Kaspersky ID:
KLA91118
Bulunma tarihi:
06/23/2026
Yüklendi:
06/26/2026

Açıklama

Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, obtain sensitive information, cause denial of service.

Below is a complete list of vulnerabilities:

  1. Race vulnerability in DevTools can be exploited remotely to bypass security restrictions by performing a sandbox escape.
  2. Insufficient validation of untrusted input vulnerability in Navigation can be exploited remotely to bypass site isolation.
  3. Out of bounds read and write vulnerability in Blink InterestGroups can be exploited remotely to execute arbitrary code.
  4. Uninitialized use vulnerability in GPU can be exploited remotely to obtain potentially sensitive information from process memory
  5. Use after free vulnerability in WebGL on Android can be exploited remotely to bypass security restrictions by performing a sandbox escape.
  6. Use after free vulnerability in FileSystem can be exploited remotely to cause denial of service or execute arbitrary code.
  7. Use after free vulnerability in Bluetooth on Mac can be exploited remotely to execute arbitrary code via a malicious peripheral.
  8. Use after free vulnerability in Web Authentication can be exploited via a crafted Chrome Extension to cause denial of service or execute arbitrary code.
  9. Inappropriate implementation vulnerability in Passwords can be exploited remotely to bypass site isolation.
  10. Inappropriate implementation vulnerability in DeviceBoundSessionCredentials can be exploited remotely to bypass same origin policy.
  11. Use after free vulnerability in WebView on Android can be exploited locally to execute arbitrary code inside a sandbox.
  12. Use after free vulnerability in Blink can be exploited remotely to execute arbitrary code inside a sandbox.
  13. Use after free vulnerability in Autofill on Windows can be exploited remotely to execute arbitrary code.
  14. Use after free vulnerability in Digital Credentials on Mac can be exploited remotely to cause denial of service or execute arbitrary code.
  15. Inappropriate implementation vulnerability in Autofill can be exploited remotely to obtain cross-origin data.
  16. Uninitialized use vulnerability in GPU on Android can be exploited remotely to obtain potentially sensitive information from process memory.

Orijinal öneriler

Kötüye kullanma

Public exploits exist for this vulnerability.

İlgili ürünler

CVE Listesi

  • CVE-2026-13021
    warning
  • CVE-2026-13022
    high
  • CVE-2026-13023
    high
  • CVE-2026-13024
    warning
  • CVE-2026-13025
    critical
  • CVE-2026-13026
    critical
  • CVE-2026-13027
    critical
  • CVE-2026-13028
    critical
  • CVE-2026-13029
    critical
  • CVE-2026-13030
    high
  • CVE-2026-13031
    critical
  • CVE-2026-13032
    critical
  • CVE-2026-13033
    critical
  • CVE-2026-13034
    warning
  • CVE-2026-13035
    critical
  • CVE-2026-13036
    critical
  • CVE-2026-13037
    critical
  • CVE-2026-13038
    critical

Daha fazlasını okuyun

Bölgenizde yayılan güvenlik açıklarının istatistiklerini öğrenin statistics.securelist.com

Bu güvenlik açığının açıklamasında bir tutarsızlık mı tespit ettiniz? Bize bildirin!
Kaspersky IT Security Calculator
Daha fazla bilgi edin
Yeni Kaspersky!
Dijital hayatınız güçlü korumayı hak ediyor!
Daha fazla bilgi edin
Do you want to save your changes?
Your message has been sent successfully.