Vulnerability-Lookup

CVE-2026-5904 (GCVE-0-2026-5904)

Vulnerability from cvelistv5 – Published: 2026-04-08 21:21 – Updated: 2026-06-16 21:49

Determined a bug and not a vulnerability

Show details on NVD website

{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2026-06-16T21:49:29.952Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "Determined a bug and not a vulnerability"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2026-5904",
    "datePublished": "2026-04-08T21:21:00.932Z",
    "dateRejected": "2026-06-16T21:49:29.952Z",
    "dateReserved": "2026-04-08T19:34:43.875Z",
    "dateUpdated": "2026-06-16T21:49:29.952Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-5904",
      "date": "2026-06-16",
      "epss": "0.00154",
      "percentile": "0.04856"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-5904\",\"sourceIdentifier\":\"chrome-cve-admin@google.com\",\"published\":\"2026-04-08T22:16:30.287\",\"lastModified\":\"2026-04-13T21:13:50.300\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"chrome-cve-admin@google.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"147.0.7727.55\",\"matchCriteriaId\":\"9A68673A-1331-48AF-8860-53064F0AF310\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"387021A0-AF36-463C-A605-32EA7DAC172E\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"703AF700-7A70-47E2-BC3A-7FD03B3CA9C1\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://issues.chromium.org/issues/483851888\",\"source\":\"chrome-cve-admin@google.com\",\"tags\":[\"Issue Tracking\",\"Permissions Required\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"providerMetadata\": {\"orgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"shortName\": \"Chrome\", \"dateUpdated\": \"2026-06-16T21:49:29.952Z\"}, \"rejectedReasons\": [{\"lang\": \"en\", \"value\": \"Determined a bug and not a vulnerability\"}]}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-5904\", \"assignerOrgId\": \"ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28\", \"state\": \"REJECTED\", \"assignerShortName\": \"Chrome\", \"dateReserved\": \"2026-04-08T19:34:43.875Z\", \"datePublished\": \"2026-04-08T21:21:00.932Z\", \"dateUpdated\": \"2026-06-16T21:49:29.952Z\", \"dateRejected\": \"2026-06-16T21:49:29.952Z\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

CERTFR-2026-AVI-0407

Vulnerability from certfr_avis - Published: 2026-04-09 - Updated: 2026-04-09

De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Impacted products

	Vendor	Product	Description
	Google	Chrome	Chrome versions antérieures à 147.0.7727.55/56 pour Windows et Mac
	Google	Chrome	Chrome versions antérieures à 147.0.7727.55 pour Linux

References

Title

Publication Time

CERTFR-2026-AVI-0427

Vulnerability from certfr_avis - Published: 2026-04-13 - Updated: 2026-04-13

De multiples vulnérabilités ont été découvertes dans Microsoft Edge. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité et un problème de sécurité non spécifié par l'éditeur.

Solutions

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Microsoft	N/A	Microsoft Edge pour Android versions antérieures à 147.0.3912.60
	Microsoft	N/A	Microsoft Edge versions antérieures à 147.0.3912.60

References

Title

Publication Time

Tags

Bulletin de sécurité Microsoft Edge CVE-2026-5879	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5884	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5889	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5909	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5860	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5867	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5880	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5895	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5911	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5859	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5904	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5914	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5873	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5896	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5893	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5888	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5900	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5882	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5881	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5885	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5918	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5877	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5897	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5905	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5865	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5864	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5891	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5868	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5890	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5902	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5861	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5872	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5898	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5875	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5899	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5876	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-33119	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5869	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5878	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5871	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5892	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5874	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5887	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5886	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5862	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5907	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5858	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5901	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5915	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5883	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-33118	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5903	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5913	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5894	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5919	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5908	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5866	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5906	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5863	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5870	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5912	2026-04-10	vendor-advisory
Bulletin de sécurité Microsoft Edge CVE-2026-5910	2026-04-10	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Microsoft Edge pour Android versions ant\u00e9rieures \u00e0 147.0.3912.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    },
    {
      "description": "Microsoft Edge versions ant\u00e9rieures \u00e0 147.0.3912.60",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Microsoft",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
  "cves": [
    {
      "name": "CVE-2026-5879",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5879"
    },
    {
      "name": "CVE-2026-5872",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5872"
    },
    {
      "name": "CVE-2026-5905",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5905"
    },
    {
      "name": "CVE-2026-5902",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5902"
    },
    {
      "name": "CVE-2026-5875",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5875"
    },
    {
      "name": "CVE-2026-5914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5914"
    },
    {
      "name": "CVE-2026-5898",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5898"
    },
    {
      "name": "CVE-2026-5878",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5878"
    },
    {
      "name": "CVE-2026-5899",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5899"
    },
    {
      "name": "CVE-2026-5886",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5886"
    },
    {
      "name": "CVE-2026-5877",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5877"
    },
    {
      "name": "CVE-2026-5918",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5918"
    },
    {
      "name": "CVE-2026-5913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5913"
    },
    {
      "name": "CVE-2026-5867",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5867"
    },
    {
      "name": "CVE-2026-5897",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5897"
    },
    {
      "name": "CVE-2026-5876",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5876"
    },
    {
      "name": "CVE-2026-5881",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5881"
    },
    {
      "name": "CVE-2026-5880",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5880"
    },
    {
      "name": "CVE-2026-5896",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5896"
    },
    {
      "name": "CVE-2026-5868",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5868"
    },
    {
      "name": "CVE-2026-5903",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5903"
    },
    {
      "name": "CVE-2026-5882",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5882"
    },
    {
      "name": "CVE-2026-5904",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5904"
    },
    {
      "name": "CVE-2026-5911",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5911"
    },
    {
      "name": "CVE-2026-5871",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5871"
    },
    {
      "name": "CVE-2026-5883",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5883"
    },
    {
      "name": "CVE-2026-5909",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5909"
    },
    {
      "name": "CVE-2026-5895",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5895"
    },
    {
      "name": "CVE-2026-5912",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5912"
    },
    {
      "name": "CVE-2026-5894",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5894"
    },
    {
      "name": "CVE-2026-33118",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33118"
    },
    {
      "name": "CVE-2026-5863",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5863"
    },
    {
      "name": "CVE-2026-5893",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5893"
    },
    {
      "name": "CVE-2026-5858",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5858"
    },
    {
      "name": "CVE-2026-5908",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5908"
    },
    {
      "name": "CVE-2026-5869",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5869"
    },
    {
      "name": "CVE-2026-5885",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5885"
    },
    {
      "name": "CVE-2026-5864",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5864"
    },
    {
      "name": "CVE-2026-5861",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5861"
    },
    {
      "name": "CVE-2026-5874",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5874"
    },
    {
      "name": "CVE-2026-5919",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5919"
    },
    {
      "name": "CVE-2026-5906",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5906"
    },
    {
      "name": "CVE-2026-5889",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5889"
    },
    {
      "name": "CVE-2026-5887",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5887"
    },
    {
      "name": "CVE-2026-5860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5860"
    },
    {
      "name": "CVE-2026-5900",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5900"
    },
    {
      "name": "CVE-2026-5888",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5888"
    },
    {
      "name": "CVE-2026-5870",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5870"
    },
    {
      "name": "CVE-2026-5884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5884"
    },
    {
      "name": "CVE-2026-5891",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5891"
    },
    {
      "name": "CVE-2026-5866",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5866"
    },
    {
      "name": "CVE-2026-5865",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5865"
    },
    {
      "name": "CVE-2026-5907",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5907"
    },
    {
      "name": "CVE-2026-33119",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33119"
    },
    {
      "name": "CVE-2026-5892",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5892"
    },
    {
      "name": "CVE-2026-5859",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5859"
    },
    {
      "name": "CVE-2026-5910",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5910"
    },
    {
      "name": "CVE-2026-5915",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5915"
    },
    {
      "name": "CVE-2026-5873",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5873"
    },
    {
      "name": "CVE-2026-5890",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5890"
    },
    {
      "name": "CVE-2026-5862",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5862"
    },
    {
      "name": "CVE-2026-5901",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5901"
    }
  ],
  "initial_release_date": "2026-04-13T00:00:00",
  "last_revision_date": "2026-04-13T00:00:00",
  "links": [],
  "reference": "CERTFR-2026-AVI-0427",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2026-04-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Microsoft Edge. Elles permettent \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9 et un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Edge",
  "vendor_advisories": [
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5879",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5879"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5884",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5884"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5889",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5889"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5909",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5909"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5860",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5860"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5867",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5867"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5880",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5880"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5895",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5895"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5911",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5911"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5859",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5859"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5904",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5904"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5914",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5914"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5873",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5873"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5896",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5896"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5893",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5893"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5888",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5888"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5900",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5900"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5882",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5882"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5881",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5881"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5885",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5885"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5918",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5918"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5877",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5877"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5897",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5897"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5905",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5905"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5865",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5865"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5864",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5864"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5891",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5891"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5868",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5868"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5890",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5890"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5902",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5902"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5861",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5861"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5872",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5872"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5898",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5898"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5875",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5875"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5899",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5899"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5876",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5876"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-33119",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33119"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5869",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5869"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5878",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5878"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5871",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5871"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5892",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5892"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5874",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5874"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5887",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5887"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5886",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5886"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5862",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5862"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5907",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5907"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5858",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5858"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5901",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5901"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5915",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5915"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5883",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5883"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-33118",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-33118"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5903",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5903"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5913",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5913"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5894",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5894"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5919",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5919"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5908",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5908"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5866",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5866"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5906",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5906"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5863",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5863"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5870",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5870"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5912",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5912"
    },
    {
      "published_at": "2026-04-10",
      "title": "Bulletin de s\u00e9curit\u00e9 Microsoft Edge CVE-2026-5910",
      "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-5910"
    }
  ]
}

FKIE_CVE-2026-5904

Vulnerability from fkie_nvd - Published: 2026-04-08 22:16 - Updated: 2026-04-13 21:13

Severity

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Summary

Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)

References

	URL	Tags
	chrome-cve-admin@google.com	https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html	Release Notes, Vendor Advisory
	chrome-cve-admin@google.com	https://issues.chromium.org/issues/483851888	Issue Tracking, Permissions Required

Impacted products

Vendor	Product	Version
google	chrome	*
apple	macos	-
linux	linux_kernel	-
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A68673A-1331-48AF-8860-53064F0AF310",
              "versionEndExcluding": "147.0.7727.55",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)"
    }
  ],
  "id": "CVE-2026-5904",
  "lastModified": "2026-04-13T21:13:50.300",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-04-08T22:16:30.287",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Issue Tracking",
        "Permissions Required"
      ],
      "url": "https://issues.chromium.org/issues/483851888"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "chrome-cve-admin@google.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-416"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

GHSA-2H64-4PG7-RQ8P

Vulnerability from github – Published: 2026-04-09 00:32 – Updated: 2026-04-13 21:30

Details

Severity

8.8 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2026-5904"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-416"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-08T22:16:30Z",
    "severity": "HIGH"
  },
  "details": "Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)",
  "id": "GHSA-2h64-4pg7-rq8p",
  "modified": "2026-04-13T21:30:39Z",
  "published": "2026-04-09T00:32:00Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5904"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/483851888"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-5904 (GCVE-0-2026-5904)

CERTFR-2026-AVI-0407

Solutions

CERTFR-2026-AVI-0427

Solutions

FKIE_CVE-2026-5904

GHSA-2H64-4PG7-RQ8P

Tags

Sightings

Nomenclature