CVE-2026-7342: Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a…

CVE-2026-7342 [HIGH] CWE-416 GHSA-m7vp-4954-h94v: Use after free in WebView in Google Chrome on Android prior to 147 Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVE-2026-7342 [HIGH] CWE-825 chromium-browser: Use after free in WebView chromium-browser: Use after free in WebView An use after free flaw was found in the WebView component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=503889643 Statement: Red Hat Product Security rates the severity of this flaw as determined by the Google Chrome Security Advisory.

CVE-2026-7338 [HIGH] Stable Channel Update for Desktop: CVE-2026-7338 Stable Channel Update for Desktop CVE-2026-7338: Use after free in Cast. Reported by Krace on 2026-04-14 [TBD][ 503889643 ] High CVE-2026-7342: Use after free in WebView Reported by Google on 2026-04-17 [TBD][ 504586599 ] High CVE-2026-7341: Use after free in WebRTC Severity: high

CVE-2026-7333 [CRITICAL] CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339 CVE-2026-7340 CVE-2026-7341 CVE-2026-7342 CVE-2026-7343 CVE-2026-7344 CVE-2026-7345 CVE-2026-7346 CVE- CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339 CVE-2026-7340 CVE-2026-7341 CVE-2026-7342 CVE-2026-7343 CVE-2026-7344 CVE-2026-7345 CVE-2026-7346 CVE-2026-7347 ... chromium: various flaws [epel-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-7333 [CRITICAL] CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339 CVE-2026-7340 CVE-2026-7341 CVE-2026-7342 CVE-2026-7343 CVE-2026-7344 CVE-2026-7345 CVE-2026-7346 CVE- CVE-2026-7333 CVE-2026-7334 CVE-2026-7335 CVE-2026-7336 CVE-2026-7337 CVE-2026-7338 CVE-2026-7339 CVE-2026-7340 CVE-2026-7341 CVE-2026-7342 CVE-2026-7343 CVE-2026-7344 CVE-2026-7345 CVE-2026-7346 CVE-2026-7347 ... chromium: various flaws [fedora-all] Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

CVE-2026-7342 [HIGH] CVE-2026-7342 chromium-browser: Use after free in WebView CVE-2026-7342 chromium-browser: Use after free in WebView Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVE-2026-3608 [HIGH] CVE-2026-3608 Kea: Kea: Denial of Service via maliciously crafted message CVE-2026-3608 Kea: Kea: Denial of Service via maliciously crafted message Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2. Discussion: This issue has been addressed in the following products: Red Hat Enterprise Linux 10 Via RHSA-2026:7342 https://access.redhat.com/errata/RHSA-2026:7342