↵ Return to the main page of chromium-common
View build
Search for updates
Package Info (Data from x86_64 build)
🠗 Changelog
🠗 Dependencies
🠗 Provides
🠗 Files
| Date | Author | Change |
|---|---|---|
| 2026-07-01 | Than Ngo <than at redhat dot com> - 150.0.7871.46-1 | - Update to 150.0.7871.46 * CVE-2026-13774: Use after free in Extensions * CVE-2026-13775: Use after free in GPU * CVE-2026-13776: Type Confusion in Dawn * CVE-2026-13777: Insufficient validation of untrusted input in iOSWeb * CVE-2026-13778: Use after free in WebUSB * CVE-2026-13779: Use after free in Chromoting * CVE-2026-13780: Insufficient validation of untrusted input in ANGLE * CVE-2026-13781: Insufficient validation of untrusted input in Skia * CVE-2026-13782: Use after free in Browser * CVE-2026-13783: Use after free in Views * CVE-2026-13784: Use after free in Views * CVE-2026-13785: Use after free in Bluetooth * CVE-2026-13786: Use after free in Ozone * CVE-2026-13787: Use after free in Chromoting * CVE-2026-13788: Use after free in Fullscreen * CVE-2026-13789: Use after free in GPU * CVE-2026-13790: Side-channel information leakage in Scroll * CVE-2026-13791: Insufficient validation of untrusted input in Downloads * CVE-2026-13792: Use after free in Touchbar * CVE-2026-13793: Insufficient policy enforcement in SVG * CVE-2026-13794: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13795: Insufficient policy enforcement in Chrome for iOS * CVE-2026-13796: Integer overflow in Chromecast * CVE-2026-13797: Insufficient validation of untrusted input in Chromecast * CVE-2026-13798: Heap buffer overflow in Chromecast * CVE-2026-13799: Use after free in QUIC * CVE-2026-13800: Inappropriate implementation in Updater * CVE-2026-13801: Integer overflow in Chromecast * CVE-2026-13802: Use after free in Views * CVE-2026-13803: Type Confusion in Chrome Tabs * CVE-2026-13804: Use after free in Chromecast * CVE-2026-13805: Use after free in GFX * CVE-2026-13806: Insufficient validation of untrusted input in Accessibility * CVE-2026-13807: Use after free in Import * CVE-2026-13808: Insufficient data validation in Chrome for iOS * CVE-2026-13809: Side-channel information leakage in Safe Browsing * CVE-2026-13810: Inappropriate implementation in Input * CVE-2026-13811: Use after free in IME * CVE-2026-13812: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13813: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13814: Use after free in Views * CVE-2026-13815: Use after free in Blink * CVE-2026-13816: Insufficient validation of untrusted input in File Input * CVE-2026-13817: Insufficient validation of untrusted input in Glic * CVE-2026-13818: Inappropriate implementation in Passwords * CVE-2026-13819: Out of bounds read in ANGLE * CVE-2026-13820: Out of bounds read in Skia * CVE-2026-13821: Use after free in Canvas * CVE-2026-13822: Inappropriate implementation in Extensions * CVE-2026-13823: Use after free in Glic * CVE-2026-13824: Insufficient validation of untrusted input in Extensions * CVE-2026-13825: Uninitialized Use in Dawn * CVE-2026-13826: Inappropriate implementation in Autofill * CVE-2026-13827: Use after free in Updater * CVE-2026-13828: Inappropriate implementation in Enterprise * CVE-2026-13829: Insufficient validation of untrusted input in Settings * CVE-2026-13830: Use after free in Chromoting * CVE-2026-13831: Use after free in GPU * CVE-2026-13832: Use after free in Headless * CVE-2026-13833: Uninitialized Use in ANGLE * CVE-2026-13834: Insufficient validation of untrusted input in ANGLE * CVE-2026-13835: Inappropriate implementation in XML * CVE-2026-13836: Inappropriate implementation in CSS * CVE-2026-13837: Inappropriate implementation in CSS * CVE-2026-13838: Inappropriate implementation in CSS * CVE-2026-13839: Inappropriate implementation in CSS * CVE-2026-13840: Insufficient policy enforcement in Canvas * CVE-2026-13841: Integer overflow in Skia * CVE-2026-13842: Incorrect security UI in Chrome for iOS * CVE-2026-13843: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13844: Use after free in Updater * CVE-2026-13845: Use after free in DOM * CVE-2026-13846: Use after free in USB * CVE-2026-13847: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13848: Use after free in Forms * CVE-2026-13849: Insufficient validation of untrusted input in Chromoting * CVE-2026-13850: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13851: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13852: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13853: Use after free in Journeys * CVE-2026-13854: Use after free in Ozone * CVE-2026-13855: Use after free in Ozone * CVE-2026-13856: Insufficient validation of untrusted input in Speech * CVE-2026-13857: Inappropriate implementation in Geometry * CVE-2026-13858: Out of bounds read in FFmpeg * CVE-2026-13859: Inappropriate implementation in ANGLE * CVE-2026-13860: Incorrect security UI in Autofill * CVE-2026-13861: Use after free in Core * CVE-2026-13862: Insufficient policy enforcement in Web Authentication (Passkeys & Security Keys) * CVE-2026-13863: Insufficient validation of untrusted input in CustomTabs * CVE-2026-13864: Insufficient policy enforcement in WebHID * CVE-2026-13865: Insufficient validation of untrusted input in Enterprise * CVE-2026-13866: Insufficient validation of untrusted input in Input * CVE-2026-13867: Inappropriate implementation in Geolocation * CVE-2026-13868: Inappropriate implementation in Network * CVE-2026-13869: Use after free in Device * CVE-2026-13870: Use after free in WebView * CVE-2026-13871: Insufficient data validation in GuestView * CVE-2026-13872: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-13873: Out of bounds memory access in Layout * CVE-2026-13874: Inappropriate implementation in DataTransfer * CVE-2026-13875: Insufficient validation of untrusted input in GPU * CVE-2026-13876: Inappropriate implementation in Network * CVE-2026-13877: Insufficient validation of untrusted input in ANGLE * CVE-2026-13878: Use after free in Bluetooth * CVE-2026-13879: Use after free in Bluetooth * CVE-2026-13880: Use after free in USB * CVE-2026-13881: Insufficient data validation in WebAppInstalls * CVE-2026-13882: Inappropriate implementation in USB * CVE-2026-13883: Type Confusion in ANGLE * CVE-2026-13884: Heap buffer overflow in Chromecast * CVE-2026-13885: Use after free in Skia * CVE-2026-13886: Policy bypass in Isolated Web Apps * CVE-2026-13887: Insufficient policy enforcement in NFC * CVE-2026-13888: Use after free in Extensions * CVE-2026-13889: Insufficient validation of untrusted input in WebAuthentication * CVE-2026-13890: Out of bounds read in Chromecast * CVE-2026-13891: Insufficient validation of untrusted input in Extensions * CVE-2026-13892: Inappropriate implementation in Chrome for iOS * CVE-2026-13893: Insufficient validation of untrusted input in WebUI * CVE-2026-13894: Insufficient policy enforcement in Network * CVE-2026-13895: Inappropriate implementation in Autofill * CVE-2026-13896: Insufficient policy enforcement in Glic * CVE-2026-13897: Insufficient policy enforcement in Chromecast * CVE-2026-13898: Use after free in Cast Receiver * CVE-2026-13899: Use after free in HTML * CVE-2026-13900: Insufficient validation of untrusted input in Chromecast * CVE-2026-13901: Insufficient validation of untrusted input in Serial * CVE-2026-13902: Inappropriate implementation in Chrome for iOS * CVE-2026-13903: Insufficient policy enforcement in Bluetooth * CVE-2026-13904: Incorrect security UI in Safe Browsing * CVE-2026-13905: Incorrect security UI in Chrome for iOS * CVE-2026-13906: Out of bounds read in Codecs * CVE-2026-13907: Inappropriate implementation in iOSWeb * CVE-2026-13908: Insufficient validation of untrusted input in Omnibox * CVE-2026-13909: Insufficient policy enforcement in DevTools * CVE-2026-13910: Insufficient policy enforcement in WebXR * CVE-2026-13911: Insufficient data validation in Spellcheck * CVE-2026-13912: Incorrect security UI in Safe Browsing * CVE-2026-13913: Insufficient policy enforcement in Autofill * CVE-2026-13914: Inappropriate implementation in Passwords * CVE-2026-13915: Use after free in Chrome for iOS * CVE-2026-13916: Inappropriate implementation in Chrome for iOS * CVE-2026-13917: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13918: Use after free in Chrome for iOS * CVE-2026-13919: Insufficient data validation in Extensions * CVE-2026-13920: Insufficient validation of untrusted input in Media * CVE-2026-13921: Insufficient validation of untrusted input in DeviceBoundSessionCredentials * CVE-2026-13922: Side-channel information leakage in Paint * CVE-2026-13923: Uninitialized Use in GPU * CVE-2026-13924: Insufficient validation of untrusted input in WebView * CVE-2026-13925: Inappropriate implementation in Downloads * CVE-2026-13926: Insufficient validation of untrusted input in Network * CVE-2026-13927: Insufficient validation of untrusted input in UI * CVE-2026-13928: Insufficient validation of untrusted input in Enterprise * CVE-2026-13929: Insufficient validation of untrusted input in DevTools * CVE-2026-13930: Insufficient policy enforcement in Actor * CVE-2026-13931: Inappropriate implementation in Media * CVE-2026-13932: Inappropriate implementation in Sharing * CVE-2026-13933: Insufficient policy enforcement in Passwords * CVE-2026-13934: Insufficient validation of untrusted input in Dawn * CVE-2026-13935: Side-channel information leakage in ComputePressure * CVE-2026-13936: Inappropriate implementation in Passwords * CVE-2026-13937: Insufficient policy enforcement in Passwords * CVE-2026-13938: Integer overflow in Fonts * CVE-2026-13939: Insufficient validation of untrusted input in WebShare * CVE-2026-13940: Uninitialized Use in Cast * CVE-2026-13941: Inappropriate implementation in SiteSettings * CVE-2026-13942: Insufficient validation of untrusted input in Video Capture * CVE-2026-13943: Uninitialized Use in CSS * CVE-2026-13944: Inappropriate implementation in DataTransfer * CVE-2026-13945: Insufficient policy enforcement in Extensions * CVE-2026-13946: Inappropriate implementation in ScriptInjections * CVE-2026-13947: Uninitialized Use in XR * CVE-2026-13948: Insufficient policy enforcement in Extensions * CVE-2026-13949: Insufficient policy enforcement in Payments * CVE-2026-13950: Uninitialized Use in GPU * CVE-2026-13951: Policy bypass in USB * CVE-2026-13952: Inappropriate implementation in PerformanceAPIs * CVE-2026-13953: Inappropriate implementation in SplitView * CVE-2026-13954: Insufficient policy enforcement in XML * CVE-2026-13955: Insufficient validation of untrusted input in CustomTabs * CVE-2026-13956: Incorrect security UI in PageInfo * CVE-2026-13957: Incorrect security UI in Extensions * CVE-2026-13958: Uninitialized Use in Codecs * CVE-2026-13959: Insufficient validation of untrusted input in Blink * CVE-2026-13960: Inappropriate implementation in Passwords * CVE-2026-13961: Insufficient validation of untrusted input in DevTools * CVE-2026-13962: Insufficient data validation in PDF * CVE-2026-13963: Inappropriate implementation in DevTools * CVE-2026-13964: Insufficient policy enforcement in WebView * CVE-2026-13965: Use after free in Oilpan * CVE-2026-13966: Inappropriate implementation in History * CVE-2026-13967: Type Confusion in V8 * CVE-2026-13968: Insufficient validation of untrusted input in DevTools * CVE-2026-13969: Uninitialized Use in UI * CVE-2026-13970: Uninitialized Use in Media * CVE-2026-13971: Uninitialized Use in Skia * CVE-2026-13972: Inappropriate implementation in Paint * CVE-2026-13973: Inappropriate implementation in UI * CVE-2026-13974: Integer overflow in Safe Browsing * CVE-2026-13975: Out of bounds read in ANGLE * CVE-2026-13976: Heap buffer overflow in Storage * CVE-2026-13977: Inappropriate implementation in HTMLParser * CVE-2026-13978: Insufficient policy enforcement in PageInfo * CVE-2026-13979: Inappropriate implementation in Paint * CVE-2026-13980: Incorrect security UI in Chrome for iOS * CVE-2026-13981: Inappropriate implementation in Chrome for iOS * CVE-2026-13982: Incorrect security UI in Passwords * CVE-2026-13983: Incorrect security UI in Chrome for iOS * CVE-2026-13984: Incorrect security UI in TabStrip * CVE-2026-13985: Inappropriate implementation in MediaCapture * CVE-2026-13986: Inappropriate implementation in Media UI * CVE-2026-13987: Incorrect security UI in Mobile * CVE-2026-13988: Inappropriate implementation in Paint * CVE-2026-13989: Insufficient policy enforcement in PageInfo * CVE-2026-13990: Insufficient validation of untrusted input in DataTransfer * CVE-2026-13991: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-13992: Inappropriate implementation in UI * CVE-2026-13993: Incorrect security UI in WebAppInstalls * CVE-2026-13994: Inappropriate implementation in Credential Management * CVE-2026-13995: Insufficient validation of untrusted input in Autofill * CVE-2026-13996: Incorrect security UI in Permissions * CVE-2026-13997: Incorrect security UI in Extensions * CVE-2026-13998: Incorrect security UI in File Input * CVE-2026-13999: Inappropriate implementation in Extensions * CVE-2026-14000: Inappropriate implementation in XML * CVE-2026-14001: Inappropriate implementation in Network * CVE-2026-14002: Inappropriate implementation in Geolocation * CVE-2026-14003: Insufficient policy enforcement in Extensions * CVE-2026-14004: Inappropriate implementation in CSS * CVE-2026-14005: Use after free in Omnibox * CVE-2026-14006: Use after free in Navigation * CVE-2026-14007: Insufficient policy enforcement in PermissionsPolicy * CVE-2026-14008: Uninitialized Use in WebXR * CVE-2026-14009: Insufficient data validation in Passwords * CVE-2026-14010: Uninitialized Use in Codecs * CVE-2026-14011: Out of bounds read in SurfaceCapture * CVE-2026-14012: Side-channel information leakage in CSS * CVE-2026-14013: Inappropriate implementation in SVG * CVE-2026-14014: Inappropriate implementation in Paint * CVE-2026-14015: Inappropriate implementation in WebRTC * CVE-2026-14016: Insufficient policy enforcement in SVG * CVE-2026-14017: Inappropriate implementation in Navigation * CVE-2026-14018: Use after free in Updater * CVE-2026-14019: Inappropriate implementation in Passwords * CVE-2026-14020: Insufficient validation of untrusted input in WebXR * CVE-2026-14021: Insufficient validation of untrusted input in StorageAccessAPI * CVE-2026-14022: Insufficient validation of untrusted input in Network * CVE-2026-14023: Insufficient validation of untrusted input in SanitizerAPI * CVE-2026-14024: Use after free in Ozone * CVE-2026-14025: Use after free in Views * CVE-2026-14026: Incorrect security UI in SplitView * CVE-2026-14027: Use after free in SignIn * CVE-2026-14028: Incorrect security UI in Chrome for iOS * CVE-2026-14030: Incorrect security UI in SplitView * CVE-2026-14031: Incorrect security UI in File Input * CVE-2026-14032: Use after free in Bluetooth * CVE-2026-14033: Insufficient policy enforcement in Media * CVE-2026-14034: Inappropriate implementation in WebXR * CVE-2026-14035: Insufficient policy enforcement in Bluetooth * CVE-2026-14036: Insufficient policy enforcement in Bluetooth * CVE-2026-14037: Insufficient policy enforcement in GPU * CVE-2026-14038: Insufficient validation of untrusted input in New Tab Page * CVE-2026-14039: Insufficient policy enforcement in GetUserMedia * CVE-2026-14040: Use after free in BrowserTag * CVE-2026-14041: Insufficient policy enforcement in Serial * CVE-2026-14042: Inappropriate implementation in Isolated Web Apps * CVE-2026-14043: Use after free in GetUserMedia * CVE-2026-14044: Use after free in ANGLE * CVE-2026-14045: Insufficient validation of untrusted input in Network * CVE-2026-14046: Inappropriate implementation in CustomTabs * CVE-2026-14047: Insufficient policy enforcement in Extensions * CVE-2026-14048: Use after free in Chromecast * CVE-2026-14049: Inappropriate implementation in GPU * CVE-2026-14050: Insufficient policy enforcement in Passwords * CVE-2026-14051: Uninitialized Use in GamepadAPI * CVE-2026-14052: Insufficient policy enforcement in FileSystem * CVE-2026-14053: Insufficient policy enforcement in Extensions * CVE-2026-14054: Insufficient policy enforcement in Network * CVE-2026-14055: Insufficient validation of untrusted input in Device Trust * CVE-2026-14056: Insufficient validation of untrusted input in Media * CVE-2026-14057: Insufficient policy enforcement in FedCM * CVE-2026-14058: Policy bypass in Parser * CVE-2026-14059: Insufficient policy enforcement in Related-Website-Sets * CVE-2026-14060: Insufficient validation of untrusted input in Chromoting * CVE-2026-14061: Inappropriate implementation in Dawn * CVE-2026-14062: Inappropriate implementation in Views * CVE-2026-14063: Out of bounds memory access in Chromecast * CVE-2026-14064: Use after free in PageInfo * CVE-2026-14065: Insufficient validation of untrusted input in PageInfo * CVE-2026-14066: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-14067: Use after free in Chrome for iOS * CVE-2026-14068: Inappropriate implementation in Omnibox * CVE-2026-14069: Integer overflow in WebNN * CVE-2026-14070: Uninitialized Use in WebNN * CVE-2026-14071: Side-channel information leakage in WebAudio * CVE-2026-14072: Incorrect security UI in SplitView * CVE-2026-14073: Insufficient policy enforcement in WebXR * CVE-2026-14074: Side-channel information leakage in WebAuthentication * CVE-2026-14075: Policy bypass in Chrome for iOS * CVE-2026-14076: Policy bypass in Network * CVE-2026-14077: Incorrect security UI in Select * CVE-2026-14078: Policy bypass in WebRTC * CVE-2026-14079: Policy bypass in Network * CVE-2026-14080: Insufficient validation of untrusted input in TabSwitcher * CVE-2026-14081: Insufficient policy enforcement in DevTools * CVE-2026-14082: Race in Storage * CVE-2026-14083: Insufficient validation of untrusted input in HTML * CVE-2026-14084: Insufficient validation of untrusted input in Chromoting * CVE-2026-14085: Side-channel information leakage in CSS * CVE-2026-14086: Insufficient policy enforcement in HID * CVE-2026-14087: Insufficient validation of untrusted input in WebNN * CVE-2026-14088: Uninitialized Use in Canvas * CVE-2026-14089: Insufficient validation of untrusted input in PopupBlocker * CVE-2026-14090: Out of bounds read in CameraCapture * CVE-2026-14091: Use after free in DevTools * CVE-2026-14092: Insufficient policy enforcement in Privacy * CVE-2026-14093: Use after free in Cast * CVE-2026-14094: Use after free in Installer * CVE-2026-14095: Insufficient validation of untrusted input in Browser * CVE-2026-14096: Object lifecycle issue in Input * CVE-2026-14097: Inappropriate implementation in WebAppInstalls * CVE-2026-14098: Inappropriate implementation in CSS * CVE-2026-14099: Use after free in Chrome for iOS * CVE-2026-14100: Insufficient data validation in NetworkCache * CVE-2026-14101: Insufficient policy enforcement in Sandbox * CVE-2026-14102: Use after free in Passwords * CVE-2026-14103: Use after free in SSL * CVE-2026-14104: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-14105: Insufficient policy enforcement in Speech * CVE-2026-14106: Insufficient validation of untrusted input in Text * CVE-2026-14107: Use after free in Scheduling * CVE-2026-14108: Use after free in PDFium * CVE-2026-14109: Insufficient policy enforcement in Mojo * CVE-2026-14110: Inappropriate implementation in DarkMode * CVE-2026-14111: Use after free in WebProtect * CVE-2026-14112: Inappropriate implementation in Enterprise * CVE-2026-14113: Use after free in Updater * CVE-2026-14114: Inappropriate implementation in WebAppInstalls * CVE-2026-14115: Insufficient validation of untrusted input in Cast * CVE-2026-14116: Insufficient validation of untrusted input in DevTools * CVE-2026-14117: Insufficient validation of untrusted input in DevTools * CVE-2026-14118: Insufficient data validation in DevTools * CVE-2026-14119: Type Confusion in Bluetooth * CVE-2026-14120: Inappropriate implementation in DevTools * CVE-2026-14121: Use after free in Chromoting * CVE-2026-14122: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-14123: Incorrect security UI in Chrome for iOS * CVE-2026-14124: Inappropriate implementation in CredentialProvider * CVE-2026-14125: Uninitialized Use in ANGLE * CVE-2026-14126: Incorrect security UI in UI * CVE-2026-14127: Inappropriate implementation in Printing * CVE-2026-14128: Insufficient data validation in Chrome for iOS * CVE-2026-14129: Incorrect security UI in PreviewTab * CVE-2026-14130: Incorrect security UI in Omnibox * CVE-2026-14131: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-14132: Inappropriate implementation in WebXR * CVE-2026-14133: Race in History Embeddings * CVE-2026-14134: Inappropriate implementation in Autofill * CVE-2026-14135: Insufficient validation of untrusted input in Network * CVE-2026-14136: Incorrect security UI in Chrome for iOS * CVE-2026-14137: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-14138: Inappropriate implementation in WebAppInstalls * CVE-2026-14139: Inappropriate implementation in TabStrip * CVE-2026-14140: Insufficient validation of untrusted input in Input * CVE-2026-14141: Incorrect security UI in Document Picture-in-Picture * CVE-2026-14142: Inappropriate implementation in Extensions * CVE-2026-14143: Incorrect security UI in Passwords * CVE-2026-14144: Incorrect security UI in Views * CVE-2026-14145: Inappropriate implementation in CSS * CVE-2026-14146: Inappropriate implementation in CSS * CVE-2026-14147: Inappropriate implementation in CSS * CVE-2026-14148: Type Confusion in CSS * CVE-2026-14149: Use after free in Audio * CVE-2026-14150: Insufficient validation of untrusted input in Speech * CVE-2026-14151: Inappropriate implementation in AI * CVE-2026-14152: Out of bounds write in ANGLE * CVE-2026-14153: Inappropriate implementation in Glic * CVE-2026-14154: Inappropriate implementation in DevTools * CVE-2026-14155: Insufficient policy enforcement in StorageAccessAPI * CVE-2026-14156: Policy bypass in StorageAccessAPI - Remove Darkmode patches, which are already included in v150 - Refresh patches for v150 - Fix FTBFS with system ffmpeg - Backport upstream patches to fix FTBFS |
| 2026-06-26 | Than Ngo <than at redhat dot com> - 149.0.7827.200-1 | - Update to 149.0.7827.200 CVE-2026-13281: Integer overflow in Mojo CVE-2026-13282: Use after free in Payments CVE-2026-13283: Use after free in AdFilter |
| 2026-06-24 | Than Ngo <than at redhat dot com> - 149.0.7827.196-1 | - Update to 149.0.7827.196 * CVE-2026-13028: Use after free in WebGL * CVE-2026-13032: Use after free in WebGL * CVE-2026-13033: Out of bounds read in Blink>InterestGroups * CVE-2026-13038: Use after free in Autofill * CVE-2026-13021: Inappropriate implementation in DeviceBoundSessionCredentials * CVE-2026-13022: Inappropriate implementation in Autofill * CVE-2026-13023: Uninitialized Use in GPU * CVE-2026-13024: Insufficient validation of untrusted input in Navigation * CVE-2026-13025: Insufficient validation of untrusted input in DevTools * CVE-2026-13026: Use after free in Digital Credentials * CVE-2026-13027: Use after free in FileSystem * CVE-2026-13029: Use after free in Web Authentication * CVE-2026-13030: Uninitialized Use in GPU * CVE-2026-13031: Use after free in Blink * CVE-2026-13034: Inappropriate implementation in Passwords * CVE-2026-13035: Use after free in Bluetooth * CVE-2026-13036: Use after free in Blink * CVE-2026-13037: Use after free in WebView - Upstream patch, Make dark mode apply filter to images irrespective of layout zoom |
| 2026-06-17 | Than Ngo <than at redhat dot com> - 149.0.7827.155-1 | - Update to 149.0.7827.155 * CVE-2026-12437: Use after free in WebShare * CVE-2026-12438: Inappropriate implementation in WebView * CVE-2026-12439: Use after free in Digital Credentials * CVE-2026-12440: Use after free in DigitalCredentials * CVE-2026-12441: Use after free in File Input * CVE-2026-12442: Use after free in Passwords * CVE-2026-12443: Use after free in Web Authentication * CVE-2026-12444: Out of bounds read in Chromoting * CVE-2026-12445: Use after free in Extensions * CVE-2026-12446: Insufficient data validation in Passwords * CVE-2026-12447: Heap buffer overflow in WebRTC * CVE-2026-12448: Inappropriate implementation in WebView * CVE-2026-12449: Use after free in Chromoting * CVE-2026-12450: Inappropriate implementation in Media * CVE-2026-12451: Use after free in DigitalCredentials * CVE-2026-12452: Use after free in Downloads * CVE-2026-12453: Insufficient validation of untrusted input in Input * CVE-2026-12454: Race in Safe Browsing * CVE-2026-12455: Use after free in Tab Strip * CVE-2026-12456: Insufficient validation of untrusted input in Extensions * CVE-2026-12457: Insufficient data validation in Extensions * CVE-2026-12458: Incorrect security UI in Passwords * CVE-2026-12459: Inappropriate implementation in Serial * CVE-2026-12460: Insufficient policy enforcement in File System Access * CVE-2026-12461: Out of bounds read in WebRTC * CVE-2026-12462: Use after free in Media * CVE-2026-12463: Inappropriate implementation in Views * CVE-2026-12464: Use after free in Browser * CVE-2026-12465: Insufficient validation of untrusted input in Metrics * CVE-2026-12466: Heap buffer overflow in WebRTC * CVE-2026-12467: Use after free in Extensions * CVE-2026-12468: Inappropriate implementation in Updater * CVE-2026-12469: Uninitialized Use in GPU |
| 2026-06-12 | Than Ngo <than at redhat dot com> - 149.0.7827.114-1 | - Update to 149.0.7827.114 * CVE-2026-12007: Use after free Core * CVE-2026-12008: Use after free DigitalCredentials * CVE-2026-12009: Insufficient validation of untrusted input Accessibility * CVE-2026-12010: Heap buffer overflow GPU * CVE-2026-12011: Use after free WebMIDI * CVE-2026-12012: Use after free Network * CVE-2026-12013: Use after free Media * CVE-2026-12014: Use after free Cast * CVE-2026-12015: Use after free Autofill * CVE-2026-12016: Insufficient validation of untrusted input DevTools * CVE-2026-12017: Insufficient validation of untrusted input Extensions * CVE-2026-12018: Inappropriate implementation Mojo * CVE-2026-12019: Out of bounds write Codecs * CVE-2026-12020: Use after free Autofill * CVE-2026-12022: Race Safe Browsing * CVE-2026-12023: Use after free GPU * CVE-2026-12024: Insufficient policy enforcement DevTools * CVE-2026-12025: Insufficient validation of untrusted input Network * CVE-2026-12026: Out of bounds read Video * CVE-2026-12027: Insufficient policy enforcement Headless * CVE-2026-12028: Use after free GPU * CVE-2026-12029: Use after free Video * CVE-2026-12030: Heap buffer overflow GPU * CVE-2026-12031: Inappropriate implementation Views * CVE-2026-12032: Inappropriate implementation Passwords * CVE-2026-12033: Out of bounds read VideoCapture * CVE-2026-12034: Insufficient validation of untrusted input Linux Toolkit Theming * CVE-2026-12035: Use after free Views - Disable AI Mode settings |
| 2026-06-09 | Than Ngo <than at redhat dot com> - 149.0.7827.102-1 | - Update to 149.0.7827.102 * CVE-2026-11628: Use after free in Ozone * CVE-2026-11629: Use after free in Ozone * CVE-2026-11630: Use after free in File Input * CVE-2026-11631: Use after free in Aura * CVE-2026-11632: Use after free in TabStrip * CVE-2026-11633: Use after free in Bluetooth * CVE-2026-11634: Use after free in Gamepad * CVE-2026-11635: Use after free in Bluetooth * CVE-2026-11636: Use after free in Autofill * CVE-2026-11637: Use after free in Views * CVE-2026-11638: Use after free in Printing * CVE-2026-11639: Use after free in Compositing * CVE-2026-11640: Integer overflow in libyuv * CVE-2026-11641: Use after free in Bluetooth * CVE-2026-11642: Use after free in Web Apps * CVE-2026-11643: Use after free in Proxy * CVE-2026-11644: Use after free in Views * CVE-2026-11645: Out of bounds memory access in V8 * CVE-2026-11646: Use after free in ViewTransitions * CVE-2026-11647: Use after free in Printing * CVE-2026-11648: Use after free in FullScreen * CVE-2026-11649: Use after free in V8 * CVE-2026-11650: Use after free in V8 * CVE-2026-11651: Use after free in Network * CVE-2026-11652: Use after free in Extensions * CVE-2026-11653: Insufficient validation of untrusted input in Extensions * CVE-2026-11654: Use after free in CameraCapture * CVE-2026-11655: Integer overflow in Media * CVE-2026-11656: Use after free in ServiceWorker * CVE-2026-11657: Use after free in Payments * CVE-2026-11658: Insufficient validation of untrusted input in Extensions * CVE-2026-11659: Insufficient validation of untrusted input in UI * CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page * CVE-2026-11661: Use after free in Views * CVE-2026-11662: Type Confusion in Bindings * CVE-2026-11663: Use after free in Skia * CVE-2026-11664: Use after free in Payments * CVE-2026-11665: Out of bounds read in Dawn * CVE-2026-11666: Insufficient validation of untrusted input in Input * CVE-2026-11667: Out of bounds read in WebRTC * CVE-2026-11668: Uninitialized Use in Codecs * CVE-2026-11669: Integer overflow in Media * CVE-2026-11670: Use after free in PDF * CVE-2026-11671: Use after free in Navigation * CVE-2026-11672: Out of bounds write in GPU * CVE-2026-11673: Use after free in InterestGroups * CVE-2026-11674: Use after free in Guest View * CVE-2026-11675: Insufficient validation of untrusted input in Skia * CVE-2026-11676: Insufficient validation of untrusted input in Dawn * CVE-2026-11677: Race in Network * CVE-2026-11678: Integer overflow in libyuv * CVE-2026-11679: Use after free in Codecs * CVE-2026-11680: Use after free in Media * CVE-2026-11681: Use after free in Ozone * CVE-2026-11682: Insufficient validation of untrusted input in Views * CVE-2026-11683: Use after free in WebCodecs * CVE-2026-11684: Insufficient policy enforcement in Network * CVE-2026-11685: Insufficient data validation in MediaCapture * CVE-2026-11686: Insufficient validation of untrusted input in Dawn * CVE-2026-11687: Use after free in Dawn * CVE-2026-11688: Object lifecycle issue in SVG * CVE-2026-11689: Insufficient validation of untrusted input in Passwords * CVE-2026-11690: Out of bounds read and write in Media * CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page * CVE-2026-11692: Use after free in Read Anything * CVE-2026-11693: Inappropriate implementation in Plugins * CVE-2026-11694: Use after free in ServiceWorker * CVE-2026-11695: Inappropriate implementation in Passwords * CVE-2026-11696: Uninitialized Use in Video * CVE-2026-11697: Insufficient validation of untrusted input in UI * CVE-2026-11698: Use after free in Bluetooth * CVE-2026-11699: Use after free in Bluetooth * CVE-2026-11700: Use after free in Tracing * CVE-2026-11701: Insufficient validation of untrusted input in Guest View - Refresh ppc64le patches |
| 2026-06-05 | Than Ngo <than at redhat dot com> - 149.0.7827.53-1 | - Update to 149.0.7827.53 * CVE-2026-10881: Out of bounds read and write in ANGLE * CVE-2026-10882: Use after free in Network * CVE-2026-10883: Out of bounds write in ANGLE * CVE-2026-10884: Use after free in Chromecast * CVE-2026-10885: Use after free in Chrome for iOS * CVE-2026-10886: Use after free in FileSystem * CVE-2026-10887: Use after free in Chromoting * CVE-2026-10888: Use after free in Cast Streaming * CVE-2026-10889: Out of bounds read in ANGLE * CVE-2026-10890: Use after free in Cast * CVE-2026-10891: Use after free in GFX * CVE-2026-10892: Out of bounds write in GPU * CVE-2026-10893: Use after free in Chromoting * CVE-2026-10894: Use after free in Printing * CVE-2026-10895: Use after free in Ozone * CVE-2026-10896: Use after free in Chrome for iOS * CVE-2026-10897: Out of bounds write in GPU * CVE-2026-10898: Stack buffer overflow in GPU * CVE-2026-10899: Use after free in Ozone * CVE-2026-10900: Use after free in Passwords * CVE-2026-10901: Use after free in Passwords * CVE-2026-10902: Use after free in Ozone * CVE-2026-10903: Use after free in WebRTC * CVE-2026-10904: Inappropriate implementation in V8 * CVE-2026-10905: Use after free in Network * CVE-2026-10906: Use after free in WebAuthentication * CVE-2026-10907: Out of bounds write in ANGLE * CVE-2026-10908: Use after free in FullScreen * CVE-2026-10909: Use after free in Dawn * CVE-2026-10910: Type Confusion in V8 * CVE-2026-10911: Insufficient validation of untrusted input in Media * CVE-2026-10912: Insufficient validation of untrusted input in Extensions * CVE-2026-10913: Use after free in ANGLE * CVE-2026-10914: Use after free in ANGLE * CVE-2026-10915: Use after free in Core * CVE-2026-10916: Insufficient validation of untrusted input in DevTools * CVE-2026-10917: Insufficient validation of untrusted input in Media * CVE-2026-10918: Use after free in Viz * CVE-2026-10919: Use after free in ANGLE * CVE-2026-10920: Insufficient validation of untrusted input in WebShare * CVE-2026-10921: Integer overflow in Dawn * CVE-2026-10922: Insufficient validation of untrusted input in DevTools * CVE-2026-10923: Use after free in WebAppInstalls * CVE-2026-10924: Integer overflow in Chromecast * CVE-2026-10925: Out of bounds write in Skia * CVE-2026-10926: Use after free in Cast * CVE-2026-10927: Out of bounds read in Dawn * CVE-2026-10928: Script injection in Headless * CVE-2026-10929: Heap buffer overflow in ANGLE * CVE-2026-10930: Out of bounds read in ANGLE * CVE-2026-10931: Use after free in FileSystem * CVE-2026-10932: Use after free in UI * CVE-2026-10933: Use after free in Audio * CVE-2026-10934: Use after free in Autofill * CVE-2026-10935: Inappropriate implementation in V8 * CVE-2026-10936: Type Confusion in V8 * CVE-2026-10937: Inappropriate implementation in Passwords * CVE-2026-10938: Insufficient validation of untrusted input in Input * CVE-2026-10939: Use after free in WebRTC * CVE-2026-10940: Race in Codecs * CVE-2026-10941: Out of bounds memory access in Skia * CVE-2026-10942: Insufficient validation of untrusted input in UI * CVE-2026-10943: Use after free in WebRTC * CVE-2026-10944: Insufficient policy enforcement in Autofill * CVE-2026-10945: Use after free in PDF * CVE-2026-10946: Heap buffer overflow in Media * CVE-2026-10947: Use after free in WebRTC * CVE-2026-10948: Use after free in WebRTC * CVE-2026-10949: Heap buffer overflow in Video * CVE-2026-10950: Insufficient policy enforcement in Autofill * CVE-2026-10951: Use after free in Autofill * CVE-2026-10952: Use after free in Chrome for iOS * CVE-2026-10953: Use after free in Core * CVE-2026-10954: Use after free in Actor * CVE-2026-10955: Type Confusion in ANGLE * CVE-2026-10956: Use after free in MimeHandlerView * CVE-2026-10957: Use after free in Glic * CVE-2026-10958: Use after free in Chrome for iOS * CVE-2026-10959: Use after free in Input * CVE-2026-10960: Uninitialized Use in Codecs * CVE-2026-10961: Use after free in Chrome for iOS * CVE-2026-10962: Type Confusion in Media * CVE-2026-10963: Integer overflow in V8 * CVE-2026-10964: Integer overflow in V8 * CVE-2026-10965: Integer overflow in DevTools * CVE-2026-10966: Insufficient validation of untrusted input in Codecs * CVE-2026-10967: Use after free in SurfaceCapture * CVE-2026-10968: Insufficient validation of untrusted input in Dawn * CVE-2026-10969: Insufficient validation of untrusted input in Extensions * CVE-2026-10970: Insufficient validation of untrusted input in InterestGroups * CVE-2026-10971: Insufficient validation of untrusted input in Printing * CVE-2026-10972: Use after free in Ozone * CVE-2026-10973: Uninitialized Use in Dawn * CVE-2026-10974: Insufficient validation of untrusted input in ANGLE * CVE-2026-10975: Use after free in WebRTC * CVE-2026-10976: Uninitialized Use in Dawn * CVE-2026-10977: Uninitialized Use in Skia * CVE-2026-10978: Use after free in Chromoting * CVE-2026-10979: Out of bounds read in ANGLE * CVE-2026-10980: Insufficient validation of untrusted input in DevTools * CVE-2026-10981: Insufficient validation of untrusted input in Codecs * CVE-2026-10982: Use after free in WebXR * CVE-2026-10983: Insufficient validation of untrusted input in Dawn * CVE-2026-10984: Inappropriate implementation in Accessibility * CVE-2026-10985: Out of bounds read in Skia * CVE-2026-10986: Integer overflow in Media * CVE-2026-10987: Integer overflow in V8 * CVE-2026-10988: Use after free in Views * CVE-2026-10989: Inappropriate implementation in V8 * CVE-2026-10990: Use after free in Glic * CVE-2026-10991: Use after free in V8 * CVE-2026-10992: Insufficient data validation in Animation * CVE-2026-10993: Heap buffer overflow in Skia * CVE-2026-10994: Uninitialized Use in ANGLE * CVE-2026-10995: Heap buffer overflow in TabStrip * CVE-2026-10996: Inappropriate implementation in Workers * CVE-2026-10997: Insufficient policy enforcement in Extensions * CVE-2026-10998: Out of bounds read in Media * CVE-2026-10999: Out of bounds memory access in ANGLE * CVE-2026-11000: Use after free in Fonts * CVE-2026-11001: Incorrect security UI in Payments * CVE-2026-11002: Use after free in Autofill * CVE-2026-11003: Use after free in WebRTC * CVE-2026-11004: Out of bounds read in ANGLE * CVE-2026-11005: Out of bounds read in ANGLE * CVE-2026-11006: Out of bounds read in Dawn * CVE-2026-11007: Insufficient validation of untrusted input in WebView * CVE-2026-11008: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-11009: Use after free in USB * CVE-2026-11010: Use after free in WebShare * CVE-2026-11011: Insufficient policy enforcement in Password Manager * CVE-2026-11012: Use after free in Serial * CVE-2026-11013: Insufficient validation of untrusted input in Network * CVE-2026-11014: Insufficient policy enforcement in Extensions * CVE-2026-11015: Out of bounds read in WebGPU * CVE-2026-11016: Insufficient validation of untrusted input in Network * CVE-2026-11017: Inappropriate implementation in Link Preview * CVE-2026-11018: Insufficient policy enforcement in Actor * CVE-2026-11019: Inappropriate implementation in Payments * CVE-2026-11020: Inappropriate implementation in Extensions * CVE-2026-11021: Insufficient validation of untrusted input in GPU * CVE-2026-11022: Insufficient validation of untrusted input in DevTools * CVE-2026-11023: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-11024: Stack buffer overflow in Skia * CVE-2026-11025: Insufficient policy enforcement in Navigation * CVE-2026-11026: Insufficient policy enforcement in Extensions * CVE-2026-11027: Insufficient validation of untrusted input in Glic * CVE-2026-11028: Use after free in Media * CVE-2026-11029: Insufficient validation of untrusted input in Drag and Drop * CVE-2026-11030: Use after free in Network * CVE-2026-11031: Insufficient validation of untrusted input in Password Manager * CVE-2026-11032: Insufficient data validation in Password Manager * CVE-2026-11033: Uninitialized Use in WebML * CVE-2026-11034: Insufficient validation of untrusted input in Tab Group Sync * CVE-2026-11035: Insufficient validation of untrusted input in Custom Tabs * CVE-2026-11036: Inappropriate implementation in DOM * CVE-2026-11037: Out of bounds write in Codecs * CVE-2026-11038: Insufficient validation of untrusted input in Subresource Integrity * CVE-2026-11039: Uninitialized Use in Skia * CVE-2026-11040: Use after free in ANGLE * CVE-2026-11041: Insufficient validation of untrusted input in Media * CVE-2026-11042: Use after free in Views * CVE-2026-11043: Out of bounds write in ANGLE * CVE-2026-11044: Integer overflow in ANGLE * CVE-2026-11045: Insufficient validation of untrusted input in GPU * CVE-2026-11046: Insufficient validation of untrusted input in Media * CVE-2026-11047: Insufficient validation of untrusted input in Base * CVE-2026-11048: Inappropriate implementation in Extensions * CVE-2026-11049: Use after free in Password Manager * CVE-2026-11050: Use after free in V8 * CVE-2026-11051: Out of bounds read in ANGLE * CVE-2026-11052: Type Confusion in GPU * CVE-2026-11053: VULNERABILITY in WebRTC * CVE-2026-11054: Use after free in WebRTC * CVE-2026-11055: Use after free in ANGLE * CVE-2026-11056: Insufficient validation of untrusted input in SiteIsolation * CVE-2026-11057: Uninitialized Use in Skia * CVE-2026-11058: Integer overflow in CredentialProvider * CVE-2026-11059: Use after free in Blink * CVE-2026-11060: Use after free in Media * CVE-2026-11061: Out of bounds read in ANGLE * CVE-2026-11062: Insufficient policy enforcement in Extensions * CVE-2026-11063: Insufficient validation of untrusted input in WebNN * CVE-2026-11064: Uninitialized Use in GPU * CVE-2026-11065: Use after free in ANGLE * CVE-2026-11066: Insufficient validation of untrusted input in ANGLE * CVE-2026-11067: Uninitialized Use in Dawn * CVE-2026-11068: Use after free in WebSockets * CVE-2026-11069: Insufficient validation of untrusted input in Cast * CVE-2026-11070: Insufficient validation of untrusted input in Chromoting * CVE-2026-11071: Use after free in Base * CVE-2026-11072: Use after free in WebView * CVE-2026-11073: Use after free in WebGL * CVE-2026-11074: Use after free in WebRTC * CVE-2026-11075: Out of bounds read in V8 * CVE-2026-11076: Type Confusion in CSS * CVE-2026-11077: Out of bounds read in Dawn * CVE-2026-11078: Insufficient validation of untrusted input in FileSystem * CVE-2026-11079: Insufficient validation of untrusted input in Codecs * CVE-2026-11080: Use after free in WebView * CVE-2026-11081: Policy bypass in Canvas * CVE-2026-11082: Use after free in GPU * CVE-2026-11083: Inappropriate implementation in Password Manager * CVE-2026-11084: Inappropriate implementation in Password Manager * CVE-2026-11085: Integer overflow in GPU * CVE-2026-11086: Insufficient validation of untrusted input in Dawn * CVE-2026-11087: Uninitialized Use in ANGLE * CVE-2026-11088: Integer overflow in ANGLE * CVE-2026-11089: Uninitialized Use in Media * CVE-2026-11090: Uninitialized Use in ANGLE * CVE-2026-11091: Inappropriate implementation in Dawn * CVE-2026-11092: Insufficient policy enforcement in DevTools * CVE-2026-11093: Insufficient validation of untrusted input in Printing * CVE-2026-11094: Use after free in Codecs * CVE-2026-11095: Insufficient validation of untrusted input in Codecs * CVE-2026-11096: Out of bounds read in WebRTC * CVE-2026-11097: Inappropriate implementation in WebView * CVE-2026-11098: Insufficient validation of untrusted input in GPU * CVE-2026-11099: Vulnerability in Skia * CVE-2026-11100: Use after free in File Input * CVE-2026-11101: Uninitialized Use in Dawn * CVE-2026-11102: Inappropriate implementation in Isolated Web Apps * CVE-2026-11103: Inappropriate implementation in Installer * CVE-2026-11104: Uninitialized Use in ANGLE * CVE-2026-11105: Insufficient validation of untrusted input in WebUI * CVE-2026-11106: Inappropriate implementation in Media * CVE-2026-11107: Inappropriate implementation in Downloads * CVE-2026-11108: Inappropriate implementation in NFC * CVE-2026-11109: Uninitialized Use in ANGLE * CVE-2026-11110: Uninitialized Use in ANGLE * CVE-2026-11111: Out of bounds read in ANGLE * CVE-2026-11112: Insufficient validation of untrusted input in Chromoting * CVE-2026-11113: Insufficient validation of untrusted input in ANGLE * CVE-2026-11114: Use after free in Device Trust * CVE-2026-11115: Use after free in Updater * CVE-2026-11116: Use after free in Chromoting * CVE-2026-11117: Use after free in Views * CVE-2026-11118: Use after free in WebRTC * CVE-2026-11119: Insufficient validation of untrusted input in GPU * CVE-2026-11120: Insufficient validation of untrusted input in Enterprise Reporting * CVE-2026-11121: Insufficient validation of untrusted input in Skia * CVE-2026-11122: Inappropriate implementation in Keyboard * CVE-2026-11123: Uninitialized Use in ANGLE * CVE-2026-11124: Heap buffer overflow in Skia * CVE-2026-11125: Use after free in Compositing * CVE-2026-11126: Insufficient validation of untrusted input in DevTools * CVE-2026-11127: Inappropriate implementation in WebAPKs * CVE-2026-11128: Insufficient validation of untrusted input in Web Share * CVE-2026-11129: Inappropriate implementation in Extensions * CVE-2026-11130: Use after free in Media * CVE-2026-11131: Use after free in Autofill * CVE-2026-11132: Policy bypass in Paint * CVE-2026-11133: Insufficient policy enforcement in Paint * CVE-2026-11134: Insufficient data validation in Media * CVE-2026-11135: Insufficient policy enforcement in Autofill * CVE-2026-11136: Use after free in Canvas * CVE-2026-11137: Uninitialized Use in ANGLE * CVE-2026-11138: Uninitialized Use in ANGLE * CVE-2026-11139: Policy bypass in Paint * CVE-2026-11140: Insufficient validation of untrusted input in Chromecast * CVE-2026-11141: Uninitialized Use in Audio * CVE-2026-11142: Policy bypass in Paint * CVE-2026-11143: Heap buffer overflow in Extensions * CVE-2026-11144: Use after free in Media * CVE-2026-11145: Race in Geolocation * CVE-2026-11146: Insufficient validation of untrusted input in Chromoting * CVE-2026-11147: Use after free in WebML * CVE-2026-11148: Inappropriate implementation in Payments * CVE-2026-11149: Insufficient validation of untrusted input in Extensions * CVE-2026-11150: Inappropriate implementation in XML * CVE-2026-11151: Insufficient validation of untrusted input in Password Manager * CVE-2026-11152: Object lifecycle issue in Dawn * CVE-2026-11153: Side-channel information leakage in Forms * CVE-2026-11154: Use after free in Dawn * CVE-2026-11155: Insufficient policy enforcement in CSS * CVE-2026-11156: Inappropriate implementation in CSS * CVE-2026-11157: Script injection in Accessibility * CVE-2026-11158: Insufficient validation of untrusted input in Downloads * CVE-2026-11159: Uninitialized Use in Skia * CVE-2026-11160: Out of bounds read in Input * CVE-2026-11161: Insufficient data validation in DataTransfer * CVE-2026-11162: Insufficient policy enforcement in CSS * CVE-2026-11163: Use after free in Messages * CVE-2026-11164: Use after free in Blink * CVE-2026-11165: Use after free in WebMIDI * CVE-2026-11166: Inappropriate implementation in SVG * CVE-2026-11167: Inappropriate implementation in WebView * CVE-2026-11168: Insufficient policy enforcement in Extensions * CVE-2026-11169: Inappropriate implementation in XML * CVE-2026-11170: Inappropriate implementation in Chromoting * CVE-2026-11171: Integer overflow in Blink * CVE-2026-11172: Incorrect security UI in Contact Picker * CVE-2026-11173: Out of bounds write in V8 * CVE-2026-11174: Insufficient policy enforcement in Site Isolation * CVE-2026-11175: Incorrect security UI in Messages * CVE-2026-11176: Inappropriate implementation in Media * CVE-2026-11177: Use after free in Omnibox * CVE-2026-11178: Policy bypass in WebView * CVE-2026-11179: Inappropriate implementation in ORB * CVE-2026-11180: Policy bypass in SVG * CVE-2026-11181: Inappropriate implementation in Media Session * CVE-2026-11182: Inappropriate implementation in SVG * CVE-2026-11183: Out of bounds read in GWP-ASan * CVE-2026-11184: Insufficient policy enforcement in Actor * CVE-2026-11185: Use after free in V8 * CVE-2026-11186: Inappropriate implementation in CSS * CVE-2026-11187: Insufficient policy enforcement in Glic * CVE-2026-11188: Use after free in USB * CVE-2026-11189: Insufficient validation of untrusted input in DevTools * CVE-2026-11190: Insufficient policy enforcement in Extensions * CVE-2026-11191: Out of bounds memory access in ANGLE * CVE-2026-11192: Insufficient validation of untrusted input in Password Manager * CVE-2026-11193: Insufficient policy enforcement in Password Manager * CVE-2026-11194: Inappropriate implementation in Network * CVE-2026-11195: Inappropriate implementation in MHTML * CVE-2026-11196: Type Confusion in XML * CVE-2026-11197: Insufficient policy enforcement in Workers * CVE-2026-11198: Insufficient validation of untrusted input in Codecs * CVE-2026-11199: Insufficient validation of untrusted input in WebRTC * CVE-2026-11200: Inappropriate implementation in WebRTC * CVE-2026-11201: Use after free in ServiceWorker * CVE-2026-11202: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-11203: Policy bypass in GPU * CVE-2026-11204: Inappropriate implementation in Signin * CVE-2026-11205: Insufficient validation of untrusted input in Chrome for iOS * CVE-2026-11206: Policy bypass in ServiceWorker * CVE-2026-11207: Insufficient validation of untrusted input in Autofill * CVE-2026-11208: Use after free in Codecs * CVE-2026-11209: Insufficient policy enforcement in Passwords * CVE-2026-11210: Insufficient policy enforcement in Safe Browsing * CVE-2026-11211: Integer overflow in V8 * CVE-2026-11212: Insufficient policy enforcement in DevTools * CVE-2026-11213: Insufficient validation of untrusted input in Reading Mode * CVE-2026-11214: Inappropriate implementation in Chrome for iOS * CVE-2026-11215: Inappropriate implementation in Cronet * CVE-2026-11216: Incorrect security UI in File Input * CVE-2026-11217: Insufficient policy enforcement in Fenced Frames * CVE-2026-11218: Inappropriate implementation in PlatformIntegration * CVE-2026-11219: Insufficient data validation in Navigation * CVE-2026-11220: Insufficient validation of untrusted input in Navigation * CVE-2026-11221: Insufficient validation of untrusted input in PointerLock * CVE-2026-11222: Incorrect security UI in Tab Strip * CVE-2026-11223: Insufficient validation of untrusted input in Network * CVE-2026-11224: Use after free in Chromoting * CVE-2026-11225: Incorrect security UI in WebUI * CVE-2026-11226: Insufficient policy enforcement in PreviewTab * CVE-2026-11227: Incorrect security UI in Tab Hover Cards * CVE-2026-11228: Incorrect security UI in File Input * CVE-2026-11229: Insufficient policy enforcement in Enterprise * CVE-2026-11230: Use after free in Extensions * CVE-2026-11231: Inappropriate implementation in Safe Browsing * CVE-2026-11232: Inappropriate implementation in TabGroups * CVE-2026-11233: Insufficient validation of untrusted input in FoldableAPIs * CVE-2026-11234: Insufficient policy enforcement in FoldableAPIs * CVE-2026-11235: Insufficient validation of untrusted input in Compositing * CVE-2026-11236: Insufficient policy enforcement in Web Bluetooth * CVE-2026-11237: Insufficient validation of untrusted input in Media * CVE-2026-11238: Inappropriate implementation in DevTools * CVE-2026-11239: Insufficient validation of untrusted input in Extensions * CVE-2026-11240: Insufficient validation of untrusted input in Loader * CVE-2026-11241: Insufficient validation of untrusted input in Cast * CVE-2026-11242: Insufficient validation of untrusted input in Plugins * CVE-2026-11243: Incorrect security UI in Downloads * CVE-2026-11244: Insufficient validation of untrusted input in WebAuthentication * CVE-2026-11245: Inappropriate implementation in Payments * CVE-2026-11246: Insufficient validation of untrusted input in IndexedDB * CVE-2026-11247: Insufficient policy enforcement in CustomTabs * CVE-2026-11248: Policy bypass in Google Lens * CVE-2026-11249: Use after free in Network * CVE-2026-11250: Inappropriate implementation in DevTools * CVE-2026-11251: Insufficient validation of untrusted input in Password Manager * CVE-2026-11252: Policy bypass in Content Settings * CVE-2026-11253: Race in Permissions * CVE-2026-11254: Inappropriate implementation in Permissions * CVE-2026-11255: Insufficient validation of untrusted input in Storage Access API * CVE-2026-11256: Out of bounds read in GPU * CVE-2026-11257: Inappropriate implementation in Browser * CVE-2026-11258: Inappropriate implementation in File System Access * CVE-2026-11259: Insufficient validation of untrusted input in Cast * CVE-2026-11260: Policy bypass in Permissions * CVE-2026-11261: Insufficient validation of untrusted input in PDF * CVE-2026-11262: Use after free in TabStrip * CVE-2026-11263: Insufficient policy enforcement in WebAuthentication * CVE-2026-11264: Policy bypass in Content Security Policy * CVE-2026-11265: Insufficient data validation in Autofill * CVE-2026-11266: Policy bypass in SafeBrowsing * CVE-2026-11267: Insufficient policy enforcement in Extensions * CVE-2026-11268: Uninitialized Use in ANGLE * CVE-2026-11269: Inappropriate implementation in Extensions * CVE-2026-11270: Inappropriate implementation in UI * CVE-2026-11271: Incorrect security UI in Passwords * CVE-2026-11272: Insufficient validation of untrusted input in Reading List * CVE-2026-11273: Insufficient validation of untrusted input in Omnibox * CVE-2026-11274: Inappropriate implementation in DOM Distiller * CVE-2026-11275: Insufficient policy enforcement in Page Info * CVE-2026-11276: Inappropriate implementation in Cast * CVE-2026-11277: Insufficient policy enforcement in Chrome for iOS * CVE-2026-11278: Inappropriate implementation in CustomTabs * CVE-2026-11279: Out of bounds read in DevTools * CVE-2026-11280: Insufficient validation of untrusted input in Signin * CVE-2026-11281: Integer overflow in Chromoting * CVE-2026-11282: Policy bypass in Sandbox * CVE-2026-11283: Policy bypass in Shortcuts * CVE-2026-11284: Side-channel information leakage in PerformanceAPIs * CVE-2026-11285: Insufficient policy enforcement in Chrome for iOS * CVE-2026-11286: Insufficient validation of untrusted input in Wallet * CVE-2026-11287: Insufficient validation of untrusted input in Navigation * CVE-2026-11288: Policy bypass in CSS * CVE-2026-11289: Side-channel information leakage in Paint * CVE-2026-11290: Integer overflow in WebView * CVE-2026-11291: Policy bypass in Android Autofill * CVE-2026-11292: Policy bypass in Blink * CVE-2026-11293: Use after free in Input * CVE-2026-11294: Inappropriate implementation in Passwords * CVE-2026-11295: Inappropriate implementation in WebView * CVE-2026-11296: Inappropriate implementation in ImageCapture * CVE-2026-11297: Insufficient validation of untrusted input in Reader Mode * CVE-2026-11298: Insufficient policy enforcement in Chrome for iOS * CVE-2026-11299: Out of bounds read in Fonts * CVE-2026-11300: Inappropriate implementation in Permissions * CVE-2026-11301: Out of bounds read in LiveCaption * CVE-2026-11302: Insufficient policy enforcement in Chrome for iOS * CVE-2026-11303: Use after free in PDFium * CVE-2026-11304: Use after free in PDFium * CVE-2026-11305: Use after free in PDFium * CVE-2026-11306: Use after free in PDFium * CVE-2026-11307: Use after free in PDFium * CVE-2026-11308: Inappropriate implementation in Extensions * CVE-2026-11309: Insufficient policy enforcement in History |
| 2026-05-29 | Than Ngo <than at redhat dot com> - 148.0.7778.215-1 | - Update to 148.0.7778.215 * CVE-2026-9872: Out of bounds write in GPU * CVE-2026-9873: Use after free in Network * CVE-2026-9874: Use after free in Dawn * CVE-2026-9875: Out of bounds read in WebGL * CVE-2026-9876: Use after free in WebGL * CVE-2026-9877: Use after free in ANGLE * CVE-2026-9878: Use after free in ANGLE * CVE-2026-9879: Out of bounds write in ANGLE * CVE-2026-9880: Insufficient validation of untrusted input in WebGL * CVE-2026-9881: Use after free in Bluetooth * CVE-2026-9882: Integer overflow in ANGLE * CVE-2026-9883: Use after free in Base * CVE-2026-9884: Use after free in Browser * CVE-2026-9885: Insufficient validation of untrusted input in UI * CVE-2026-9886: Use after free in Base * CVE-2026-9887: Use after free in Proxy * CVE-2026-9888: Use after free in WebView * CVE-2026-9889: Out of bounds read and write in Dawn * CVE-2026-9890: Use after free in XR * CVE-2026-9891: Use after free in Extensions * CVE-2026-9892: Inappropriate implementation in Skia * CVE-2026-9893: Use after free in Skia * CVE-2026-9894: Use after free in GPU * CVE-2026-9895: Out of bounds read in GPU * CVE-2026-9896: Out of bounds write in V8 * CVE-2026-9897: Use after free in DOM * CVE-2026-9898: Insufficient validation of untrusted input in GPU * CVE-2026-9899: Use after free in ANGLE * CVE-2026-9900: Out of bounds write in ANGLE * CVE-2026-9901: Use after free in ANGLE * CVE-2026-9902: Use after free in Accessibility * CVE-2026-9903: Insufficient validation of untrusted input in Site Isolation * CVE-2026-9904: Use after free in ANGLE * CVE-2026-9905: Use after free in Accessibility * CVE-2026-9906: Out of bounds write in GPU * CVE-2026-9907: Out of bounds read in Dawn * CVE-2026-9908: Out of bounds read in ANGLE * CVE-2026-9909: Integer overflow in Skia * CVE-2026-9910: Out of bounds memory access in ANGLE * CVE-2026-9911: Integer overflow in ANGLE * CVE-2026-9912: Inappropriate implementation in GPU * CVE-2026-9913: Inappropriate implementation in ANGLE * CVE-2026-9914: Insufficient validation of untrusted input in ANGLE * CVE-2026-9915: Heap buffer overflow in ANGLE * CVE-2026-9916: Out of bounds write in ANGLE * CVE-2026-9917: Uninitialized Use in WebGL * CVE-2026-9918: Inappropriate implementation in Tint * CVE-2026-9919: Out of bounds read in WebGL * CVE-2026-9920: Uninitialized Use in GPU * CVE-2026-9921: Uninitialized Use in WebGL * CVE-2026-9922: Use after free in GPU * CVE-2026-9923: Use after free in Skia * CVE-2026-9924: Heap buffer overflow in ANGLE * CVE-2026-9925: Use after free in ANGLE * CVE-2026-9926: Heap buffer overflow in ANGLE * CVE-2026-9927: Use after free in ANGLE * CVE-2026-9928: Out of bounds read in ANGLE * CVE-2026-9929: Inappropriate implementation in WebGL * CVE-2026-9930: Out of bounds write in Dawn * CVE-2026-9931: Use after free in GPU * CVE-2026-9932: Use after free in ANGLE * CVE-2026-9933: Use after free in Input * CVE-2026-9934: Use after free in Aura * CVE-2026-9935: Uninitialized Use in ANGLE * CVE-2026-9936: Use after free in GFX * CVE-2026-9937: Use after free in UI * CVE-2026-9938: Inappropriate implementation in V8 * CVE-2026-9939: Heap buffer overflow in WebCodecs * CVE-2026-9940: Heap buffer overflow in ANGLE * CVE-2026-9941: Use after free in ANGLE * CVE-2026-9942: Uninitialized Use in ANGLE * CVE-2026-9943: Out of bounds read in WebGL * CVE-2026-9944: Uninitialized Use in ANGLE * CVE-2026-9945: Use after free in Media * CVE-2026-9946: Use after free in ANGLE * CVE-2026-9947: Use after free in XML * CVE-2026-9948: Use after free in Views * CVE-2026-9949: Use after free in Core * CVE-2026-9950: Insufficient validation of untrusted input in iOS * CVE-2026-9951: Use after free in UI * CVE-2026-9952: Use after free in WebAudio * CVE-2026-9953: Out of bounds read in ANGLE * CVE-2026-9954: Use after free in TabStrip * CVE-2026-9955: Inappropriate implementation in iOS * CVE-2026-9956: Use after free in iOS * CVE-2026-9957: Use after free in PDF * CVE-2026-9958: Use after free in PDFium * CVE-2026-9959: Race in WebRTC * CVE-2026-9960: Integer overflow in PDFium * CVE-2026-9961: Use after free in SurfaceCapture * CVE-2026-9962: Use after free in WebRTC * CVE-2026-9963: Uninitialized Use in iOS * CVE-2026-9964: Use after free in Bluetooth * CVE-2026-9965: Out of bounds write in ANGLE * CVE-2026-9966: Integer overflow in XML * CVE-2026-9967: Out of bounds write in GPU * CVE-2026-9968: Integer overflow in V8 * CVE-2026-9969: Insufficient validation of untrusted input in ANGLE * CVE-2026-9970: Use after free in WebGL * CVE-2026-9971: Inappropriate implementation in iOS * CVE-2026-9972: Uninitialized Use in Gamepad * CVE-2026-9973: Out of bounds write in V8 * CVE-2026-9974: Out of bounds write in GPU * CVE-2026-9975: Out of bounds read and write in ANGLE * CVE-2026-9976: Inappropriate implementation in USB * CVE-2026-9977: Insufficient validation of untrusted input in WebShare * CVE-2026-9978: Use after free in Glic * CVE-2026-9979: Insufficient validation of untrusted input in Input * CVE-2026-9980: Insufficient validation of untrusted input in Printing * CVE-2026-9981: Inappropriate implementation in Skia * CVE-2026-9982: Insufficient validation of untrusted input in ANGLE * CVE-2026-9983: Type Confusion in Skia * CVE-2026-9984: Use after free in UI * CVE-2026-9985: Insufficient validation of untrusted input in Media * CVE-2026-9986: Insufficient validation of untrusted input in OptimizationGuide * CVE-2026-9987: Insufficient validation of untrusted input in WebAppInstalls * CVE-2026-9988: Use after free in WebRTC * CVE-2026-9989: Inappropriate implementation in Media * CVE-2026-9990: Use after free in WebAppInstalls * CVE-2026-9991: Inappropriate implementation in Media * CVE-2026-9992: Use after free in Network * CVE-2026-9993: Use after free in Views * CVE-2026-9994: Use after free in Core * CVE-2026-9995: Use after free in WebXR * CVE-2026-9996: Out of bounds read in WebRTC * CVE-2026-9997: Use after free in Input * CVE-2026-9998: Integer overflow in Skia * CVE-2026-9999: Inappropriate implementation in ANGLE * CVE-2026-10000: Use after free in Passwords * CVE-2026-10001: Use after free in PerformanceManager * CVE-2026-10002: Use after free in PDFium * CVE-2026-10003: Use after free in Views * CVE-2026-10004: Insufficient validation of untrusted input in Passwords * CVE-2026-10005: Use after free in WebAppInstalls * CVE-2026-10006: Race in WebAudio * CVE-2026-10007: Use after free in SVG * CVE-2026-10008: Uninitialized Use in GPU * CVE-2026-10009: Integer overflow in Skia * CVE-2026-10010: Inappropriate implementation in Input * CVE-2026-10011: Inappropriate implementation in Skia * CVE-2026-10012: Use after free in Skia * CVE-2026-10013: Use after free in WebCodecs * CVE-2026-10014: Use after free in WebMIDI * CVE-2026-10015: Integer overflow in WTF * CVE-2026-10016: Use after free in DOM * CVE-2026-10017: Out of bounds read in Headless * CVE-2026-10018: Integer overflow in ANGLE * CVE-2026-10019: Integer overflow in ANGLE * CVE-2026-10020: Insufficient validation of untrusted input in Skia * CVE-2026-10021: Insufficient validation of untrusted input in USB * CVE-2026-10022: Type Confusion in V8 |
| 2026-05-20 | Than Ngo <than at redhat dot com> - 148.0.7778.178-1 | - Update to 148.0.7778.178 * CVE-2026-9111: Use after free in WebRTC * CVE-2026-9110: Inappropriate implementation in UI * CVE-2026-9112: Use after free in GPU * CVE-2026-9113: Out of bounds read in GPU * CVE-2026-9114: Use after free in QUIC * CVE-2026-9115: Insufficient policy enforcement in Service Worker * CVE-2026-9116: Insufficient policy enforcement in ServiceWorker * CVE-2026-9117: Type Confusion in GFX * CVE-2026-9118: Use after free in XR * CVE-2026-9119: Heap buffer overflow in WebRTC * CVE-2026-9120: Use after free in WebRTC * CVE-2026-9126: Use after free in DOM * CVE-2026-9121: Out of bounds read in GPU * CVE-2026-9122: Out of bounds read in GPU * CVE-2026-9123: Heap buffer overflow in Chromecast * CVE-2026-9124: Insufficient validation of untrusted input in Input - Backport upstream patches to improve auto dark image inversion logic - Update default chromium browser config |
| 2026-05-15 | Than Ngo <than at redhat dot com> - 148.0.7778.167-1 | - Update to 148.0.7778.167 * CVE-2026-8509: Heap buffer overflow in WebML * CVE-2026-8510: Integer overflow in Skia * CVE-2026-8511: Use after free in UI * CVE-2026-8512: Use after free in FileSystem * CVE-2026-8513: Use after free in Input * CVE-2026-8514: Use after free in Aura * CVE-2026-8515: Use after free in HID * CVE-2026-8516: Insufficient validation of untrusted input in DataTransfer * CVE-2026-8517: Object lifecycle issue in WebShare * CVE-2026-8518: Use after free in Blink * CVE-2026-8519: Integer overflow in ANGLE * CVE-2026-8520: Race in Payments * CVE-2026-8521: Use after free in Tab Groups * CVE-2026-8522: Use after free in Downloads * CVE-2026-8523: Use after free in Mojo * CVE-2026-8558: Out of bounds write in Fonts * CVE-2026-8524: Out of bounds write in WebAudio * CVE-2026-8525: Heap buffer overflow in ANGLE * CVE-2026-8526: Out of bounds write in WebRTC * CVE-2026-8527: Insufficient validation of untrusted input in Downloads * CVE-2026-8528: Insufficient validation of untrusted input in SiteIsolation * CVE-2026-8529: Heap buffer overflow in Codecs * CVE-2026-8530: Use after free in Network * CVE-2026-8531: Heap buffer overflow in WebML * CVE-2026-8532: Integer overflow in XML * CVE-2026-8533: Use after free in Accessibility * CVE-2026-8534: Integer overflow in GPU * CVE-2026-8535: Out of bounds read in Media * CVE-2026-8536: Insufficient validation of untrusted input in ReadingMode * CVE-2026-8537: Insufficient policy enforcement in ViewTransitions * CVE-2026-8538: Insufficient validation of untrusted input in GPU * CVE-2026-8539: Script injection in SanitizerAPI * CVE-2026-8540: Type Confusion in V8 * CVE-2026-8541: Out of bounds read in UI * CVE-2026-8542: Use after free in Core * CVE-2026-8543: Out of bounds read in FileSystem * CVE-2026-8544: Use after free in Media * CVE-2026-8545: Object corruption in Compositing * CVE-2026-8546: Out of bounds read in GPU * CVE-2026-8547: Insufficient policy enforcement in Passwords * CVE-2026-8548: Out of bounds write in Media * CVE-2026-8549: Use after free in Media * CVE-2026-8550: Use after free in Google Lens * CVE-2026-8551: Use after free in Downloads * CVE-2026-8552: Heap buffer overflow in GPU * CVE-2026-8553: Use after free in GPU * CVE-2026-8554: Type Confusion in ANGLE * CVE-2026-8555: Use after free in GTK * CVE-2026-8556: Inappropriate implementation in ANGLE * CVE-2026-8557: Use after free in Accessibility * CVE-2026-8559: Integer overflow in Internationalization * CVE-2026-8560: Heap buffer overflow in SwiftShader * CVE-2026-8561: Incorrect security UI in Fullscreen * CVE-2026-8562: Side-channel information leakage in Navigation * CVE-2026-8563: Insufficient policy enforcement in IFrame Sandbox * CVE-2026-8564: Incorrect security UI in Downloads * CVE-2026-8565: Inappropriate implementation in Downloads * CVE-2026-8566: Insufficient policy enforcement in Payments * CVE-2026-8567: Integer overflow in ANGLE * CVE-2026-8568: Insufficient policy enforcement in AI * CVE-2026-8569: Out of bounds write in Codecs * CVE-2026-8570: Type Confusion in V8 * CVE-2026-8571: Insufficient policy enforcement in GPU * CVE-2026-8572: Insufficient policy enforcement in Network * CVE-2026-8573: Integer overflow in Codecs * CVE-2026-8574: Use after free in Core * CVE-2026-8575: Use after free in UI * CVE-2026-8576: Inappropriate implementation in CORS * CVE-2026-8577: Integer overflow in Fonts * CVE-2026-8578: Out of bounds read in GPU * CVE-2026-8579: Insufficient validation of untrusted input in Skia * CVE-2026-8580: Use after free in Mojo * CVE-2026-8581: Use after free in GPU * CVE-2026-8582: Object lifecycle issue in Dawn * CVE-2026-8583: Insufficient policy enforcement in WebXR * CVE-2026-8584: Inappropriate implementation in Views * CVE-2026-8585: Inappropriate implementation in Media * CVE-2026-8586: Inappropriate implementation in Chromoting * CVE-2026-8587: Use after free in Extensions |