Debian Chromium vulnerabilities

CVE-2026-4443 [HIGH] CVE-2026-4443: chromium - Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowe... Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.153-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.153-1) sid: resolved (fixed in 146.0.7680.153-

CVE-2026-3543 [HIGH] CVE-2026-3543: chromium - Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allo... Inappropriate implementation in V8 in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 145.0.7632.159-1~deb12u1) bullseye: open forky: resolved (fixed in 145.0.7632.159-1) sid: resolved (fixed in 145.0

CVE-2026-3915 [HIGH] CVE-2026-3915: chromium - Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a ... Heap buffer overflow in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.71-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.71-1) sid: resolved (fixed in 146.0.7680.71-1) trixie:

CVE-2026-3932 [HIGH] CVE-2026-3932: chromium - Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.... Insufficient policy enforcement in PDF in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 146.0.7680.71-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.71-1) sid: resolved (fixed in 146.0.76

CVE-2026-3936 [HIGH] CVE-2026-3936: chromium - Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 all... Use after free in WebView in Google Chrome on Android prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 146.0.7680.71-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.71-1) sid: resolved (fixed in 146.0.7680.71-1)

CVE-2026-3538 [HIGH] CVE-2026-3538: chromium - Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remo... Integer overflow in Skia in Google Chrome prior to 145.0.7632.159 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Critical) Scope: local bookworm: resolved (fixed in 145.0.7632.159-1~deb12u1) bullseye: open forky: resolved (fixed in 145.0.7632.159-1) sid: resolved (fixed in 145.0.7632.

CVE-2026-5277 [HIGH] CVE-2026-5277: chromium - Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 al... Integer overflow in ANGLE in Google Chrome on Windows prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.177-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.177

CVE-2026-4679 [HIGH] CVE-2026-4679: chromium - Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a rem... Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.164-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.164-1) sid: resolved (fixed in 146.0.7680.164-1) trixie

CVE-2026-3922 [HIGH] CVE-2026-3922: chromium - Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a ... Use after free in MediaStream in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.71-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.71-1) sid: resolved (fixed in 146.0.7680.71-1) trixie:

CVE-2026-5910 [HIGH] CVE-2026-5910: chromium - Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remo... Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low) Scope: local bookworm: open bullseye: open forky: open sid: resolved (fixed in 147.0.7727.55-1) trixie: open

CVE-2026-5281 [HIGH] CVE-2026-5281: chromium - Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote... Use after free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.177-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.177-1) sid: resolved (fixed in 1

CVE-2026-5280 [HIGH] CVE-2026-5280: chromium - Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a r... Use after free in WebCodecs in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.177-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.177-1) sid: resolved (fixed in 146.0.7680.177-1) tr

CVE-2026-5913 [HIGH] CVE-2026-5913: chromium - Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a re... Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Low) Scope: local bookworm: open bullseye: open forky: open sid: resolved (fixed in 147.0.7727.55-1) trixie: open

CVE-2026-1862 [HIGH] CVE-2026-1862: chromium - Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote a... Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 144.0.7559.109-2~deb12u1) bullseye: open forky: resolved (fixed in 144.0.7559.109-2) sid: resolved (fixed in 144.0.7559.109-2) trixie: resol

CVE-2026-5915 [HIGH] CVE-2026-5915: chromium - Insufficient validation of untrusted input in WebML in Google Chrome prior to 14... Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low) Scope: local bookworm: open bullseye: open forky: open sid: resolved (fixed in 147.0.7727.55-1) trixie: open

CVE-2026-3926 [HIGH] CVE-2026-3926: chromium - Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remot... Out of bounds read in V8 in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 146.0.7680.71-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.71-1) sid: resolved (fixed in 146.0.7680.71-1) trixie: res

CVE-2026-4450 [HIGH] CVE-2026-4450: chromium - Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a rem... Out of bounds write in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.153-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.153-1) sid: resolved (fixed in 146.0.7680.153-1) trixie:

CVE-2026-3920 [HIGH] CVE-2026-3920: chromium - Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 all... Out of bounds memory access in WebML in Google Chrome prior to 146.0.7680.71 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 146.0.7680.71-1~deb12u1) bullseye: open forky: resolved (fixed in 146.0.7680.71-1) sid: resolved (fixed in 146.0.7680.71-1) t

CVE-2026-2313 [HIGH] CVE-2026-2313: chromium - Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote a... Use after free in CSS in Google Chrome prior to 145.0.7632.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Scope: local bookworm: resolved (fixed in 145.0.7632.75-1~deb12u1) bullseye: open forky: resolved (fixed in 145.0.7632.45-1) sid: resolved (fixed in 145.0.7632.45-1) trixie: resolved

CVE-2026-2321 [HIGH] CVE-2026-2321: chromium - Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote... Use after free in Ozone in Google Chrome prior to 145.0.7632.45 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium) Scope: local bookworm: resolved (fixed in 145.0.7632.75-1~deb12u1) bullseye: open forky: resolved (fixed in 145.0.7632.45-1