Vulnerabilities in google

5,202 results
CVE-2026-12437HIGHUse after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer prEPSS 0.3%CVE-2026-14087HIGHHeap buffer overflow in WebNN in Google Chrome on Windows prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer EPSS 0.3%CVE-2026-9739CRITICALVulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and `alloweEPSS 0.3%CVE-2026-11037CRITICALOut of bounds write in Codecs in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via EPSS 0.3%CVE-2025-11458HIGHHeap buffer overflow in Sync in Google Chrome prior to 141.0.7390.65 allowed a remote attacker to perform an out of bounds memory read via aEPSS 0.3%CVE-2026-13801HIGHInteger overflow in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process toEPSS 0.3%CVE-2026-13832HIGHUse after free in Headless in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potEPSS 0.3%CVE-2026-11030HIGHUse after free in Network in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via malicEPSS 0.3%CVE-2023-21265HIGHIn multiple locations, there are root CA certificates which need to be disabled. This could lead to remote information disclosure with no adEPSS 0.3%CVE-2026-13814HIGHUse after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestEPSS 0.3%CVE-2026-9963HIGHUninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.216 allowed a remote attacker who convinced a user to engage in specifiEPSS 0.3%CVE-2026-13804HIGHUse after free in Chromecast in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to pEPSS 0.3%CVE-2026-13951HIGHInsufficient policy enforcement in USB in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer prEPSS 0.3%CVE-2025-32318HIGHIn Skia, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no adEPSS 0.3%CVE-2026-13823HIGHUse after free in Glic in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentiEPSS 0.3%CVE-2026-13841HIGHInteger overflow in Skia in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potenEPSS 0.3%CVE-2026-13809MEDIUMSide-channel information leakage in Safe Browsing in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker who had compromisEPSS 0.3%CVE-2026-0139HIGHIn Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additionalEPSS 0.3%CVE-2026-0147HIGHIn __mfc_core_nal_q_get_dec_metadata_sei_nal of mfc_core_nal_q.c, there is a possible out of bounds write due to a missing bounds check. ThiEPSS 0.3%CVE-2026-13856HIGHInsufficient validation of untrusted input in Speech in Google Chrome on Android prior to 150.0.7871.47 allowed a remote attacker who had coEPSS 0.3%