Shodan
Vulnerabilities
Vulnerable Software
Google:  >> Chrome  >> 10.0.648.105  Security Vulnerabilities
CVE-2026-8005
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to bypass same origin policy via malicious network traffic. (Chromium security severity: Low)
CVSS Score
4.3
EPSS Score
0.0
Published
2026-05-06
CVE-2026-8006
Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
CVSS Score
5.4
EPSS Score
0.0
Published
2026-05-06
CVE-2026-8007
Insufficient validation of untrusted input in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform privilege escalation via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
7.5
EPSS Score
0.001
Published
2026-05-06
CVE-2026-8008
Inappropriate implementation in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to perform UI spoofing via a crafted Chrome Extension. (Chromium security severity: Low)
CVSS Score
5.4
EPSS Score
0.0
Published
2026-05-06
CVE-2026-8009
Inappropriate implementation in Cast in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
5.0
EPSS Score
0.0
Published
2026-05-06
CVE-2026-8010
Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security severity: Low)
CVSS Score
6.3
EPSS Score
0.0
Published
2026-05-06
CVE-2026-7992
Insufficient validation of untrusted input in UI in Google Chrome on Linux, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
8.8
EPSS Score
0.001
Published
2026-05-06
CVE-2026-7993
Insufficient validation of untrusted input in Payments in Google Chrome on Android prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
4.2
EPSS Score
0.001
Published
2026-05-06
CVE-2026-7994
Inappropriate implementation in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: Medium)
CVSS Score
7.8
EPSS Score
0.0
Published
2026-05-06
CVE-2026-7995
Out of bounds read in AdFilter in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVSS Score
8.8
EPSS Score
0.001
Published
2026-05-06


Products
Pricing
Contact Us

Shodan ® - All rights reserved