, has been discovered in the V8 JavaScript engine used by Google Chrome. This flaw, present in Chrome versions prior to 138.0.7204.168, allows remote attackers to potentially exploit heap corruption through specially crafted HTML...

In July 2025, Google addressed a critical security vulnerability in its Chrome browser, identified as CVE-2025-6558. This flaw, stemming from improper validation of untrusted input within the ANGLE and GPU components, was actively exploited in the wild, prompting immediate action from both...

CVE-2025-7657 is a high-severity vulnerability identified as a use-after-free issue in the WebRTC component of Google Chrome versions prior to 138.0.7204.157. This flaw allows remote attackers to potentially exploit heap corruption by enticing users to visit a maliciously crafted HTML page...

In June 2025, a security vulnerability identified as CVE-2025-6557 was disclosed, highlighting insufficient data validation in the Developer Tools (DevTools) component of Google Chrome. This flaw allowed remote attackers to execute arbitrary code by convincing users to perform specific UI...

The Background Fetch API in Chromium-based browsers has been a focal point for security vulnerabilities, with multiple instances of inappropriate implementations leading to cross-origin data leaks. The most recent of these is identified as CVE-2025-5064, which underscores the ongoing challenges...

Microsoft Edge’s relentless pace of evolution has delivered another pivotal security update, underscoring just how critical regular browser maintenance has become in the modern cybersecurity landscape. The release of Edge version 136.0.3240.76, announced yesterday, has already sent ripples...