Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5a2ef80e by security tracker role at 2026-07-06T19:13:56+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,197 @@
+CVE-2026-9182 (ArcGIS Server contains an unrestricted file upload
vulnerability. An u ...)
+ TODO: check
+CVE-2026-9181 (ArcGIS Server contains a directory traversal vulnerability. An
unauth ...)
+ TODO: check
+CVE-2026-9165 (A flaw was found in Red Hat Advanced Cluster Security for
Kubernetes ( ...)
+ TODO: check
+CVE-2026-7185 (A validation vulnerability has been identified in certain web
features ...)
+ TODO: check
+CVE-2026-6901 (Untrusted Search Path vulnerability in B&R Industrial
Automation GmbH ...)
+ TODO: check
+CVE-2026-6900 (Improper certificate validation vulnerability in B&R Industrial
Automa ...)
+ TODO: check
+CVE-2026-6382 (The FileOrganizer WordPress plugin before 1.1.9, Advanced File
Manage ...)
+ TODO: check
+CVE-2026-5268 (An authentication bypass vulnerability exists in the default
SFTP serv ...)
+ TODO: check
+CVE-2026-59196 (pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a
crafted lock ...)
+ TODO: check
+CVE-2026-59195 (pnpm is a package manager. Prior to 10.34.4 and 11.8.0, pnpm
accepts p ...)
+ TODO: check
+CVE-2026-59194 (pnpm is a package manager. Prior to 10.34.4 and 11.7.0, a
crafted patc ...)
+ TODO: check
+CVE-2026-59152 (LangSmith Client SDKs provide SDK's for interacting with the
LangSmith ...)
+ TODO: check
+CVE-2026-58380 (A flaw was found in GIMP's PNM file format parser. When
parsing a spec ...)
+ TODO: check
+CVE-2026-58226 (Inefficient Algorithmic Complexity vulnerability in
elixir-mint hpax a ...)
+ TODO: check
+CVE-2026-58203 (pydantic-settings provides settings management using Pydantic.
From 2. ...)
+ TODO: check
+CVE-2026-56810 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
+ TODO: check
+CVE-2026-56140 (Improper Input Validation vulnerability in Apache Camel AWS
SNS compon ...)
+ TODO: check
+CVE-2026-56139 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
+ TODO: check
+CVE-2026-55994 (Improper Input Validation, Exposure of Sensitive Information
to an Una ...)
+ TODO: check
+CVE-2026-55993 (Improper Input Validation, Exposure of Sensitive Information
to an Una ...)
+ TODO: check
+CVE-2026-55798 (Pillow is a Python imaging library. Prior to 12.3.0,
WindowsViewer.get ...)
+ TODO: check
+CVE-2026-55380 (Pillow is a Python imaging library. Prior to 12.3.0,
PIL/GdImageFile.p ...)
+ TODO: check
+CVE-2026-55379 (Pillow is a Python imaging library. Prior to 12.3.0,
PIL/BdfFontFile.p ...)
+ TODO: check
+CVE-2026-54893 (URL path injection in the Microsoft Graph adapter of Swoosh.
Swoosh.Ad ...)
+ TODO: check
+CVE-2026-54291 (pgjdbc is an open source postgresql JDBC Driver. In releases
42.7.4 th ...)
+ TODO: check
+CVE-2026-54060 (Pillow is a Python imaging library. Prior to 12.3.0,
PIL/FontFile.py F ...)
+ TODO: check
+CVE-2026-54059 (Pillow is a Python imaging library. Prior to 12.3.0,
PIL/PcfFontFile.p ...)
+ TODO: check
+CVE-2026-53913 (Improper Authentication, Missing Authentication for Critical
Function, ...)
+ TODO: check
+CVE-2026-4249 (The throttling event handling mechanism in multiple WSO2
products acce ...)
+ TODO: check
+CVE-2026-49365 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
+ TODO: check
+CVE-2026-49099 (Improper Neutralization of Special Elements in Output Used by
a Downst ...)
+ TODO: check
+CVE-2026-49098 (Improper Input Validation, Improper Neutralization of Special
Elements ...)
+ TODO: check
+CVE-2026-49097 (Improper Input Validation, Improper Neutralization of Special
Elements ...)
+ TODO: check
+CVE-2026-49086 (Improper Input Validation, Unintended Proxy or Intermediary
('Confused ...)
+ TODO: check
+CVE-2026-49042 (Improper Input Validation vulnerability in Apache Camel. This
issue a ...)
+ TODO: check
+CVE-2026-48614 (An improper authorization vulnerability in the Plesk XML API
allows an ...)
+ TODO: check
+CVE-2026-48316 (ColdFusion versions 2025.9, 2023.20 and earlier are affected
by an Imp ...)
+ TODO: check
+CVE-2026-48206 (Improper Input Validation, Authorization Bypass Through
User-Controlle ...)
+ TODO: check
+CVE-2026-48205 (Improper Input Validation, Server-Side Request Forgery (SSRF)
vulnerab ...)
+ TODO: check
+CVE-2026-48204 (Improper Input Validation, Improper Access Control
vulnerability in Ap ...)
+ TODO: check
+CVE-2026-48203 (Improper Neutralization of Special Elements in Output Used by
a Downst ...)
+ TODO: check
+CVE-2026-46726 (Improper Input Validation, Exposure of Sensitive Information
to an Una ...)
+ TODO: check
+CVE-2026-46592 (Improper Input Validation, Unintended Proxy or Intermediary
('Confused ...)
+ TODO: check
+CVE-2026-46591 (Improper Neutralization of Special Elements in Data Query
Logic vulner ...)
+ TODO: check
+CVE-2026-46590 (Deserialization of Untrusted Data vulnerability in Apache
Camel PQC co ...)
+ TODO: check
+CVE-2026-46588 (Improper Input Validation vulnerability in Apache Camel. This
issue a ...)
+ TODO: check
+CVE-2026-46587 (Improper Input Validation vulnerability in Apache Camel. This
issue a ...)
+ TODO: check
+CVE-2026-46585 (Improper Input Validation, Authorization Bypass Through
User-Controlle ...)
+ TODO: check
+CVE-2026-46584 (Improper Input Validation, Exposure of Sensitive Information
to an Una ...)
+ TODO: check
+CVE-2026-46457 (Improper Input Validation vulnerability in Apache Camel NATS
component ...)
+ TODO: check
+CVE-2026-46456 (Improper Input Validation vulnerability in Apache Camel
AWS2-SQS Compo ...)
+ TODO: check
+CVE-2026-46455 (Insufficient Session Expiration vulnerability in Apache Camel
Keycloak ...)
+ TODO: check
+CVE-2026-46454 (Improper Input Validation vulnerability in Apache Camel Cometd
Compone ...)
+ TODO: check
+CVE-2026-46453 (Improper Input Validation, Authorization Bypass Through
User-Controlle ...)
+ TODO: check
+CVE-2026-44937 (Potential forgery of webhook requests when using a
unauthenticated web ...)
+ TODO: check
+CVE-2026-44936 (Missing filtering when the helmRepoURLRegex field isn't set on
a GitRe ...)
+ TODO: check
+CVE-2026-44934 (A information disclosure when DEBUG loglevel is set in SUSE
Rancher AI ...)
+ TODO: check
+CVE-2026-43867 (Deserialization of Untrusted Data vulnerability in Apache
Camel PQC Co ...)
+ TODO: check
+CVE-2026-43866 (Deserialization of Untrusted Data vulnerability in Apache
Camel, Apach ...)
+ TODO: check
+CVE-2026-43865 (Deserialization of Untrusted Data vulnerability in Apache
Camel Hazelc ...)
+ TODO: check
+CVE-2026-43825 (Untrusted Java Deserialization in Apache OpenNLP
SvmDoccatModel Versi ...)
+ TODO: check
+CVE-2026-42527 (Deserialization of Untrusted Data vulnerability in Apache
Camel. The ...)
+ TODO: check
+CVE-2026-41434 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
+ TODO: check
+CVE-2026-40859 (Deserialization of Untrusted Data vulnerability in Apache
Camel. The ...)
+ TODO: check
+CVE-2026-40257 (OP-TEE is a Trusted Execution Environment (TEE) designed as
companion ...)
+ TODO: check
+CVE-2026-40141 (A high-severity vulnerability exists in a web application
component of ...)
+ TODO: check
+CVE-2026-40140 (BeyondTrust Remote Support and Privileged Remote Access
contain a high ...)
+ TODO: check
+CVE-2026-40139 (A critical pre-authentication vulnerability exists in the
authenticati ...)
+ TODO: check
+CVE-2026-40138 (A critical pre-authentication vulnerability exists in the
authenticati ...)
+ TODO: check
+CVE-2026-40047 (Improper Neutralization of Argument Delimiters in a Command
('Argument ...)
+ TODO: check
+CVE-2026-24014 (Apache IoTDB DataNode\u2019s internal RPC interface for
creating Trigg ...)
+ TODO: check
+CVE-2026-24013 (Authentication Bypass by Spoofing vulnerability in Apache
IoTDB. Certa ...)
+ TODO: check
+CVE-2026-24012 (Uncontrolled Resource Consumption vulnerability in Apache
IoTDB. Some ...)
+ TODO: check
+CVE-2026-1433 (uniFLOW Universal Login Manager (ULM) Standalone contains an
informati ...)
+ TODO: check
+CVE-2026-14809 (Prog Management System developed by PROG MIS has a SQL
Injection vulne ...)
+ TODO: check
+CVE-2026-14808 (Prog Management System developed by PROG MIS has a Exposure
of Sensi ...)
+ TODO: check
+CVE-2026-14807 (ERP App developed by PROG MIS has a Use of Hard-coded
Credentials vuln ...)
+ TODO: check
+CVE-2026-14802 (A vulnerability was detected in react create-react-app up to
5.0.1 on ...)
+ TODO: check
+CVE-2026-14801 (A security vulnerability has been detected in GPAC
26.03-DEV-rev342-g8 ...)
+ TODO: check
+CVE-2026-14800 (A weakness has been identified in imhamzaazam ecommerceFlask
up to cb7 ...)
+ TODO: check
+CVE-2026-13753 (A missing authorization vulnerability exists in the embedded
webserver ...)
+ TODO: check
+CVE-2026-12686 (An authenticated user could manipulate a company ID parameter
in a POS ...)
+ TODO: check
+CVE-2026-12154 (The Reviews Widgets for Google, Yelp & TripAdvisor plugin for
WordPres ...)
+ TODO: check
+CVE-2026-12083 (The Admin and Site Enhancements (ASE) WordPress plugin before
8.8.4, a ...)
+ TODO: check
+CVE-2026-11962 (The FileOrganizer WordPress plugin before 1.2.0 does not
validate the ...)
+ TODO: check
+CVE-2026-11855 (The Simple Membership WordPress plugin before 4.7.5 does not
verify th ...)
+ TODO: check
+CVE-2026-11766 (The Ultimate Member WordPress plugin before 2.12.0 does not
properly ...)
+ TODO: check
+CVE-2026-10830 (The AllCoach WordPress plugin before 1.0.2 does not verify
that an em ...)
+ TODO: check
+CVE-2025-8591 (The software accepts user-supplied input via a URL parameter
without a ...)
+ TODO: check
+CVE-2025-53831 (DrawIO for ownCloud is an application for using DrawIO with
the file s ...)
+ TODO: check
+CVE-2025-53830 (Anti-Virus for ownCloud is an anti-virus application for file
storage, ...)
+ TODO: check
+CVE-2025-53829 (ownCloud is a file storage, synchronization, and sharing
application. ...)
+ TODO: check
+CVE-2025-53828 (SharePoint for ownCloud is an application for using SharePoint
with th ...)
+ TODO: check
+CVE-2025-53827 (ownCloud Core is the server-side component of the file
storage, synchr ...)
+ TODO: check
+CVE-2025-15668 (A vulnerability was identified in GPAC up to b40ce70f5. This
issue aff ...)
+ TODO: check
+CVE-2025-15667 (A vulnerability was determined in GPAC up to 2.5-DEV. This
vulnerabili ...)
+ TODO: check
+CVE-2024-6228 (The Notifications for Forms & WordPress Actions WordPress
plugin befor ...)
+ TODO: check
CVE-2026-XXXX [RUSTSEC-2026-0190]
- rust-anyhow <unfixed> (bug #1141593)
NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0190.html
@@ -11,11 +205,11 @@ CVE-2026-XXXX [RUSTSEC-2026-0194]
NOTE: https://github.com/tafia/quick-xml/issues/969
NOTE: https://github.com/tafia/quick-xml/pull/971
NOTE:
https://github.com/tafia/quick-xml/commit/07f3db8343cf152f5bc3483ef5b3164582489bea
(v0.41.0)
-CVE-2026-13708
+CVE-2026-13708 (Imager::File::JPEG versions before 1.003 for Perl leak heap
memory whe ...)
- libimager-perl <unfixed> (bug #1141587)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/41572486/
NOTE: Fixed by:
https://github.com/tonycoz/imager/commit/9f1c485ca3ee15dc261549e11afb356866552c3a
(v1.032)
-CVE-2026-13705
+CVE-2026-13705 (Imager versions before 1.032 for Perl have a heap
out-of-bounds read i ...)
- libimager-perl <unfixed> (bug #1141587)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/41572386/
NOTE: Fixed by:
https://github.com/tonycoz/imager/commit/f28de02770dfc26ffbdc32048970ed84babbf730
(v1.032)
@@ -436,7 +630,7 @@ CVE-2026-53359 (In the Linux kernel, the following
vulnerability has been resolv
- linux 7.1.3-1
NOTE:
https://git.kernel.org/linus/81ccda30b4e83d8f5cc4fd50503c44e3a33abfeb (7.2-rc1)
NOTE: https://github.com/V4bel/Januscape
-CVE-2026-49297
+CVE-2026-49297 (Apache Airflow's Google provider operators `GCSToSFTPOperator`
and `GC ...)
NOT-FOR-US: Airflow provider
CVE-2026-54161
- nut <unfixed>
@@ -1025,7 +1219,7 @@ CVE-2026-58381 (A flaw was found in GIMP's PSP file
format parser. A double-free
- gimp 3.2.4-1
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/work_items/16207
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/b22e147b9dac6a57c50f3162262aa18fa1b1e210
(GIMP_3_2_4)
-CVE-2026-13698
+CVE-2026-13698 (A memory leak in OpenVPN version 2.5.0 through 2.5.11, 2.6.0
through 2 ...)
{DSA-6376-1 DLA-4666-1}
- openvpn 2.7.5-1
NOTE: Fixed by:
https://github.com/OpenVPN/openvpn/commit/b005e4709ce1afbee7c571788cffd915280d646e
(v2.7.5)
@@ -1037,7 +1231,7 @@ CVE-2026-12932
{DSA-6376-1 DLA-4666-1}
- openvpn 2.7.5-1
NOTE: Fixed by:
https://github.com/OpenVPN/openvpn/commit/19c9ad5bb75942f66608d2ae28c0614a0a5c6073
(v2.7.5)
-CVE-2026-13122
+CVE-2026-13122 (OpenVPN version 2.6.0 through 2.6.20 and 2.7_alpha1 through
2.7.4 allo ...)
{DSA-6376-1 DLA-4666-1}
- openvpn 2.7.5-1
NOTE: Fixed by:
https://github.com/OpenVPN/openvpn/commit/010b6c833b7fdbe889c0c7f8fc33f588a658b81f
(v2.7.5)
@@ -1580,218 +1774,218 @@ CVE-2026-14440 (Description: To issue and renew
TLS certificates on behalf o
CVE-2026-14439 (A path traversal vulnerability exists in the Git Service
component sha ...)
NOT-FOR-US: Altium
CVE-2026-14432 (Use after free in V8 in Google Chrome prior to 150.0.7871.46
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14431 (Type Confusion in V8 in Google Chrome prior to 150.0.7871.46
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14430 (Integer overflow in V8 in Google Chrome prior to 150.0.7871.46
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14429 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14428 (Insufficient validation of untrusted input in Dawn in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14427 (Heap buffer overflow in Skia in Google Chrome prior to
150.0.7871.46 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14426 (Use after free in V8 in Google Chrome prior to 150.0.7871.46
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14425 (Use after free in ANGLE in Google Chrome prior to
150.0.7871.46 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14424 (Use after free in Dawn in Google Chrome on Mac prior to
150.0.7871.46 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14423 (Type Confusion in Tint in Google Chrome prior to 150.0.7871.46
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14422 (Out of bounds read and write in Tint in Google Chrome prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14421 (Uninitialized Use in Dawn in Google Chrome on ChromeOS prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14420 (Out of bounds read and write in Dawn in Google Chrome prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14419 (Use after free in Skia in Google Chrome prior to 150.0.7871.46
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14418 (Uninitialized Use in ANGLE in Google Chrome prior to
150.0.7871.46 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14417 (Use after free in Dawn in Google Chrome prior to 150.0.7871.46
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14416 (Out of bounds read in Dawn in Google Chrome prior to
150.0.7871.46 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14415 (Inappropriate implementation in V8 in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14414 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14413 (Uninitialized Use in ANGLE in Google Chrome prior to
150.0.7871.46 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14412 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14411 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14410 (Inappropriate implementation in Skia in Google Chrome prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14409 (Inappropriate implementation in V8 in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14408 (Uninitialized Use in Dawn in Google Chrome prior to
150.0.7871.46 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14407 (Inappropriate implementation in V8 in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14406 (Out of bounds read in V8 in Google Chrome prior to
150.0.7871.46 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14405 (Uninitialized Use in V8 in Google Chrome prior to
150.0.7871.46 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14404 (Inappropriate implementation in PDFium in Google Chrome prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14403 (Use after free in V8 in Google Chrome prior to 150.0.7871.46
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14402 (Uninitialized Use in ANGLE in Google Chrome on Windows prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14401 (Insufficient validation of untrusted input in ANGLE in Google
Chrome o ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14400 (Out of bounds write in ANGLE in Google Chrome prior to
150.0.7871.46 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14399 (Uninitialized Use in Dawn in Google Chrome prior to
150.0.7871.46 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14398 (Use after free in ANGLE in Google Chrome prior to
150.0.7871.46 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14397 (Out of bounds write in ANGLE in Google Chrome on Mac prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14396 (Out of bounds read in ANGLE in Google Chrome prior to
150.0.7871.46 al ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14395 (Out of bounds write in V8 in Google Chrome prior to
150.0.7871.46 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14394 (Use after free in V8 in Google Chrome prior to 150.0.7871.46
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14393 (Use after free in V8 in Google Chrome prior to 150.0.7871.46
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14392 (Out of bounds write in Tint in Google Chrome prior to
150.0.7871.46 al ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14391 (Integer overflow in ANGLE in Google Chrome on Windows prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14390 (Use after free in ANGLE in Google Chrome prior to
150.0.7871.46 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14389 (Integer overflow in Skia in Google Chrome prior to
150.0.7871.46 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14388 (Out of bounds read in ANGLE in Google Chrome prior to
150.0.7871.46 al ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14387 (Integer overflow in Skia in Google Chrome prior to
150.0.7871.46 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-2
CVE-2026-14386 (Out of bounds read in ANGLE in Google Chrome prior to
150.0.7871.46 al ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14385 (Heap buffer overflow in ANGLE in Google Chrome on Mac prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14384 (Out of bounds read in ANGLE in Google Chrome on Windows prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14383 (Inappropriate implementation in V8 in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14382 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14381 (Incorrect security UI in WebAppInstalls in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14363 (Improper neutralization of special elements used in an SQL
command ('S ...)
@@ -2860,1537 +3054,1538 @@ CVE-2026-56016 (CGI::Session::ID::md5 versions
before 4.49 for Perl generate pre
[trixie] - libcgi-session-perl <no-dsa> (Minor issue)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/41439279/
CVE-2026-13774 (Use after free in Extensions in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13775 (Use after free in GPU in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13776 (Type Confusion in Dawn in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13777 (Insufficient validation of untrusted input in iOSWeb in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13778 (Use after free in WebUSB in Google Chrome on Mac prior to
150.0.7871.4 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13779 (Use after free in Chromoting in Google Chrome on ChromeOS
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13780 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13781 (Insufficient validation of untrusted input in Skia in Google
Chrome pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-1
CVE-2026-13782 (Use after free in Browser in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13783 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13784 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13785 (Use after free in Bluetooth in Google Chrome on Mac prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13786 (Use after free in Ozone in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13787 (Use after free in Chromoting in Google Chrome on Windows prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13788 (Use after free in Fullscreen in Google Chrome on Android prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13789 (Use after free in GPU in Google Chrome prior to 150.0.7871.47
allowed ...)
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13790 (Side-channel information leakage in Scroll in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13791 (Insufficient validation of untrusted input in Downloads in
Google Chro ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13792 (Use after free in Touchbar in Google Chrome on Mac prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13793 (Insufficient policy enforcement in SVG in Google Chrome prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13794 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13795 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13796 (Integer overflow in Chromecast in Google Chrome prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13797 (Insufficient validation of untrusted input in Chromecast in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13798 (Heap buffer overflow in Chromecast in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13799 (Use after free in QUIC in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13800 (Inappropriate implementation in Updater in Google Chrome on
Windows pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13801 (Integer overflow in Chromecast in Google Chrome prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13802 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13803 (Type Confusion in Chrome Tabs in Google Chrome prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13804 (Use after free in Chromecast in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13805 (Use after free in GFX in Google Chrome on Mac prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13806 (Insufficient validation of untrusted input in Accessibility in
Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13807 (Use after free in Import in Google Chrome on iOS prior to
150.0.7871.4 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13808 (Insufficient data validation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13809 (Side-channel information leakage in Safe Browsing in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13810 (Inappropriate implementation in Input in Google Chrome on
Linux prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13811 (Use after free in IME in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13812 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13813 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13814 (Use after free in Views in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13815 (Use after free in Blink in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13816 (Insufficient validation of untrusted input in File Input in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13817 (Insufficient validation of untrusted input in Glic in Google
Chrome pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13818 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13819 (Out of bounds read in ANGLE in Google Chrome on Mac prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13820 (Out of bounds read in Skia in Google Chrome on Mac prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-1
CVE-2026-13821 (Use after free in Canvas in Google Chrome prior to
150.0.7871.47 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13822 (Inappropriate implementation in Extensions in Google Chrome on
Android ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13823 (Use after free in Glic in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13824 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13825 (Uninitialized Use in Dawn in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13826 (Inappropriate implementation in Autofill in Google Chrome on
Android p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13827 (Use after free in Updater in Google Chrome on Mac prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13828 (Inappropriate implementation in Enterprise in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13829 (Insufficient validation of untrusted input in Settings in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13830 (Use after free in Chromoting in Google Chrome on Linux prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13831 (Out of bounds read and write in GPU in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13832 (Use after free in Headless in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13833 (Uninitialized Use in ANGLE in Google Chrome on Mac prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13834 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13835 (Inappropriate implementation in XML in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13836 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13837 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13838 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13839 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13840 (Insufficient policy enforcement in Canvas in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13841 (Integer overflow in Skia in Google Chrome prior to
150.0.7871.47 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-1
CVE-2026-13842 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13843 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13844 (Use after free in Updater in Google Chrome on Windows prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13845 (Use after free in DOM in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13846 (Use after free in USB in Google Chrome on Mac prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13847 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13848 (Use after free in Forms in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13849 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13850 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13851 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13852 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13853 (Use after free in Journeys in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13854 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13855 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13856 (Insufficient validation of untrusted input in Speech in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13857 (Inappropriate implementation in Geometry in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13858 (Out of bounds read in FFmpeg in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- ffmpeg <unfixed>
[trixie] - ffmpeg <postponed> (Wait until fixed in 7.1.x upstream
branch)
CVE-2026-13859 (Inappropriate implementation in ANGLE in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13860 (Incorrect security UI in Autofill in Google Chrome on Windows
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13861 (Use after free in Core in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13862 (Insufficient policy enforcement in Web Authentication
(Passkeys & Secu ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13863 (Insufficient validation of untrusted input in CustomTabs in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13864 (Insufficient policy enforcement in WebHID in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13865 (Insufficient validation of untrusted input in Enterprise in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13866 (Inappropriate implementation in Input in Google Chrome on
Android prio ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13867 (Inappropriate implementation in Geolocation in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13868 (Inappropriate implementation in Network in Google Chrome on
Android pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13869 (Use after free in Device in Google Chrome on Windows prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13870 (Use after free in WebView in Google Chrome on Android prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13871 (Insufficient policy enforcement in GuestView in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13872 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13873 (Out of bounds read in Layout in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13874 (Race in DataTransfer in Google Chrome prior to 150.0.7871.47
allowed a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13875 (Insufficient validation of untrusted input in GPU in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13876 (Inappropriate implementation in Network in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13877 (Insufficient validation of untrusted input in ANGLE in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13878 (Use after free in Bluetooth in Google Chrome on Mac prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13879 (Use after free in Bluetooth in Google Chrome prior to
150.0.7871.47 al ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13880 (Use after free in USB in Google Chrome on Mac prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13881 (Inappropriate implementation in WebAppInstalls in Google
Chrome prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13882 (Race in USB in Google Chrome prior to 150.0.7871.47 allowed a
remote a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13883 (Type Confusion in ANGLE in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13884 (Integer overflow in Chromecast in Google Chrome prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13885 (Use after free in Skia in Google Chrome on Android prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-1
CVE-2026-13886 (Insufficient policy enforcement in Isolated Web Apps in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13887 (Inappropriate implementation in NFC in Google Chrome on
Android prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13888 (Use after free in Extensions in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13889 (Side-channel information leakage in WebAuthentication in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13890 (Out of bounds read in Chromecast in Google Chrome prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13891 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13892 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13893 (Insufficient validation of untrusted input in WebUI in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13894 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13895 (Inappropriate implementation in Autofill in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13896 (Insufficient policy enforcement in Glic in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13897 (Insufficient policy enforcement in Chromecast in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13898 (Use after free in Cast Receiver in Google Chrome prior to
150.0.7871.4 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13899 (Use after free in HTML in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13900 (Inappropriate implementation in Chromecast in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13901 (Insufficient policy enforcement in Serial in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13902 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13903 (Insufficient policy enforcement in Bluetooth in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13904 (Inappropriate implementation in Safe Browsing in Google Chrome
on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13905 (Race in Chrome for iOS in Google Chrome on iOS prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13906 (Out of bounds read in Codecs in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13907 (Inappropriate implementation in iOSWeb in Google Chrome on iOS
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13908 (Insufficient validation of untrusted input in Omnibox in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13909 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13910 (Insufficient policy enforcement in WebXR in Google Chrome on
Android p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13911 (Insufficient policy enforcement in Spellcheck in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13912 (Inappropriate implementation in Safe Browsing in Google Chrome
on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13913 (Insufficient policy enforcement in Autofill in Google Chrome
on iOS pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13914 (Inappropriate implementation in Passwords in Google Chrome on
Mac prio ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13915 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13916 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13917 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13918 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13919 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13920 (Insufficient validation of untrusted input in Media in Google
Chrome o ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13921 (Insufficient validation of untrusted input in
DeviceBoundSessionCreden ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13922 (Side-channel information leakage in Paint in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13923 (Uninitialized Use in GPU in Google Chrome on Android prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13924 (Insufficient validation of untrusted input in WebView in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13925 (Inappropriate implementation in Downloads in Google Chrome on
Windows ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13926 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13927 (Insufficient validation of untrusted input in UI in Google
Chrome on A ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13928 (Insufficient validation of untrusted input in Enterprise in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13929 (Insufficient policy enforcement in DevTools in Google Chrome
on Androi ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13930 (Insufficient policy enforcement in Actor in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13931 (Inappropriate implementation in Media in Google Chrome on
Windows prio ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13932 (Inappropriate implementation in Sharing in Google Chrome on
Android pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13933 (Insufficient policy enforcement in Passwords in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13934 (Insufficient validation of untrusted input in Dawn in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13935 (Side-channel information leakage in ComputePressure in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13936 (Inappropriate implementation in Passwords in Google Chrome on
Android ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13937 (Insufficient policy enforcement in Passwords in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13938 (Integer overflow in Fonts in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13939 (Insufficient validation of untrusted input in WebShare in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13940 (Uninitialized Use in Cast in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13941 (Inappropriate implementation in SiteSettings in Google Chrome
on Andro ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13942 (Inappropriate implementation in Video Capture in Google Chrome
on Chro ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13943 (Uninitialized Use in CSS in Google Chrome on Android prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13944 (Inappropriate implementation in DataTransfer in Google Chrome
on Mac p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13945 (Insufficient policy enforcement in Extensions in Google Chrome
on Linu ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13946 (Inappropriate implementation in ScriptInjections in Google
Chrome on i ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13947 (Uninitialized Use in XR in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13948 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13949 (Insufficient policy enforcement in Payments in Google Chrome
on Androi ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13950 (Uninitialized Use in GPU in Google Chrome prior to
150.0.7871.47 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13951 (Insufficient policy enforcement in USB in Google Chrome prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13952 (Inappropriate implementation in PerformanceAPIs in Google
Chrome prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13953 (Inappropriate implementation in SplitView in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13954 (Insufficient policy enforcement in XML in Google Chrome on
Android pri ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13955 (Insufficient validation of untrusted input in CustomTabs in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13956 (Incorrect security UI in PageInfo in Google Chrome prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13957 (Incorrect security UI in Extensions in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13958 (Uninitialized Use in Codecs in Google Chrome on Windows prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13959 (Insufficient validation of untrusted input in Blink in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13960 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13961 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13962 (Insufficient data validation in PDF in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13963 (Inappropriate implementation in DevTools in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13964 (Insufficient policy enforcement in WebView in Google Chrome on
Android ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13965 (Use after free in Oilpan in Google Chrome prior to
150.0.7871.47 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13966 (Inappropriate implementation in History in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13967 (Heap buffer overflow in V8 in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13968 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13969 (Uninitialized Use in UI in Google Chrome on Android prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13970 (Uninitialized Use in Media in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13971 (Uninitialized Use in Skia in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
- libskia 146.20260602~git.3476902+dfsg-1
CVE-2026-13972 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13973 (Inappropriate implementation in UI in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13974 (Integer overflow in Safe Browsing in Google Chrome on Mac
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13975 (Out of bounds read in ANGLE in Google Chrome on Mac prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13976 (Insufficient data validation in Storage in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13977 (Inappropriate implementation in HTMLParser in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13978 (Insufficient policy enforcement in PageInfo in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13979 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13980 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13981 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13982 (Incorrect security UI in Passwords in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13983 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13984 (Incorrect security UI in TabStrip in Google Chrome prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13985 (Inappropriate implementation in MediaCapture in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13986 (Inappropriate implementation in Media UI in Google Chrome on
ChromeOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13987 (Incorrect security UI in Mobile in Google Chrome on Android
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13988 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13989 (Inappropriate implementation in PageInfo in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13990 (Insufficient validation of untrusted input in DataTransfer in
Google C ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13991 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13992 (Inappropriate implementation in UI in Google Chrome on Mac
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13993 (Incorrect security UI in WebAppInstalls in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13994 (Inappropriate implementation in Credential Management in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13995 (Insufficient validation of untrusted input in Autofill in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13996 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13997 (Incorrect security UI in Extensions in Google Chrome on
Android prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13998 (Incorrect security UI in File Input in Google Chrome on Mac
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13999 (Insufficient validation of untrusted input in Extensions in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14000 (Inappropriate implementation in XML in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14001 (Inappropriate implementation in Network in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14002 (Inappropriate implementation in Geolocation in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14003 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14004 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14005 (Use after free in Omnibox in Google Chrome on Android prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14006 (Use after free in Navigation in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14007 (Insufficient policy enforcement in PermissionsPolicy in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14008 (Uninitialized Use in WebXR in Google Chrome on Android prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14009 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14010 (Uninitialized Use in Codecs in Google Chrome on Windows prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14011 (Out of bounds read in SurfaceCapture in Google Chrome prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14012 (Side-channel information leakage in CSS in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14013 (Inappropriate implementation in SVG in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14014 (Inappropriate implementation in Paint in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14015 (Race in WebRTC in Google Chrome on Windows prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14016 (Inappropriate implementation in SVG in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14017 (Inappropriate implementation in Navigation in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14018 (Use after free in Updater in Google Chrome on Windows prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14019 (Inappropriate implementation in Passwords in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14020 (Insufficient validation of untrusted input in WebXR in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14021 (Insufficient policy enforcement in StorageAccessAPI in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14022 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14023 (Insufficient validation of untrusted input in SanitizerAPI in
Google C ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14024 (Use after free in Ozone in Google Chrome on Linux prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14025 (Use after free in Views in Google Chrome on Mac prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14026 (Incorrect security UI in SplitView in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14027 (Use after free in SignIn in Google Chrome prior to
150.0.7871.47 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14028 (Incorrect security UI in Chrome for iOS in Google Chrome on
iOS prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14030 (Inappropriate implementation in SplitView in Google Chrome on
Linux pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14031 (Inappropriate implementation in File Input in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14032 (Use after free in Bluetooth in Google Chrome on Mac prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14033 (Insufficient policy enforcement in Media in Google Chrome on
Windows p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14034 (Inappropriate implementation in WebXR in Google Chrome on
Android prio ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14035 (Insufficient policy enforcement in Bluetooth in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14036 (Insufficient policy enforcement in Bluetooth in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14037 (Insufficient policy enforcement in GPU in Google Chrome prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14038 (Insufficient validation of untrusted input in New Tab Page in
Google C ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14039 (Insufficient policy enforcement in GetUserMedia in Google
Chrome prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14040 (Use after free in BrowserTag in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14041 (Insufficient policy enforcement in Serial in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14042 (Inappropriate implementation in Isolated Web Apps in Google
Chrome pri ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14043 (Use after free in GetUserMedia in Google Chrome prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14044 (Use after free in ANGLE in Google Chrome prior to
150.0.7871.47 allowe ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14045 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14046 (Inappropriate implementation in CustomTabs in Google Chrome on
Android ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14047 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14048 (Use after free in Chromecast in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14049 (Inappropriate implementation in GPU in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14050 (Insufficient policy enforcement in Passwords in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14051 (Uninitialized Use in GamepadAPI in Google Chrome prior to
150.0.7871.4 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14052 (Insufficient policy enforcement in FileSystem in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14053 (Insufficient policy enforcement in Extensions in Google Chrome
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14054 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14055 (Insufficient validation of untrusted input in Device Trust in
Google C ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14056 (Insufficient validation of untrusted input in Media in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14057 (Inappropriate implementation in FedCM in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14058 (Insufficient policy enforcement in Parser in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14059 (Insufficient policy enforcement in Related-Website-Sets in
Google Chro ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14060 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14061 (Inappropriate implementation in Dawn in Google Chrome prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14062 (Inappropriate implementation in Views in Google Chrome on
ChromeOS pri ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14063 (Out of bounds read in Chromecast in Google Chrome prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14064 (Use after free in PageInfo in Google Chrome on Android prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14065 (Insufficient validation of untrusted input in PageInfo in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14066 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14067 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14068 (Inappropriate implementation in Omnibox in Google Chrome on
iOS prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14069 (Integer overflow in WebNN in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14070 (Integer overflow in WebNN in Google Chrome prior to
150.0.7871.47 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14071 (Side-channel information leakage in WebAudio in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14072 (Inappropriate implementation in SplitView in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14073 (Insufficient validation of untrusted input in WebXR in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14074 (Side-channel information leakage in WebAuthentication in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14075 (Insufficient policy enforcement in Chrome for iOS in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14076 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14077 (Inappropriate implementation in Select in Google Chrome on Mac
prior t ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14078 (Insufficient validation of untrusted input in WebRTC in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14079 (Insufficient policy enforcement in Network in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14080 (Insufficient validation of untrusted input in TabSwitcher in
Google Ch ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14081 (Insufficient policy enforcement in DevTools in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14082 (Race in Storage in Google Chrome prior to 150.0.7871.47
allowed a remo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14083 (Insufficient validation of untrusted input in HTML in Google
Chrome pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14084 (Insufficient validation of untrusted input in Chromoting in
Google Chr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14085 (Side-channel information leakage in CSS in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14086 (Insufficient policy enforcement in HID in Google Chrome prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14087 (Heap buffer overflow in WebNN in Google Chrome on Windows
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14088 (Uninitialized Use in Canvas in Google Chrome on Android prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14089 (Insufficient validation of untrusted input in PopupBlocker in
Google C ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14090 (Insufficient validation of untrusted input in CameraCapture in
Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14091 (Use after free in DevTools in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14092 (Insufficient policy enforcement in Privacy in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14093 (Use after free in Cast in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14094 (Use after free in Installer in Google Chrome on Windows prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14095 (Insufficient policy enforcement in Browser in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14096 (Inappropriate implementation in Input in Google Chrome on
Android prio ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14097 (Inappropriate implementation in WebAppInstalls in Google
Chrome on Mac ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14098 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14099 (Use after free in Chrome for iOS in Google Chrome on iOS prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14100 (Insufficient data validation in NetworkCache in Google Chrome
prior to ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14101 (Insufficient policy enforcement in Sandbox in Google Chrome on
Mac pri ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14102 (Use after free in Passwords in Google Chrome prior to
150.0.7871.47 al ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14103 (Use after free in SSL in Google Chrome on ChromeOS prior to
150.0.7871 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14104 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14105 (Insufficient policy enforcement in Speech in Google Chrome
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14106 (Insufficient validation of untrusted input in Text in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14107 (Use after free in Scheduling in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14108 (Use after free in PDFium in Google Chrome prior to
150.0.7871.47 allow ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14109 (Insufficient policy enforcement in Mojo in Google Chrome prior
to 150. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14110 (Inappropriate implementation in DarkMode in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14111 (Use after free in WebProtect in Google Chrome prior to
150.0.7871.47 a ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14112 (Inappropriate implementation in Enterprise in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14113 (Use after free in Updater in Google Chrome on Windows prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14114 (Inappropriate implementation in WebAppInstalls in Google
Chrome on And ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14115 (Insufficient validation of untrusted input in Cast in Google
Chrome pr ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14116 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14117 (Insufficient validation of untrusted input in DevTools in
Google Chrom ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14118 (Insufficient data validation in DevTools in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14119 (Type Confusion in Bluetooth in Google Chrome on Windows prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14120 (Inappropriate implementation in DevTools in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14121 (Use after free in Chromoting in Google Chrome on Linux prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14122 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14123 (Incorrect security UI in Chrome for iOS in Google Chrome on
iOS prior ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14124 (Inappropriate implementation in CredentialProvider in Google
Chrome on ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14125 (Uninitialized Use in ANGLE in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14126 (Incorrect security UI in UI in Google Chrome on Android prior
to 150.0 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14127 (Inappropriate implementation in Printing in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14128 (Inappropriate implementation in Chrome for iOS in Google
Chrome on iOS ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14129 (Inappropriate implementation in PreviewTab in Google Chrome on
Android ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14130 (Incorrect security UI in Omnibox in Google Chrome prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14131 (Insufficient validation of untrusted input in WebAppInstalls
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14132 (Inappropriate implementation in WebXR in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14133 (Race in History Embeddings in Google Chrome prior to
150.0.7871.47 all ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14134 (Inappropriate implementation in Autofill in Google Chrome on
Android p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14135 (Insufficient validation of untrusted input in Network in
Google Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14136 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14137 (Insufficient validation of untrusted input in Chrome for iOS
in Google ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14138 (Inappropriate implementation in WebAppInstalls in Google
Chrome on Win ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14139 (Inappropriate implementation in TabStrip in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14140 (Insufficient validation of untrusted input in Input in Google
Chrome o ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14141 (Incorrect security UI in Document Picture-in-Picture in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14142 (Inappropriate implementation in Extensions in Google Chrome
prior to 1 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14143 (Incorrect security UI in Passwords in Google Chrome on iOS
prior to 15 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14144 (Incorrect security UI in Views in Google Chrome prior to
150.0.7871.47 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14145 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14146 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14147 (Inappropriate implementation in CSS in Google Chrome prior to
150.0.78 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14148 (Type Confusion in CSS in Google Chrome prior to 150.0.7871.47
allowed ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14149 (Use after free in Audio in Google Chrome on Linux prior to
150.0.7871. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14150 (Insufficient validation of untrusted input in Speech in Google
Chrome ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14151 (Inappropriate implementation in AI in Google Chrome prior to
150.0.787 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14152 (Out of bounds read and write in ANGLE in Google Chrome prior
to 150.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14153 (Inappropriate implementation in Glic in Google Chrome prior to
150.0.7 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14154 (Inappropriate implementation in DevTools in Google Chrome
prior to 150 ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14155 (Insufficient policy enforcement in StorageAccessAPI in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-14156 (Insufficient policy enforcement in StorageAccessAPI in Google
Chrome p ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-9711 (The EventON - WordPress Virtual Event Calendar Plugin plugin
for WordP ...)
@@ -6758,15 +6953,15 @@ CVE-2026-13322 (A flaw was found in KubeVirt's downward
metrics virtio-serial se
CVE-2026-13318 (A server-side request forgery (SSRF) flaw was found in
KubeVirt's virt ...)
NOT-FOR-US: KubeVirt
CVE-2026-13283 (Use after free in AdFilter in Google Chrome on Android prior
to 149.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13282 (Use after free in Payments in Google Chrome on Android prior
to 149.0. ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13281 (Integer overflow in Mojo in Google Chrome prior to
149.0.7827.201 allo ...)
- {DSA-6378-1}
+ {DSA-6378-1 DLA-4672-1}
- chromium 150.0.7871.46-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-13226 (The Groundhogg \u2014 CRM, Newsletters, and Marketing
Automation plugi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a2ef80e2e90d3691b11be1ce3e96293e915d65c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5a2ef80e2e90d3691b11be1ce3e96293e915d65c
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits