The
Reassessment
Feed.

⌕

All — ↑ Upgraded — ↓ Downgraded — = Unchanged —

Sort

All reassessments—

showing 1–20 of 822

2026-06-05

CVE-2026-10942

Inappropriate implementation in UI in Google Chrome on Windows prior to 149.0.7827.53 allowed a local attacker to perform privilege escalati

High impact on paper, but this is a post-compromise Windows-only local privesc with no exploitation signal.

Race in Codecs in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to pote

Important chain component, not an entry bug: it needs prior renderer compromise and a reliable Windows codec race

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a

Drive-by reachable, but this is renderer-sandbox code exec, not a one-bug workstation takeover.

Inappropriate implementation in Input in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer pro

Stage-two Chrome chain bug: real boundary bypass, but only after the attacker already owns the renderer.

Inappropriate implementation in Passwords in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to bypass same origin policy via

Assessed at HIGH: full SOP bypass in a ubiquitous browser is dangerous, but it still needs a victim to load attacker content.

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a craf

Drive-by browser RCE gets attention, but sandbox-only impact keeps this out of emergency territory.

Type Confusion in V8 in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a craf

Real bug, real reach, but this is still a post-click renderer bug, not a one-shot enterprise-owning event.

Use after free in Autofill in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer pro

This is a useful second-stage Chrome chain component, not a fleet-wide fire drill by itself.

Use after free in Audio in Google Chrome on Windows prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer proces

This is a second-stage Chrome sandbox escape, not a clean unauth RCE. Patch it, but don't let the 8.3 score bully your queue.

Use after free in UI in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to potentially exploit heap corruption via

Real bug, real memory corruption, but it is still a user-driven Android browser exploit with no field evidence

Use after free in FileSystem in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform a sandbox escape via a

= ASSESSED AT HIGH: dangerous as a chainable sandbox escape, but not a standalone browser-to-host break

Out of bounds read in ANGLE in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker to perform an out of bounds memory read

CVE-2026-10930 = ASSESSED AT MEDIUM: remote webpage info leak on Mac Chrome, but no RCE, no KEV, no public PoC

Heap buffer overflow in ANGLE in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer

Dangerous as a chain element, but not a one-bug emergency: it already assumes renderer compromise.

Script injection in Headless in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code via a crafted HTML

Serious bug, narrow target set: this is mostly a headless-renderer problem, not a fleet-wide desktop fire.

Out of bounds read in Dawn in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to pot

High on paper, medium in practice: this only matters after the attacker already owns the renderer.

Use after free in Cast in Google Chrome prior to 149.0.7827.53 allowed an attacker on the local network segment to execute arbitrary code vi

Scary bug class, wrong threat model: this is a same-LAN Chrome bug, not an internet-grade fire drill.

Out of bounds write in Skia in Google Chrome on Mac prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer proces

High on paper, but this is a chain component: Mac-only and only useful after renderer compromise.

Integer overflow in Chromecast in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to

Important only as a chain component: this needs prior renderer compromise before it matters

Use after free in WebAppInstalls in Google Chrome on Android prior to 149.0.7827.53 allowed a local attacker to execute arbitrary code via a

Local attacker plus malicious file on Android Chrome is real risk, but it is not a fleet-wide fire drill

Insufficient validation of untrusted input in DevTools in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a use

ASSESSED AT MEDIUM: real bug, but the DevTools + user-gesture requirement slashes enterprise exploitability

? → = MEDIUM

EPSS 0.00

›

TheReassessmentFeed.

The
Reassessment
Feed.