Vulnerabilities (CVE)

Filtered by vendor Google Subscribe
Filtered by product Chrome Os
Total 508 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2026-11669 1 Google 2 Chrome, Chrome Os 2026-06-17 N/A 5.3 MEDIUM
Out of bounds read in Media in Google Chrome on ChromeOS prior to 149.0.7827.103 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High)
CVE-2026-11668 2 Google, Linux 3 Chrome, Chrome Os, Linux Kernel 2026-06-17 N/A 4.3 MEDIUM
Uninitialized Use in Codecs in Google Chrome on Linux, ChromeOS prior to 149.0.7827.103 allowed a remote attacker to leak cross-origin data via a crafted video file. (Chromium security severity: High)
CVE-2026-11028 2 Google, Linux 3 Chrome, Chrome Os, Linux Kernel 2026-06-17 N/A 8.8 HIGH
Use after free in Media in Google Chrome on Linux and ChromeOS prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-6179 1 Google 1 Chrome Os 2026-06-17 N/A 9.8 CRITICAL
Permissions Bypass in Extension Management in Google ChromeOS 16181.27.0 on managed Chrome devices allows a local attacker to disable extensions and access Developer Mode, including loading additional extensions via exploiting vulnerabilities using the ExtHang3r and ExtPrint3r tools.
CVE-2025-6177 1 Google 1 Chrome Os 2026-06-17 N/A 7.4 HIGH
Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and potentially others) on enrolled devices allows a local attacker to gain root code execution via exploiting a debug shell (VT3 console) accessible through specific key combinations during developer mode entry and MiniOS access, even when developer mode is blocked by device policy or Firmware Write Protect (FWMP).
CVE-2025-6044 1 Google 1 Chrome Os 2026-06-17 N/A 6.1 MEDIUM
An Improper Access Control vulnerability in the Stylus Tools component of Google ChromeOS version 16238.64.0 on the garaged stylus devices allows a physical attacker to bypass the lock screen and access user files by removing the stylus while the device is closed and using the screen capture feature.
CVE-2025-2509 1 Google 1 Chrome Os 2026-06-17 N/A 7.8 HIGH
Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description.
CVE-2025-2073 2 Google, Linux 2 Chrome Os, Linux Kernel 2026-06-17 N/A 8.8 HIGH
Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure
CVE-2025-1704 1 Google 1 Chrome Os 2026-06-17 N/A 6.5 MEDIUM
ComponentInstaller Modification in ComponentInstaller in Google ChromeOS 15823.23.0 on Chromebooks allows enrolled users with local access to unenroll devices and intercept device management requests via loading components from the unencrypted stateful partition.
CVE-2025-1568 1 Google 1 Chrome Os 2026-06-17 N/A 8.8 HIGH
Access Control Vulnerability in Gerrit chromiumos project configuration in Google ChromeOS 16063.87.0 allows an attacker with a registered Gerrit account to inject malicious code into ChromeOS projects and potentially achieve Remote Code Execution and Denial of Service via editing trusted pipelines by insufficient access controls and misconfigurations in Gerrit's project.config.
CVE-2025-1566 1 Google 1 Chrome Os 2026-06-17 N/A 7.5 HIGH
DNS Leak in Native System VPN in Google ChromeOS Dev Channel on ChromeOS 16002.23.0 allows network observers to expose plaintext DNS queries via failure to properly tunnel DNS traffic during VPN state transitions.
CVE-2025-1292 1 Google 2 Chrome, Chrome Os 2026-06-17 N/A 6.7 MEDIUM
Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 122.0.6261.132 stable on Cr50 Boards allows an attacker with root access to gain persistence and bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.
CVE-2025-1290 2 Google, Linux 2 Chrome Os, Linux Kernel 2026-06-17 N/A 8.1 HIGH
A race condition Use-After-Free vulnerability exists in the virtio_transport_space_update function within the Kernel 5.4 on ChromeOS. Concurrent allocation and freeing of the virtio_vsock_sock structure during an AF_VSOCK connect syscall can occur before a worker thread accesses it resulting in a dangling pointer and potential kernel code execution.
CVE-2025-1122 1 Google 2 Chrome, Chrome Os 2026-06-17 N/A 6.7 MEDIUM
Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process.
CVE-2025-1121 1 Google 1 Chrome Os 2026-06-17 N/A 6.8 MEDIUM
Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image.
CVE-2025-12438 2 Google, Linux 3 Chrome, Chrome Os, Linux Kernel 2026-06-17 N/A 8.8 HIGH
Use after free in Ozone in Google Chrome on Linux and ChromeOS prior to 142.0.7444.59 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-10201 2 Google, Linux 4 Android, Chrome, Chrome Os and 1 more 2026-06-17 N/A 8.8 HIGH
Inappropriate implementation in Mojo in Google Chrome on Android, Linux, ChromeOS prior to 140.0.7339.127 allowed a remote attacker to bypass site isolation via a crafted HTML page. (Chromium security severity: High)
CVE-2023-52160 6 Debian, Fedoraproject, Google and 3 more 7 Debian Linux, Fedora, Android and 4 more 2026-06-17 N/A 6.5 MEDIUM
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks.
CVE-2023-4369 1 Google 2 Chrome, Chrome Os 2026-06-17 N/A 8.8 HIGH
Insufficient data validation in Systems Extensions in Google Chrome on ChromeOS prior to 116.0.5845.120 allowed an attacker who convinced a user to install a malicious extension to bypass file restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-3742 1 Google 2 Chrome, Chrome Os 2026-06-17 N/A 6.8 MEDIUM
Insufficient policy enforcement in ADB in Google Chrome on ChromeOS prior to 114.0.5735.90 allowed a local attacker to bypass device policy restrictions via physical access to the device. (Chromium security severity: High)