Vulnerability-Lookup

CVE-2026-5890 (GCVE-0-2026-5890)

Vulnerability from cvelistv5 – Published: 2026-04-08 21:20 – Updated: 2026-04-09 20:12

Summary

Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)

Severity ?

No CVSS data available.

CWE

CWE-362 - Race

Assigner

Chrome

References

URL

Tags

	https://chromereleases.googleblog.com/2026/04/sta…
	https://issues.chromium.org/issues/487259772

Impacted products

	Vendor	Product	Version
	Google	Chrome	Affected: 147.0.7727.55 , < 147.0.7727.55 (custom)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-5890",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-09T18:35:55.934601Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-09T20:12:08.390Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Chrome",
          "vendor": "Google",
          "versions": [
            {
              "lessThan": "147.0.7727.55",
              "status": "affected",
              "version": "147.0.7727.55",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "Race",
              "lang": "en"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T21:20:53.327Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"
        },
        {
          "url": "https://issues.chromium.org/issues/487259772"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2026-5890",
    "datePublished": "2026-04-08T21:20:53.327Z",
    "dateReserved": "2026-04-08T19:34:40.168Z",
    "dateUpdated": "2026-04-09T20:12:08.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-5890",
      "date": "2026-05-07",
      "epss": "0.00027",
      "percentile": "0.07793"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-5890\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2026-04-08T22:16:28.873\",\"lastModified\":\"2026-04-16T16:35:55.980\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"chrome-cve-admin@google.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"147.0.7727.55\",\"matchCriteriaId\":\"9A68673A-1331-48AF-8860-53064F0AF310\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://issues.chromium.org/issues/487259772\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]}]}}"
  }
}

GHSA-2FW9-CXCH-QX5H

Vulnerability from github – Published: 2026-04-09 00:32 – Updated: 2026-04-16 18:31

Details

Severity ?

5.3 (Medium)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-5890"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T22:16:28Z",
    "severity": "MODERATE"
  },
  "details": "Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)",
  "id": "GHSA-2fw9-cxch-qx5h",
  "modified": "2026-04-16T18:31:21Z",
  "published": "2026-04-09T00:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5890"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/487259772"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

CERTFR-2026-AVI-0427

Vulnerability from certfr_avis - Published: 2026-04-13 - Updated: 2026-04-13

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Edge pour Android versions antérieures à 147.0.3912.60
	Microsoft	N/A	Microsoft Edge versions antérieures à 147.0.3912.60

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Edge CVE-2026-5879	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5884	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5889	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5909	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5860	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5867	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5880	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5895	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5911	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5859	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5904	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5914	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5873	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5896	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5893	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5888	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5900	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5882	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5881	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5885	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5918	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5877	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5897	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5905	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5865	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5864	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5891	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5868	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5890	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5902	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5861	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5872	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5898	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5875	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5899	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5876	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-33119	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5869	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5878	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5871	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5892	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5874	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5887	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5886	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5862	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5907	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5858	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5901	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5915	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5883	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-33118	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5903	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5913	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5894	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5919	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5908	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5866	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5906	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5863	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5870	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5912	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5910	2026-04-10	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge pour Android versions ant\u00e9rieures \u00e0 147.0.3912.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 147.0.3912.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-5879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5879"
    },
    {
      "name": "CVE-2026-5872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5872"
    },
    {
      "name": "CVE-2026-5905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5905"
    },
    {
      "name": "CVE-2026-5902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5902"
    },
    {
      "name": "CVE-2026-5875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5875"
    },
    {
      "name": "CVE-2026-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5914"
    },
    {
      "name": "CVE-2026-5898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5898"
    },
    {
      "name": "CVE-2026-5878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5878"
    },
    {
      "name": "CVE-2026-5899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5899"
    },
    {
      "name": "CVE-2026-5886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5886"
    },
    {
      "name": "CVE-2026-5877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5877"
    },
    {
      "name": "CVE-2026-5918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5918"
    },
    {
      "name": "CVE-2026-5913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5913"
    },
    {
      "name": "CVE-2026-5867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5867"
    },
    {
      "name": "CVE-2026-5897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5897"
    },
    {
      "name": "CVE-2026-5876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5876"
    },
    {
      "name": "CVE-2026-5881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5881"
    },
    {
      "name": "CVE-2026-5880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5880"
    },
    {
      "name": "CVE-2026-5896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5896"
    },
    {
      "name": "CVE-2026-5868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5868"
    },
    {
      "name": "CVE-2026-5903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5903"
    },
    {
      "name": "CVE-2026-5882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5882"
    },
    {
      "name": "CVE-2026-5904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5904"
    },
    {
      "name": "CVE-2026-5911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5911"
    },
    {
      "name": "CVE-2026-5871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5871"
    },
    {
      "name": "CVE-2026-5883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5883"
    },
    {
      "name": "CVE-2026-5909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5909"
    },
    {
      "name": "CVE-2026-5895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5895"
    },
    {
      "name": "CVE-2026-5912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5912"
    },
    {
      "name": "CVE-2026-5894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5894"
    },
    {
      "name": "CVE-2026-33118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33118"
    },
    {
      "name": "CVE-2026-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5863"
    },
    {
      "name": "CVE-2026-5893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5893"
    },
    {
      "name": "CVE-2026-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5858"
    },
    {
      "name": "CVE-2026-5908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5908"
    },
    {
      "name": "CVE-2026-5869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5869"
    },
    {
      "name": "CVE-2026-5885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5885"
    },
    {
      "name": "CVE-2026-5864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5864"
    },
    {
      "name": "CVE-2026-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5861"
    },
    {
      "name": "CVE-2026-5874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5874"
    },
    {
      "name": "CVE-2026-5919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5919"
    },
    {
      "name": "CVE-2026-5906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5906"
    },
    {
      "name": "CVE-2026-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5889"
    },
    {
      "name": "CVE-2026-5887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5887"
    },
    {
      "name": "CVE-2026-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5860"
    },
    {
      "name": "CVE-2026-5900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5900"
    },
    {
      "name": "CVE-2026-5888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5888"
    },
    {
      "name": "CVE-2026-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5870"
    },
    {
      "name": "CVE-2026-5884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5884"
    },
    {
      "name": "CVE-2026-5891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5891"
    },
    {
      "name": "CVE-2026-5866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5866"
    },
    {
      "name": "CVE-2026-5865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5865"
    },
    {
      "name": "CVE-2026-5907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5907"
    },
    {
      "name": "CVE-2026-33119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33119"
    },
    {
      "name": "CVE-2026-5892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5892"
    },
    {
      "name": "CVE-2026-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5859"
    },
    {
      "name": "CVE-2026-5910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5910"
    },
    {
      "name": "CVE-2026-5915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5915"
    },
    {
      "name": "CVE-2026-5873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5873"
    },
    {
      "name": "CVE-2026-5890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5890"
    },
    {
      "name": "CVE-2026-5862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5862"
    },
    {
      "name": "CVE-2026-5901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5901"
    }
  ],
  "initial_release_date": "2026-04-13T00:00:00",
  "last_revision_date": "2026-04-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0427",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5879",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5879"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5884",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5884"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5889",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5889"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5909",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5909"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5860",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5860"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5867",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5867"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5880",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5880"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5895",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5895"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5911",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5911"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5859",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5859"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5904",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5904"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5914",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5914"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5873",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5873"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5896",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5896"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5893",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5893"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5888",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5888"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5900",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5900"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5882",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5882"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5881",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5881"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5885",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5885"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5918",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5918"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5877",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5877"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5897",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5897"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5905",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5905"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5865",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5865"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5864",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5864"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5891",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5891"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5868",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5868"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5890",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5890"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5902",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5902"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5861",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5861"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5872",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5872"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5898",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5898"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5875",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5875"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5899",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5899"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5876",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5876"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-33119",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33119"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5869",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5869"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5878",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5878"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5871",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5871"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5892",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5892"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5874",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5874"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5887",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5887"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5886",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5886"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5862",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5862"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5907",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5907"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5858",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5858"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5901",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5901"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5915",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5915"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5883",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5883"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-33118",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33118"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5903",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5903"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5913",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5913"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5894",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5894"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5919",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5919"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5908",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5908"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5866",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5866"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5906",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5906"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5863",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5863"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5870",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5870"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5912",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5912"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5910",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5910"
    }
  ]
}

CERTFR-2026-AVI-0407

Vulnerability from certfr_avis - Published: 2026-04-09 - Updated: 2026-04-09

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome versions antérieures à 147.0.7727.55/56 pour Windows et Mac
	Google	Chrome	Chrome versions antérieures à 147.0.7727.55 pour Linux

References

Title

Publication Time

Tags

Bulletin de sécurité Google Chrome

2026-04-07

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 147.0.7727.55/56 pour Windows et Mac",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    },
    {
      "description": "Chrome versions ant\u00e9rieures \u00e0 147.0.7727.55 pour Linux",
      "product": {
        "name": "Chrome",
        "vendor": {
          "name": "Google",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": "",
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-5879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5879"
    },
    {
      "name": "CVE-2026-5872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5872"
    },
    {
      "name": "CVE-2026-5905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5905"
    },
    {
      "name": "CVE-2026-5902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5902"
    },
    {
      "name": "CVE-2026-5875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5875"
    },
    {
      "name": "CVE-2026-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5914"
    },
    {
      "name": "CVE-2026-5898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5898"
    },
    {
      "name": "CVE-2026-5878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5878"
    },
    {
      "name": "CVE-2026-5899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5899"
    },
    {
      "name": "CVE-2026-5886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5886"
    },
    {
      "name": "CVE-2026-5877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5877"
    },
    {
      "name": "CVE-2026-5918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5918"
    },
    {
      "name": "CVE-2026-5913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5913"
    },
    {
      "name": "CVE-2026-5867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5867"
    },
    {
      "name": "CVE-2026-5897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5897"
    },
    {
      "name": "CVE-2026-5876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5876"
    },
    {
      "name": "CVE-2026-5881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5881"
    },
    {
      "name": "CVE-2026-5880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5880"
    },
    {
      "name": "CVE-2026-5896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5896"
    },
    {
      "name": "CVE-2026-5868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5868"
    },
    {
      "name": "CVE-2026-5903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5903"
    },
    {
      "name": "CVE-2026-5882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5882"
    },
    {
      "name": "CVE-2026-5904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5904"
    },
    {
      "name": "CVE-2026-5911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5911"
    },
    {
      "name": "CVE-2026-5871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5871"
    },
    {
      "name": "CVE-2026-5883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5883"
    },
    {
      "name": "CVE-2026-5909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5909"
    },
    {
      "name": "CVE-2026-5895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5895"
    },
    {
      "name": "CVE-2026-5912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5912"
    },
    {
      "name": "CVE-2026-5894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5894"
    },
    {
      "name": "CVE-2026-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5863"
    },
    {
      "name": "CVE-2026-5893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5893"
    },
    {
      "name": "CVE-2026-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5858"
    },
    {
      "name": "CVE-2026-5908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5908"
    },
    {
      "name": "CVE-2026-5869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5869"
    },
    {
      "name": "CVE-2026-5885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5885"
    },
    {
      "name": "CVE-2026-5864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5864"
    },
    {
      "name": "CVE-2026-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5861"
    },
    {
      "name": "CVE-2026-5874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5874"
    },
    {
      "name": "CVE-2026-5919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5919"
    },
    {
      "name": "CVE-2026-5906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5906"
    },
    {
      "name": "CVE-2026-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5889"
    },
    {
      "name": "CVE-2026-5887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5887"
    },
    {
      "name": "CVE-2026-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5860"
    },
    {
      "name": "CVE-2026-5900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5900"
    },
    {
      "name": "CVE-2026-5888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5888"
    },
    {
      "name": "CVE-2026-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5870"
    },
    {
      "name": "CVE-2026-5884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5884"
    },
    {
      "name": "CVE-2026-5891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5891"
    },
    {
      "name": "CVE-2026-5866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5866"
    },
    {
      "name": "CVE-2026-5865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5865"
    },
    {
      "name": "CVE-2026-5907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5907"
    },
    {
      "name": "CVE-2026-5892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5892"
    },
    {
      "name": "CVE-2026-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5859"
    },
    {
      "name": "CVE-2026-5910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5910"
    },
    {
      "name": "CVE-2026-5915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5915"
    },
    {
      "name": "CVE-2026-5873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5873"
    },
    {
      "name": "CVE-2026-5890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5890"
    },
    {
      "name": "CVE-2026-5862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5862"
    },
    {
      "name": "CVE-2026-5901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5901"
    }
  ],
  "initial_release_date": "2026-04-09T00:00:00",
  "last_revision_date": "2026-04-09T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0407",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-09T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Google Chrome. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Google Chrome",
  "vendor_advisories": [
    {
      "published_at": "2026-04-07",
      "title": "Bulletin de s\u00e9curit\u00e9 Google Chrome",
      "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"
    }
  ]
}

FKIE_CVE-2026-5890

Vulnerability from fkie_nvd - Published: 2026-04-08 22:16 - Updated: 2026-04-16 16:35

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Summary

References

	URL	Tags
	chrome-cve-admin@google.com	https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html	Release Notes, Vendor Advisory
	chrome-cve-admin@google.com	https://issues.chromium.org/issues/487259772	Issue Tracking, Permissions Required

Impacted products

Vendor	Product	Version
google	chrome	*
apple	macos	-
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A68673A-1331-48AF-8860-53064F0AF310",
              "versionEndExcluding": "147.0.7727.55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: Medium)"
    }
  ],
  "id": "CVE-2026-5890",
  "lastModified": "2026-04-16T16:35:55.980",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2026-04-08T22:16:28.873",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Issue Tracking",
        "Permissions Required"
      ],
      "url": "https://issues.chromium.org/issues/487259772"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-362"
        }
      ],
      "source": "chrome-cve-admin@google.com",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-5890 (GCVE-0-2026-5890)

GHSA-2FW9-CXCH-QX5H

CERTFR-2026-AVI-0427

Solutions

CERTFR-2026-AVI-0407

Solutions

FKIE_CVE-2026-5890

Tags

Sightings

Nomenclature