本页列出影响 google chrome 的已公开 CVE 漏洞(通过 NVD CPE 关联)。每行包含严重程度评分、摘要与发布日期,便于识别与分析安全问题。
| CVE | 摘要 | 来源 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|---|
| CVE-2026-14432 | Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium) | [email protected] | 8.8 | 0.23% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14431 | Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.27% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14430 | Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.27% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14429 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.3 | 0.22% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14428 | Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.3 | 0.26% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14427 | Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | [email protected] | 8.3 | 0.23% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14426 | Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | [email protected] | 7.5 | 0.21% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14425 | Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | [email protected] | 9.6 | 0.20% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14424 | Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | [email protected] | 9.6 | 0.19% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14423 | Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | [email protected] | 9.6 | 0.20% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14422 | Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.8 | 0.27% | 2026-07-01 | 2026-07-02 |
| CVE-2026-14421 | Uninitialized Use in Dawn in Google Chrome on ChromeOS prior to 150.0.7871.46 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | [email protected] | 6.5 | 0.20% | 2026-07-01 | 2026-07-02 |
| CVE-2026-14420 | Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | [email protected] | 9.6 | 0.25% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14419 | Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | [email protected] | 9.6 | 0.19% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14418 | Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | [email protected] | 4.3 | 0.16% | 2026-07-01 | 2026-07-02 |
| CVE-2026-14417 | Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical) | [email protected] | 9.6 | 0.19% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14416 | Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low) | [email protected] | 9.6 | 0.22% | 2026-07-01 | 2026-07-03 |
| CVE-2026-14415 | Inappropriate implementation in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) | [email protected] | 8.8 | 0.25% | 2026-07-01 | 2026-07-02 |
| CVE-2026-14414 | Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium) | [email protected] | 5.3 | 0.22% | 2026-07-01 | 2026-07-02 |
| CVE-2026-14413 | Uninitialized Use in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | [email protected] | 8.3 | 0.19% | 2026-07-01 | 2026-07-03 |