[Git][security-tracker-team/security-tracker][master] anoter 151 CVEs in chromium (and a few also affecting Skia)
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri May 29 08:56:42 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fca55078 by Moritz Muehlenhoff at 2026-05-29T09:56:12+02:00
anoter 151 CVEs in chromium (and a few also affecting Skia)
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,259 +1,394 @@
CVE-2026-9999 (Inappropriate implementation in ANGLE in Google Chrome on Mac prior to ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9998 (Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9997 (Use after free in Input in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9996 (Out of bounds read in WebRTC in Google Chrome on Mac prior to 148.0.77 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9995 (Use after free in WebXR in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9994 (Use after free in Core in Google Chrome on Windows prior to 148.0.7778 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9993 (Use after free in Views in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9992 (Use after free in Network in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9991 (Inappropriate implementation in Media in Google Chrome on Windows prio ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9990 (Use after free in WebAppInstalls in Google Chrome on Mac prior to 148. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9989 (Inappropriate implementation in Media in Google Chrome prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9988 (Use after free in WebRTC in Google Chrome on Linux prior to 148.0.7778 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9987 (Insufficient validation of untrusted input in WebAppInstalls in Google ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9986 (Insufficient validation of untrusted input in OptimizationGuide in Goo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9985 (Insufficient validation of untrusted input in Media in Google Chrome o ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9984 (Use after free in UI in Google Chrome on Windows prior to 148.0.7778.2 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9983 (Type Confusion in Skia in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9982 (Insufficient validation of untrusted input in ANGLE in Google Chrome p ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9981 (Inappropriate implementation in Skia in Google Chrome prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9980 (Insufficient validation of untrusted input in Printing in Google Chrom ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9979 (Insufficient validation of untrusted input in Input in Google Chrome p ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9978 (Use after free in Glic in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9977 (Insufficient validation of untrusted input in WebShare in Google Chrom ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9976 (Inappropriate implementation in USB in Google Chrome prior to 148.0.77 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9975 (Out of bounds read and write in ANGLE in Google Chrome prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9974 (Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9973 (Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9972 (Uninitialized Use in Gamepad in Google Chrome on Mac prior to 148.0.77 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9971 (Inappropriate implementation in iOS in Google Chrome on iOS prior to 1 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9970 (Use after free in WebGL in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9969 (Insufficient validation of untrusted input in ANGLE in Google Chrome p ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9968 (Integer overflow in V8 in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9967 (Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9966 (Integer overflow in XML in Google Chrome on Windows prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9965 (Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9964 (Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9963 (Uninitialized Use in iOS in Google Chrome on iOS prior to 148.0.7778.2 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9962 (Use after free in WebRTC in Google Chrome prior to 148.0.7778.216 allo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9961 (Use after free in SurfaceCapture in Google Chrome prior to 148.0.7778. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9960 (Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9959 (Race in WebRTC in Google Chrome on Windows prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9958 (Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9957 (Use after free in PDF in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9956 (Use after free in iOS in Google Chrome on iOS prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9955 (Inappropriate implementation in iOS in Google Chrome on iOS prior to 1 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9954 (Use after free in TabStrip in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9953 (Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 a ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9952 (Use after free in WebAudio in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9951 (Use after free in UI in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9950 (Insufficient validation of untrusted input in iOS in Google Chrome on ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9949 (Use after free in Core in Google Chrome on Windows prior to 148.0.7778 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9948 (Use after free in Views in Google Chrome on Mac prior to 148.0.7778.21 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9947 (Use after free in XML in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9946 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9945 (Use after free in Media in Google Chrome on Windows prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9944 (Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9943 (Out of bounds read in WebGL in Google Chrome on Android prior to 148.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9942 (Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9941 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9940 (Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9939 (Heap buffer overflow in WebCodecs in Google Chrome prior to 148.0.7778 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9938 (Inappropriate implementation in V8 in Google Chrome prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9937 (Use after free in UI in Google Chrome on Windows prior to 148.0.7778.2 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9936 (Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9935 (Uninitialized Use in ANGLE in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9934 (Use after free in Aura in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9933 (Use after free in Input in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9932 (Use after free in ANGLE in Google Chrome on Windows prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9931 (Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9930 (Out of bounds write in Dawn in Google Chrome on Mac prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9929 (Inappropriate implementation in WebGL in Google Chrome on Android prio ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9928 (Out of bounds read in ANGLE in Google Chrome on Windows prior to 148.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9927 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9926 (Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9925 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9924 (Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 148 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9923 (Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9922 (Use after free in GPU in Google Chrome on Mac prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9921 (Uninitialized Use in WebGL in Google Chrome on Android prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9920 (Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.77 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9919 (Out of bounds read in WebGL in Google Chrome on Android prior to 148.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9918 (Inappropriate implementation in Tint in Google Chrome prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9917 (Uninitialized Use in WebGL in Google Chrome on Android prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9916 (Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9915 (Heap buffer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9914 (Insufficient validation of untrusted input in ANGLE in Google Chrome p ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9913 (Inappropriate implementation in ANGLE in Google Chrome prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9912 (Inappropriate implementation in GPU in Google Chrome on Android prior ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9911 (Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9910 (Out of bounds memory access in ANGLE in Google Chrome prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9909 (Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9908 (Out of bounds read in ANGLE in Google Chrome prior to 148.0.7778.216 a ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9907 (Out of bounds read in Dawn in Google Chrome on Windows prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9906 (Out of bounds write in GPU in Google Chrome prior to 148.0.7778.216 al ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9905 (Use after free in Accessibility in Google Chrome on Windows prior to 1 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9904 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9903 (Insufficient validation of untrusted input in Site Isolation in Google ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9902 (Use after free in Accessibility in Google Chrome prior to 148.0.7778.2 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9901 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9900 (Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9899 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9898 (Insufficient validation of untrusted input in GPU in Google Chrome on ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9897 (Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9896 (Out of bounds write in V8 in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9895 (Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9894 (Use after free in GPU in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9893 (Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9892 (Inappropriate implementation in Skia in Google Chrome on Android prior ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-9891 (Use after free in Extensions in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9890 (Use after free in XR in Google Chrome on Windows prior to 148.0.7778.2 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9889 (Out of bounds read and write in Dawn in Google Chrome on Android prior ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9888 (Use after free in WebView in Google Chrome on Android prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9887 (Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9886 (Use after free in Base in Google Chrome on Mac prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9885 (Insufficient validation of untrusted input in UI in Google Chrome on M ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9884 (Use after free in Browser in Google Chrome on Mac prior to 148.0.7778. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9883 (Use after free in Base in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9882 (Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9881 (Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9880 (Insufficient validation of untrusted input in WebGL in Google Chrome p ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9879 (Out of bounds write in ANGLE in Google Chrome prior to 148.0.7778.216 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9878 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9877 (Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9876 (Use after free in WebGL in Google Chrome on Android prior to 148.0.777 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9875 (Out of bounds read in WebGL in Google Chrome on Android prior to 148.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9874 (Use after free in Dawn in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9873 (Use after free in Network in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9872 (Out of bounds write in GPU in Google Chrome on Android prior to 148.0. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9714 (The Simple Divi Shortcode plugin for WordPress is vulnerable to Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2026-9646 (A reflected cross-site scripting issue exists in URL handling.)
@@ -446,51 +581,78 @@ CVE-2026-10044 (Usagi-org ai-goofish-monitor contains an unauthenticated arbitra
CVE-2026-10028 (A flaw was found in glib-networking. A remote attacker can exploit thi ...)
TODO: check
CVE-2026-10022 (Type Confusion in V8 in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10021 (Insufficient validation of untrusted input in USB in Google Chrome pri ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10020 (Insufficient validation of untrusted input in Skia in Google Chrome on ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-10019 (Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10018 (Integer overflow in ANGLE in Google Chrome prior to 148.0.7778.216 all ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10017 (Out of bounds read in Headless in Google Chrome prior to 148.0.7778.21 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10016 (Use after free in DOM in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10015 (Integer overflow in WTF in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10014 (Use after free in WebMIDI in Google Chrome on Android prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10013 (Use after free in WebCodecs in Google Chrome prior to 148.0.7778.216 a ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10012 (Use after free in Skia in Google Chrome prior to 148.0.7778.216 allowe ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-10011 (Inappropriate implementation in Skia in Google Chrome prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-10010 (Inappropriate implementation in Input in Google Chrome on Android prio ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10009 (Integer overflow in Skia in Google Chrome prior to 148.0.7778.216 allo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
+ - libskia <unfixed>
CVE-2026-10008 (Uninitialized Use in GPU in Google Chrome on Android prior to 148.0.77 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10007 (Use after free in SVG in Google Chrome prior to 148.0.7778.216 allowed ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10006 (Race in WebAudio in Google Chrome prior to 148.0.7778.216 allowed a re ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10005 (Use after free in WebAppInstalls in Google Chrome on Mac prior to 148. ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10004 (Insufficient validation of untrusted input in Passwords in Google Chro ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10003 (Use after free in Views in Google Chrome prior to 148.0.7778.216 allow ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10002 (Use after free in PDFium in Google Chrome prior to 148.0.7778.216 allo ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10001 (Use after free in PerformanceManager in Google Chrome prior to 148.0.7 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-10000 (Use after free in Passwords in Google Chrome on Windows prior to 148.0 ...)
- TODO: check
+ - chromium <unfixed>
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-14042 (The Automotive Car Dealership Business WordPress Theme for WordPress i ...)
NOT-FOR-US: WordPress plugin
CVE-2025-11993 (The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPre ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fca55078d1d87958915bb674d291c76cf339612b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fca55078d1d87958915bb674d291c76cf339612b
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260529/9e2008f0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list