CVE-2026-6308: Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to…

CVE-2026-6308 Stable Channel Update for ChromeOS / ChromeOS Flex: CVE-2026-6308 Stable Channel Update for ChromeOS / ChromeOS Flex CVE-2026-6308

CVE-2026-6306 [HIGH] Stable Channel Update for Desktop: CVE-2026-6306 Stable Channel Update for Desktop CVE-2026-6306: Heap buffer overflow in PDFium. Reported by 86ac1f1587b71893ed2ad792cd7dde32 on 2026-03-27 [TBD][ 497404188 ] High CVE-2026-6307: Type Confusion in Turbofan Reported by Project WhatForLunch (@pjwhatforlunch) on 2026-03-29 [N/A][ 497412658 ] High CVE-2026-6308: Out of bounds read in Media Severity: high

CVE-2026-6308 [HIGH] CWE-125 chromium-browser: Out of bounds read in Media chromium-browser: Out of bounds read in Media An out of bounds read flaw was found in the Media component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=497412658 Statement: Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

CVE-2026-6308 [LOW] Google Chrome up to 147.0.7727.55 Media out-of-bounds (ID 497412) A vulnerability classified as problematic was found in Google Chrome. This impacts an unknown function of the component Media. Executing a manipulation can lead to out-of-bounds read. The identification of this vulnerability is CVE-2026-6308. The attack may be launched remotely. There is no exploit available. Upgrading the affected component is advised.

CVE-2026-6308 CWE-125 GHSA-q6m3-mcr7-qwwq: Out of bounds read in Media in Google Chrome prior to 147 Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVE-2026-6299 [HIGH] CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE- CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE-2026-6363 ... chromium: various flaws [fedora-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-6299 [HIGH] CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE- CVE-2026-6299 CVE-2026-6303 CVE-2026-6304 CVE-2026-6308 CVE-2026-6309 CVE-2026-6310 CVE-2026-6311 CVE-2026-6312 CVE-2026-6313 CVE-2026-6314 CVE-2026-6315 CVE-2026-6316 CVE-2026-6317 CVE-2026-6361 CVE-2026-6363 ... chromium: various flaws [epel-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-6308 [CRITICAL] CVE-2026-6308 Google Chrome: Chromium: Google Chrome: Arbitrary code execution via out-of-bounds read in Media component CVE-2026-6308 Google Chrome: Chromium: Google Chrome: Arbitrary code execution via out-of-bounds read in Media component Out of bounds read in Media in Google Chrome prior to 147.0.7727.101 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)