cbcvebase.
CVE-2026-9960
published 2026-05-28

CVE-2026-9960: Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary…

high7.5CVSS 3.1
AVNACHPRNUIRSUCHIHAH
Integer overflow in PDFium in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted font file. (Chromium security severity: High)

Affected

4 ranges
VendorProductVersion rangeFixed in
googlechrome< 148.0.7778.216148.0.7778.216
googlechrome< 148.0.7778.215148.0.7778.215
googlechrome>= 148.0.7778.216 < 148.0.7778.216148.0.7778.216
googlechrome_desktop