|
551
|
8.3 |
HIGH
Network
|
-
|
-
|
Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
New
|
CWE-362
Race Condition
|
CVE-2026-8520
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
552
|
8.8 |
HIGH
Network
|
-
|
-
|
Integer overflow in ANGLE in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: …
New
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-8519
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
553
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insufficient validation of untrusted input in DataTransfer in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to obtain potentia…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-8516
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
554
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in HID in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a crafted H…
New
|
CWE-416
Use After Free
|
CVE-2026-8515
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
555
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in Aura in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Ch…
New
|
CWE-416
Use After Free
|
CVE-2026-8514
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
556
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in Input in Google Chrome on Android prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HT…
New
|
CWE-416
Use After Free
|
CVE-2026-8513
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
557
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in FileSystem in Google Chrome prior to 148.0.7778.168 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially perform a sandbox escape via a cr…
New
|
CWE-416
Use After Free
|
CVE-2026-8512
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
558
|
7.5 |
HIGH
Network
|
-
|
-
|
Integer overflow in Skia in Google Chrome on Windows prior to 148.0.7778.168 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted …
New
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-8510
|
2026-05-15 07:16 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
559
|
- |
|
-
|
-
|
Fleet is open source device management software. Prior to version 4.82.0, a vulnerability in Fleet's Windows MDM enrollment flow allows authentication tokens from any Azure AD tenant to be accepted. …
New
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2026-24899
|
2026-05-15 06:24 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
560
|
- |
|
-
|
-
|
Fleet is open source device management software. Prior to version 4.81.0, Fleet contained a denial-of-service (DoS) issue in the gRPC Launcher `PublishLogs` endpoint. In affected versions, certain un…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-26062
|
2026-05-15 06:24 |
2026-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
