CVE-2026-9887

Опубликовано: 28 мая 2026

Источник: debian

Описание

Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
chromium	fixed	148.0.7778.215-1		package
chromium	end-of-life		bullseye	package

Связанные уязвимости

CVE-2026-9887

CVSS3: 9.8

redhat

около 1 месяца назад

Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)

CVE-2026-9887

CVSS3: 8.8

nvd

29 дней назад

Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)

CVE-2026-9887

msrc

28 дней назад

Chromium: CVE-2026-9887 Use after free in Proxy

GHSA-3pm9-x6w9-wfc3

CVSS3: 7.8

github

29 дней назад

Use after free in Proxy in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code via a crafted PAC script. (Chromium security severity: Critical)

openSUSE-SU-2026:20849-1

suse-cvrf

27 дней назад

Security update for chromium