newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-09 12:05Z
Subscribe to news →
CVE-2026-10941 — Out: of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed
Out of bounds memory access in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10940 — Race: in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote
Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10939 — Use: after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10936 — Type: Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10935 — Type: Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker
Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10934 — Use: after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed
Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10933 — Use: after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed
Use after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10932 — Use: after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed
Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10931 — Google Chrome: Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 9.6 (CRITICAL)
9.6
CVSS v3.1
98
Edit Score
CVE-2026-10930 — Google Chrome: Out of bounds read in ANGLE in Google Chrome on Mac prior to 149.0.7827.53
Out of bounds read in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.1 (HIGH)
8.1
CVSS v3.1
91
Edit Score
CVE-2026-10929 — Heap: buffer overflow in ANGLE in Google Chrome on Android prior to 149.0.7827.53 allowed
Heap buffer overflow in ANGLE in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10928 — Script: injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker
Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10927 — Out: of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a
Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10926 — Use: after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker
Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code via malicious network traffic. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10925 — Out: of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53
Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10924 — Integer: overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker
Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10923 — Use: after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed
Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a malicious file. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10922 — Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed
Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to bypass same origin policy via malicious network traffic. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-10921 — Integer: overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker
Integer overflow in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10920 — Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to
Insufficient validation of untrusted input in WebShare in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10919 — Use: after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in ANGLE in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10918 — Use: after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote
Use after free in Viz in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10917 — Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed
Insufficient validation of untrusted input in Media in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10915 — Use: after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed
Use after free in Core in Google Chrome on iOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.3 (HIGH)
8.3
CVSS v3.1
92
Edit Score
CVE-2026-10914 — Use: after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed
Use after free in ANGLE in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score